Most open source projects fail to use memory-safe programming languages - and CISA says that needs to change

Most open source projects fail to use memory-safe programming languages - and CISA says that needs to change

Briefly

Some of the largest projects were more likely to be written in memory-unsafe languages, with 10 largest projects having a median of 62.5% code written in memory-unsafe languages and four projects topping 94%.

ITProhttps://www.itpro.com/software/most-open-source-projects-fail-to-use-memory-safe-programming-languages-and-cisa-says-that-needs-to-change

Dependency analysis showed that even projects written in memory-safe languages depended on components in unsafe languages, potentially leading to memory safety vulnerabilities.

ITProhttps://www.itpro.com/software/most-open-source-projects-fail-to-use-memory-safe-programming-languages-and-cisa-says-that-needs-to-change

The report emphasized the importance of transitioning existing projects to memory-safe languages, implementing secure coding practices, and conducting security testing to mitigate risks.

ITProhttps://www.itpro.com/software/most-open-source-projects-fail-to-use-memory-safe-programming-languages-and-cisa-says-that-needs-to-change

Organizations were urged to adopt memory-safe programming languages for both existing and new projects and promote research and collaboration to enhance cybersecurity measures.

ITProhttps://www.itpro.com/software/most-open-source-projects-fail-to-use-memory-safe-programming-languages-and-cisa-says-that-needs-to-change