2026 Open Source Security and Risk Analysis Report – Software Governance in the AI Era – Black Duck Software, Inc.
-
https://www.blackduck.com/content/dam/black-duck/en-us/reports/rep-ossra.pdf
The “Open Source Security and Risk Analysis” (OSSRA) report has been the industry’s definitive look at the state of open source code for a decade. Each year, we analyze anonymized findings from commercial codebases audited by the Black Duck Audit Services team, and this provides an unmatched, real-world view of how open source is used—and sometimes misused—across every major industry. This year’s findings document a pivotal moment: The explosion of AI-assisted development has fundamentally altered the risk landscape for software and the baseline for compliance with new regulatory initiatives such as the EU Cyber Resilience Act (CRA) and the Digital Operational Resilience Act (DORA).
PDF, 44 pages.
Context
Open source organisations weigh in on age attestation
Availability
… easily found with Google – without completing Black Duck's form, which requires a business email address:
…
-
G grahamperrin@mastodon.bsd.cafe shared this topic
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login