LATEST INTELLIGENCE
The 2019 audit data analysis was conducted by CyRC ’ s Belfast and Boston teams . The Boston big data research team maintains the Black Duck KnowledgeBase , analyzing and refining open source activity from thousands of data sources to identify the most significant open source projects in use . Our Belfast team identifies the impact of open source vulnerabilities and their exploitability . As well as validating data used in the OSSRA , the Belfast team ’ s work forms the basis of Black Duck Security Advisories ( BDSAs ), which offer enhanced vulnerability information that the team discovers , curates , analyzes , and publishes as a benefit for commercial Black Duck customers .
This year , the CyRC teams examined anonymized audit findings from over 1,250 commercial codebases in 17 industries , including Enterprise Software / SaaS ;
Healthcare , Health Tech , Life Sciences ; Financial Services & FinTech ; and Internet & Software Infrastructure ( please see the next page for a full list ).
As this report details , open source components and libraries are the foundation of literally every application in every industry .
The need to identify , track , and manage open source has increased exponentially with the growth of its use in commercial software . •
23