The prevalence of open-source software (OSS) promotes the integration of common software features into existing applications. However, the use of OSS can increase the risk of vulnerabilities because code segments are frequently reused across a whole organization. In addition, the rise of malicious coders has made cyberattacks easier to perpetrate and harder to detect. Conversely, while OSS project developers view security as a top priority, only 6.83% perform security testing during continuous integration.
This paper addresses the need for increased security testing of code when developers utilize open-source software as part of application development.