A6:2021 | Vulnerable and Outdated Components (13) | Cycubix Docs


  • Open source consumption in modern day applications has increased.

  • Open source is obtained from many different repositories with different quality standards.

  • Security information on vulnerabilities is scattered everywhere.

  • License information is often difficult to validate.

  • Most teams don’t have a component upgrade strategy.

  • Open source components are the new attack vector.

What to do

  • Generate an OSS Bill of Materials.

  • Baseline open source consumption in your organization.

  • Develop an open source component risk management strategy to mitigate current risk and reduce future risk.

Last updated