SBOM Starter Kit: Get Your Copy

The 2022 State of Open Source Vulnerabilities

2021 was a noteworthy year for software supply chain security. A series of incidents (Log4Shell and the CodeCov breach, to name a few) highlighted the need for organizations to be proactive about identifying and remediating the vulnerabilities in their open source software. 

FOSSA’s 2022 State of Open Source Vulnerabilities features the latest data and analysis on today’s open source vulnerability landscape.Download your copy for insight in areas like:

  • Most common vulnerabilities in 2021
  • The distribution of vulnerabilities across popular languages
  • The distribution of vulnerabilities across popular Linux distributions
  • Longitudinal trends in vulnerabilities over several years
  • The most prevalent CWEs in each language and each Linux distribution

Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for security management, license compliance, and code quality across the open source stack.

With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.

FOSSA enables organizations like Slack, Snapchat, Okta, Puppet, Epic Games, and UiPath to manage their open source at scale and drive continuous innovation.

Check out these Resources