Join the Open Source 360 Survey & Reflect the State of OSS Today


It’s counter-intuitive.

One of the most widely used, most productive, and indispensable elements of application development today is probably the least understood – open source software.

Open source makes up 80-90% of the code in modern software applications and powers global brands such as Netflix, Amazon, Google and Uber.

Yet, consider this finding from a recent report by a leading global research firm: “Open-source software is used within mission-critical IT workloads by over 90% of the IT organizations worldwide, whether they are aware of it or not.”

Think about that: whether they are aware of it or not." It would seem impossible that something so essential would be an unknown.

To clarify, most organizations are very “aware” that they are using open source because they know it helps reduce development costs, deliver apps to market faster, and innovate, innovate, innovate.  

What they don’t know about the open source software they’re using  and this is the case for companies large and small around the globe is where it’s located in their application code. This puts them at increased risk to open source security vulnerabilities and unmet license obligations.

Know Your Code

67% of application reviewed contained known open source security vulnerabilitiesResults of Black Duck On-Demand’s open source application security audits conducted during M&A transactions are remarkably consistent in two areas — 95% of the applications contain open source and two-thirds of the applications contain known open source vulnerabilities. Not a healthy ratio.

There’s no doubt that use of open source will continue to increase rapidly because of the economic and productivity value it delivers, but it is important that organizations develop a better understanding of their security risk exposure and implement effective source security and management practices to reduce that risk.

Open Source 360° Survey

The 2017 Open Source 360 Survey launched earlier this week by Black Duck’s Center for Open Source Research & Innovation (COSRI) will play a role in informing and educating today’s open source consumers.

Through the survey, COSRI will aggregate data from open source users throughout the world  and share it and examine the state of open source in four key areas – usage, risk, contributions and governance/policies.

Created in 2016, COSRI leverages Black Duck’s comprehensive open source data-gathering expertise and skilled teams to conduct cutting-edge open source security, machine-learning and data-mining research. COSRI promotes both the secure use of open source and continuous open source innovation, and shares its findings globally.

Take the Open Source 360 Survey Today

Via 2017 Open Source 360 Survey, COSRI will work with many partners in the open source community to collect and deliver useful information and insights. COSRI will aggregate the survey results, analyze the data and deliver a comprehensive report in June.

This year’s survey, a successor to the Future of Open Source Survey, will look closely at:

  • Usage: The focus will be on where open source fits in the software application development and deployment strategy rather than simply on how much open source is being used.
  • Risk: Few companies have good visibility into where open source is being used and therefore lack necessary controls, placing them at risk to known security vulnerabilities. The survey will provide insights into whether that is changing in light of the heightened attention to cybersecurity.
  • Contributions: Companies that once forbade developers from using open source are among today’s most avid contributors to open source projects. This year’s survey will look at contribution trends and report on why companies are contributing.
  • Governance & Policies: The increase in open source use has not always been accompanied by well-developed project selection policies or attention to license obligations. The survey will probe whether companies are becoming more conscious of their need to improve their IP quality.

We look forward to reporting on the results and invite you to take the survey

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Research More Vital Than Ever In The “Golden Age Of Open Source”

| Aug 2, 2016

Tech media is awash in reporting and commentary about the ascendant power of open source – with good reason. Open source use is ubiquitous worldwide and it’s the lifeblood of application development. Marius Moscovici, founder and CEO of Metric Insights, got it just right in a memorable and

| MORE >

10th Annual Future Of Open Source Survey Launches Today

| Mar 8, 2016

In late 2015, a TechCrunch article heralded the dawning of the golden age of open source. In it the author, Marius Moscovici, founder & CEO at Metric Insights wrote: “In the new economy, it’s not the code that matters — it’s how you use it to connect people to things they need. From 3D printers

| MORE >