A great article by Shahid Shah "...If you ask some regulatory affairs folks in medical device companies, they think OSS is too “dangerous” for use in safety critical systems. The most common excuse given by engineers is that the regulatory compliance folks will not allow OSS or that the FDA will disapprove. There is plenty of evidence to the contrary, however, because the FDA hasn’t really rejected devices due solely to the use of OSS. The lack of OSS use in medical devices and healthcare IT circles in most cases likely stems from a lack of experience with OSS at the senior executive and regulatory compliance ranks within companies. This is a summary of a quick 10 step process that R&D groups can use to properly experiment with and include OSS in safety-critical systems."
R&D Executive – Why Shellshock and Heartbleed Should Matter to You
So, you’ve heard of Shellshock, of course. And if you use Unix, you made sure someone installed the right p...
Our Open Source Security Annual ReportRead More
Most Recent Articles
Top 10 Open Source Licenses in 2018: Trends and Predictions
Top 5 New Open Source Vulnerabilities in November 2018
OWASP Dependency-Check: How Does It Work?
Apache Struts Vulnerabilities Pose ‘Stay or Go’ Question
Apache Struts vulnerabilities are causing users to consider migrating to competing frameworks. We list the reasons to stay or go.
5 Female Pioneers of Software Development We’re Grateful For This Thanksgiving
Top 5 New Open Source Security Vulnerabilities in October 2018
October's list of Top 5 New Open Source Security Vulnerabilities includes major players like libssh, X.Org X Server, Git, and Requests HTTPS Library for Python
OWASP Top 10 Vulnerabilities List — You’re Probably Using It Wrong
We break down the basics of what you need to know about the OWASP Top 10 Vulnerabilities List and how to use it the right way to support your development team.
5 Scary Security Mistakes That Are Haunting Your Developers
Halloween special: teams of developers aren't haunted by your typical ghosts, witches, and vampires. So what are developers’ really afraid of?
Apache Struts Vulnerabilities vs Spring Vulnerabilities
Learn From the Best: Vulnerability Management Best Practices from the Best in the Business
Top 5 New Open Source Security Vulnerabilities in September 2018
Creating Your Open Source Policy Template: 3 Points You Don't Want to Overlook
Back to School: The Top Open Source Projects To Use When Starting Out As A Developer
Eclipse Che- WhiteSource’s Open Source Project of the Month for September 2018
How to Make Your Vulnerability Management Metrics Count
Which vulnerability management metrics do you need, to ensure that you've got vulnerability detection, remediation, patching and prioritization right?
Top 5 New Open Source Security Vulnerabilities in August 2018
Why Application Security Must Start with Software Composition Analysis
Equifax Breach Year in Review: Vulnerabilities in Apache Struts Still Going Strong
The Future of Vulnerability Management Programs
The future of vulnerability management programs consists of advanced automated solutions for vulnerability scanning, prioritization and remediation
Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die