“Once open source gets good enough, competing with it would be insane.”
2006, Larry Ellison, the chairman of Oracle in conversation with the Financial Times.
It’s in your operating system, browser, and favorite games. It’s in the apps you use every day and the tools you use to make them.
But how much open source software is actually out there? We know it’s growing at an incredible rate, but how much of our software is open? How much of our software is built on other people’s open source code? How much of our software is a derivative work from someone else’s open source code? How much open source do we use in our daily lives?
And what about the parts of our tech that are closed but still rely on open source code? Is there any way to measure how much closed-source software uses open source libraries or frameworks in its development process?
On this paper, the industry experts propose a methodology and associated tool that can analyze Java binaries and determine the proportion of open source that comprises them. Also presents empirical measurements of 5 commercial Java software systems, reporting OSS proportions between 76% to 99% among these 5 systems, including a historical analysis covering 6 versions and 12 years for one of the subject systems.
Download the article and read the full analysis!
Stay on top of the real risk of open source at any time.
Avoid false positives and get sophisticated upgrade guidance based on risk, compatibility and popularity.More on Continuous Protection
Detect and defend against known-vulnerabilities at runtime. The only SCA to do so.
The quickest way to respond to an imminent threat like log4j with CVE-2021-44228.More on Run-time Protection
CodeGreen is an early-warning defence for your in-house development and integrates directly into GitHub and BitBucketMore on BitBucket and Github apps