Managing software security and development risk in today’s evolving market is a difficult yet crucial requirement—one that many organizations are not effectively addressing, as evidenced by the latest headlines disclosing a series of data breaches of personal information.

The 2014 Coverity Scan Open Source Report details the changing landscape of open source and commercial software development, including how established development practices are slowly improving the state of software—and how they can be improved so that companies and individuals can write clean, effective software while minimizing the risk of becoming tomorrow’s headline.

After analyzing over 10 billion lines of code through Coverity Scan, the new 2014 Coverity Scan Open Source Report explains how:

  • Commercial code is more compliant to security standards than open source code

  • Defect density (defects per 1,000 lines of code) of open source code and commercial code has continued to improve since 2013
  • OpenSSL utilized Coverity Scan during their post-Heartbleed investigation
  • Early adoption of complimentary tools addressing legacy and newly written code is now truly a necessity
  • A responsible shift in best practices by open source leaders such as Linux, LibreOffice, NetBSD, and Apache Hadoop are helping to improve the general state of all open source software –highlighted by the improvements found in defect density from 2013 to 2014

Download the 2014 Coverity Open Source Report to learn more about these changing dynamics within the open source community and discover how security and quality continue to improve!

Synopsys Coverity Scan Service

Coverity Scan Open Source Report 2014

Latest Report Finds Commercial Code is More Compliant to Security Standards than Open Source Code