{"id":4291,"date":"2018-06-25T14:30:00","date_gmt":"2018-06-25T14:30:00","guid":{"rendered":"https:\/\/www.darkreading.com\/operations\/secure-code-you-are-the-solution-to-open-sources-biggest-problem---\/a\/d-id\/1332081"},"modified":"2018-06-25T14:30:00","modified_gmt":"2018-06-25T14:30:00","slug":"secure-code-you-are-the-solution-to-open-sources-biggest-problem","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/","title":{"rendered":"Secure Code: You Are the Solution to Open Source&#8217;s Biggest Problem"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<header>\n<\/header>\n<p><span class=\"strong black\">Seventy-eight percent of open source codebases examined in a recent study contain at least one unpatched vulnerability, with an average of 64 known vulnerabilities per codebase.<\/span> <\/p>\n<p class=\"\"><em>&#8220;Unpatched Vulnerabilities Will Likely Cause Your Next Breach.&#8221;<\/em><\/p>\n<p><em>&#8220;Unpatched Applications Are #1 Cyber Security Risk.&#8221;<\/em><\/p>\n<p><em>&#8220;<\/em><em>Unpatched Software Vulnerabilities a Growing Problem.&#8221;<\/em><\/p>\n<p><em>&#8220;Outdated, Unpatched Software Rampant in Businesses.&#8221;<\/em><\/p>\n<p>If those headlines seem familiar, it&#8217;s because you&#8217;ve read them all over the past decade, dating from March 2018 all the way back to 2008. But the story remains the same: Unpatched software vulnerabilities are the biggest cyberthreat organizations face. The problem is that no one is listening, or, worse, they don&#8217;t know what software they have and how to patch it.<\/p>\n<p>According to Black Duck by Synopsys&#8217; recently released annual report, &#8220;Open Source Security and Risk Analysis (OSSRA),&#8221; unpatched, vulnerable open source components are the leading security risk across multiple industries. Business sectors represented in the report include automotive, big data, cyber security, enterprise software, financial services, health care, Internet of things (IoT), manufacturing, and mobile apps.<\/p>\n<p>In all, open source components were found in 96% of the codebases scanned last year, with an average of 257 open source components per codebase, the report states. That&#8217;s no surprise: Open source components and libraries form the backbone of nearly every application in every industry. And use of open source lowers costs and speeds development \u2013 both critical in today&#8217;s agile software world.<\/p>\n<p>But the vulnerabilities found in the over 1,100 codebases scanned for the report are as pervasive as open source itself. Seventy-eight percent of the codebases examined contained at least one unpatched vulnerability, with an average of 64 known vulnerabilities per codebase. Seventeen percent of the audited codebases contained a named vulnerability, such as Heartbleed, Freak, Drown, or Poodle. Poodle was found in 8% of the codebases scanned, Freak and Drown were found in 5%, and Heartbleed was found in 4% of the scanned codebases \u2013 a full four years after its disclosure and several well-publicized exploits.<\/p>\n<p>In addition, 8% of the codebases audited for the 2018 OSSRA report were found to contain Apache Struts. Of those, a third contained the Struts vulnerability that resulted in the 2017 Equifax breach, which compromised the personal information of over 148 million consumers. Clearly, neither the vulnerability disclosure nor the resulting breach was enough to prompt these organizations to investigate their applications for this critical vulnerability.<\/p>\n<p><strong>&#8216;Houston, We Have a Problem&#8217;<\/strong><br \/>Yes, we do, but it&#8217;s not just about open source. The National Vulnerability Database (NVD) alone listed a record-setting 14,700 vulnerabilities in 2017 versus only 6,400 in 2016. Other reports placed 2017 vulnerability disclosure counts at over 20,000, with nearly 5,000 of those flying under the NVD radar. More than 4,800 of those disclosures were related to open source components.<\/p>\n<p>The open source community does an exemplary job of issuing patches, often at a much faster pace than their proprietary counterparts. But whether it&#8217;s for proprietary or open source software, an alarming number of companies simply aren\u2019t applying them.<\/p>\n<p>Following are three steps you can take to help you get better at patching:<\/p>\n<p><strong>Step 1. Take inventory:<\/strong> Can you say with confidence that the open source components used in your public and internal applications are up-to-date with all crucial patches applied? If you can&#8217;t answer that question and can\u2019t produce a full and accurate inventory (bill of materials) of the open source used in your applications, it&#8217;s time to inventory your open source software. After all, you can\u2019t patch when you don&#8217;t know what you have.<\/p>\n<p><strong>Step 2. Monitor for threats:<\/strong> Unlike commercial software, where fixes, patches, and updates are (or at least should be) automatically pushed to users, open source has a pull support model \u2013 you are responsible for keeping track of both vulnerabilities and fixes for what you use. Mind you, that&#8217;s a task far beyond spreadsheets and manual tracking. An automated solution for identifying and patching known vulnerabilities in open source components can help you manage vulnerability risks much more effectively.