2020年开源安全与风险分析(OSSRA) Report

A deep dive into the state of open source security, license compliance, and code quality risk

Open source is a great foundation for modern software development.But when not managed properly, open source can expose you to numerous risks—including licensing, security, and code quality risk.

The 2020 Open Source Security and Risk Analysis (OSSRA) Report is the resource you need to learn why you need to identify and manage the open source in your code.Based on the anonymized data from more than 1,250 audited codebases, the report provides insights and eye-opening statistics about open source security, license compliance, and code quality risk in commercial software.

Download the 2020 OSSRA report


The 2020 OSSRA report contains detailed sections on:

  • The need for a software bill of materials (BOM)
  • Open source composition of codebases audited in 2019
  • The threat of unpatched open source vulnerabilities
  • Vulnerabilities found in our audits
  • Recommendations on setting vulnerability patching priorities
  • Examining license risk in open source components
  • Operational factors in open source use

Download the report today.

2020年开源安全与风险分析(OSSRA) Report