“Tech companies, enterprises, anyone writing software is dependent on open source. Now there is a recognition at the highest levels of government that this is a big risk.”
–
Chris Wysopal, chief technology officer at the security firm
Veracode, on the lessons from the
Log4J security crisis and how the underfunding of open source projects (Log4J maintainers work for free) poses a “systemic risk to the United States, to critical infrastructure, to banking, to finance.”