Still leading in innovation after 30 years, InstallShield offer helps 100,000+ developers lower vulnerability and compliance risks
“It’s critical that engineers are aware of open source security and compliance risks, and embed better processes into their installation builds to minimise those risks. Failing to do this has serious consequences, evidenced all too well in the recent Apache Struts 2 related data breach that put 143 million Equifax consumers’ personal data at risk,” said Jeff Luszcz, Vice President of Product Management at Flexera. “InstallShield is the only installation development solution in the world empowering developers to automatically check for open source security and compliance risk as part of the build process, setting the foundation for a vulnerability-free build while also ensuring a smooth, error-free installation. By running a quick scan in the daily build, InstallShield becomes the first line of defense against Open Source Software (OSS) vulnerabilities such as Apache Struts.”
FlexNet Code Aware, integrated in InstallShield, allows software developers to embed open source security into the very heart of the software development process, with automatic open source analysis detection. Today’s offer providing a free FlexNet Code Aware subscription to all InstallShield users will empower more than 100,000 developers already using InstallShield to secure the software supply chain, reducing their products’ exposure to open source vulnerabilities and license compliance risk.
Why Open Source Security Scans Are Important
The use of open source components in software development is skyrocketing. A decade ago, developers were using less than 100 open source libraries per release. Today, some industries are using more than 1,000. In addition, developers are often not aware of the risks contained in the open source code they use.
Over 50 percent of a software product is open source – developed outside the organisation. According to Flexera’s recent Open Source Risk – Fact or Fiction? report:
- No OSS Policy is Bad Policy: Only 37 percent of respondents have an open source acquisition or usage policy.
- 63 percent say either their companies don’t have an open source acquisition or usage policy, or they don’t know if one exists.
- No One’s in Charge of OSS: 39 percent of respondents said that either no one within their company is responsible for open source compliance – or that they don’t know who is.
- OSS Contributors Aren’t Following Best Practices: 33 percent of respondents say their companies contribute to open source projects.
- But, of the 63 percent who say their companies don’t have an open source acquisition or usage policy, 43 percent said they contribute to open source projects.
And as a whole, developers are only aware of up to four percent of the third-party software that comprises their products. As open source dependency increases, developers need to be good corporate citizens and truly understand the vulnerability risk and compliance requirements they are inheriting from the open source code they use. FlexNet Code Aware, integrated with InstallShield, identifies the libraries developers are using, and what the associated licensing terms are to ensure compliance.
Follow us on…
Flexera is reimagining the way software is bought, sold, managed and secured. We view the software industry as a supply chain, and make the business of buying and selling software and technology asset data more profitable, secure, and effective. Our Monetisation and Security solutions help software sellers transform their business models, grow recurring revenues and minimise open source risk. Our Vulnerability and Software Asset Management (SAM) solutions strip waste and unpredictability out of procuring software, helping companies buy only the software and cloud services they need, manage what they have, and reduce compliance and security risk. Powering these solutions and the entire software supply chain, Flexera has built the world’s largest and most comprehensive repository of market intelligence on technology assets. In business for 30+ years, our 1200+ employees are passionate about helping our 80,000+ customers generate millions in ROI every year. Visit us at www.flexera.com.
For more information, contact:
Vidushi Patel/ Nicola Males
+44 7958474632 / +447976652491
*All third-party trademarks are the property of their respective owners.