2024 Open Source Security and Risk Analysis Report

The Synopsys annual “Open Source Security and Risk Analysis” (OSSRA) report, now in its 9th edition, examines vulnerabilities and license conflicts found in over 1,000 codebases across 17 industries. The report offers recommendations to help security, legal, risk, and development teams better understand open source security and the license risk landscape, especially in the context of securing the software supply chain.

Open Source is Everywhere

With the prevalence of open source and the rise in AI-generated code, more applications are now built with third-party code. Open source has become so interconnected with modern development that security and development teams struggle to identify all the components in their software

High Risk Vulnerabilities Are on the Rise

Although the overall percentage of codebases containing security vulnerabilities remained the same as the previous year, the severity of those vulnerabilities increased a staggering 54% for codebases containing high-risk vulnerabilities.

Build Quality and Security into Your Software

Download the report now!

Get a deep dive into the state of open source security, licensing, code quality, and maintenance risk.