<\/p>\n<p><strong>Step 3. Focus on what is most likely to be exploited:<\/strong> Nearly 5,000 open source vulnerabilities were reported last year, but only a handful \u2013 such as Apache Struts or OpenSSL vulnerabilities \u2013 are likely to be widely exploited. Further, if a vulnerability isn&#8217;t present in a dependency you have, it can&#8217;t be exploited. Triaging prioritization of remediation and mitigation activity based on CVSS (Common Vulnerability Scoring System) scores is essential and also must incorporate information covering the availability of exploits. Exploits might not exist on day zero of a vulnerability disclosure, but they could appear days later. Patch priorities should effectively be dictated by business importance of the system, criticality of the asset, and risk of exploitation.<\/p>\n<p>I can guarantee we&#8217;ll see more headlines about unpatched software vulnerabilities in the days ahead. Just don&#8217;t let your organization be part of one of them.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<p><em><strong>Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are \u2013 and why they might be targeting your enterprise. Go <a href=\"https:\/\/event.darkreading.com\/3453?keycode=sbx&amp;cid=smartbox_techweb_upcoming_webinars_8.500000825\">here<\/a> for more information on this free event.<\/strong><\/em><\/p>\n<p><span class=\"italic\">Tim Mackey is a technical evangelist for Black Duck by Synopsys. Within this role, he engages with various technical communities to understand how to best solve application security problems. He specializes in container security, virtualization, cloud technologies, &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=4994\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/operations\/secure-code-you-are-the-solution-to-open-sources-biggest-problem---\/a\/d-id\/1332081?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Seventy-eight percent of open source codebases examined in a recent study contain at least one unpatched vulnerability, with an average of 64 known vulnerabilities per codebase. Read More <a href=\"https:\/\/www.darkreading.com\/operations\/secure-code-you-are-the-solution-to-open-sources-biggest-problem---\/a\/d-id\/1332081?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-4291","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Secure Code: You Are the Solution to Open Source&#039;s Biggest Problem 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure Code: You Are the Solution to Open Source&#039;s Biggest Problem 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-25T14:30:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Secure Code: You Are the Solution to Open Source&#8217;s Biggest Problem\",\"datePublished\":\"2018-06-25T14:30:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/\"},\"wordCount\":899,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/\",\"name\":\"Secure Code: You Are the Solution to Open Source's Biggest Problem 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"datePublished\":\"2018-06-25T14:30:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#primaryimage\",\"url\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Secure Code: You Are the Solution to Open Source&#8217;s Biggest Problem\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Secure Code: You Are the Solution to Open Source's Biggest Problem 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/","og_locale":"en_US","og_type":"article","og_title":"Secure Code: You Are the Solution to Open Source's Biggest Problem 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-06-25T14:30:00+00:00","og_image":[{"url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Secure Code: You Are the Solution to Open Source&#8217;s Biggest Problem","datePublished":"2018-06-25T14:30:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/"},"wordCount":899,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/","url":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/","name":"Secure Code: You Are the Solution to Open Source's Biggest Problem 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","datePublished":"2018-06-25T14:30:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#primaryimage","url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","contentUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/secure-code-you-are-the-solution-to-open-sources-biggest-problem\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Secure Code: You Are the Solution to Open Source&#8217;s Biggest Problem"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/4291","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=4291"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/4291\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=4291"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=4291"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=4291"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}