Since organizations don’t have control over changes made to open-source components, they need to be aware about when changes are made in them, advised Shawn Smith, director of infrastructure at nVisium, a Falls Church, Va.-based application security provider

“Using dependencies that are open source are perfectly fine so long as you’re properly auditing the source for issues, in addition to performing continual audits any time you update that dependency in your platform,” he told TechNewsWorld.

Read the entire article here!