DevSecOpsFeaturedLinux & Open Source SecuritySecurityVideo

Why SolarWinds Should Open Source Its Code

0

Summary: How different things would have been if the source code of SolarWinds was fully open source?

If SolarWinds code-base was open source there is a potential that somebody would have caught it. Some might argue that if the code was open the bad actors would have seen it too and tried to inject the exploit into the code and submitted it as part of a build very easily. “But the process for a lot of open-source material is pretty rigorous. Especially when you start thinking about management kind of tools; people really dig into that. The odds that somebody would have flagged it and caught it is pretty significant,” said Ron Nixon, VP – Polyverse. And it’s more than just the SolarWinds themselves reviewing it, people who use that code including developers of big companies and government agencies would be reviewing it. So chances of that code getting caught its very high.

Login/Sign up