Is Open Source Software More Secure?
From the 'Fun Studies' files:
We've all heard the the cliche that more eyes lead to more secure code when it comes to open source -- but is it true?
The latest attempt to answer that question comes from code scanning vendor Veracode.
Digging deeper 39 percent of Open Source applications and 38 percent of commercial apps did have an acceptable score according to Veracode when mapped against the CWE/SANS Top 25 Most Dangerous Programming Errors (I reported on that list a couple weeks ago).
Ok then, that's not all that impressive.
What was impressive from my perspective is the remediation time.