x
Cloud Security

Is Open Source More Secure? Maybe Not

In the debate over whether open source or proprietary software is inherently more secure, the winner is likely to be neither.

Open source is thought by many to have a leg up when it comes to identifying and patching bugs and vulnerabilities because it is constantly under scrutiny of a larger base of people. But one industry expert argues that unless those developers have a specific expertise in the security realm, the "extra eyes" may still miss things.

"There is often the assumption that open source is more secure because there are so many more people that can look at the code, look at the software and see if there is any vulnerabilities or bugs, but that assumption is only there if those people that are looking at that source code have the training and skills needed to be able to do so," says Stuart Scott, AWS content lead and trainer at Cloud Academy , which offers a broad range of training, testing and certifications on how to use a wide range of cloud services, including Amazon Web Services, for IT professionals.


Deep dive into real-world issues and virtualization deployment challenges with industry leaders. Join Light Reading at the NFV & Carrier SDN event in Denver, September 24-26. Register now for this exclusive opportunity to learn from and network with industry experts – communications service providers get in free!


Scott maintains that some software developers might not be able to spot issues with open source code. He also points out the possibility of malicious actors invoking vulnerabilities with open source code.

"There are lots of people looking for bugs and vulnerability fixes, but there are also people looking to exploit that at the same time," he says.

You can read more about Scott's perspective on how enterprises should view open source code in the broader context of security in this report on our sister site, Security Now.

— Carol Wilson, Editor-at-Large, Light Reading

clarkede 8/22/2018 | 3:04:23 PM
Highly Topical Area AWS makes a very important observation. It would be good to see this topic covered in more depth with commentary coming from different constituencies of experts and users. Particularly with reference to open source being used in critical applications and infrastructures.
Michelle 8/22/2018 | 12:10:28 AM
ahh Interesting. I have been reading about the potential for better security, but wondered if it were actually true. It seems not.
HOME
SIGN IN
SEARCH
CLOSE
MORE
CLOSE