BLACK DUCK’S SECOND Open Source Security and Risk Analysis (OSSRA) provides an in-depth look at the state of open source security, compliance, and code-quality risk in commercial software.
Each year, Black Duck’s On-Demand audit services group conducts open source audits on thousands of applications for its customers – primarily in conjunction with merger and acquisition transactions.
This analysis was done by Black Duck’s Center for Open Source Research and Innovation (COSRI) and examines findings from the anonymized data of more than 1,000 commercial applications audited in 2016.