A choice that benefits the speed of release, standardization, and interoperability of what is developed but which, on the other hand, involves security risks. Applications and services created with the help of open source inherit the vulnerabilities present in the libraries used. Libraries that are widespread in applications become a profitable target for the creation of specific exploits by cybercrime. Last December, a serious vulnerability was discovered in Apache’s log4j library (a logging utility) that allowed for software injection attacks, which undermined many online services, with malware stealing data or taking over the system.
An incident similar to the one that occurred a few years ago with Hearthbleed, a bug in the support libraries for OpenSSL (the most popular network protocol for creating secure Web communication channels) that allowed attackers to breach encrypted information. All problems are solved with library updates but, according to data from Veracode’s State of Software Security Open Source Edition 2021, as many as 79% of applications in use are based on outdated open source libraries. Unresolved vulnerabilities remain a serious security threat, which becomes apparent when the company opens its network to smart working, the use of cloud applications, or digital integration with the supply chain. BinHexS has put in its portfolio services for the modernization of data centers, which include the management of all phases of projects: from design to security on cloud and hybrid infrastructures. BinHexS is also able to offer managed services, with service desks operating 24×7.