The correct answer is implementing a software composition analysis process with ongoing vulnerability monitoring. This approach provides visibility into the open-source components being used, identifies known vulnerabilities in those components, and continues to monitor for newly discovered vulnerabilities over time. It enables informed decisions about which components to use and when updates are needed.
Avoiding the use of all open-source software is unnecessary and often impractical. Open-source software is ubiquitous in modern development and can be used securely with proper management. Completely avoiding it would significantly hamper development efforts.
Using only extensively peer-reviewed libraries is insufficient without ongoing monitoring. Even well-reviewed components can have undiscovered vulnerabilities that are later found, requiring updates and patches.
Forking all open-source components and maintaining them internally is resource-intensive and unsustainable for most organizations. It requires significant expertise and ongoing commitment to maintain all components and apply security patches, often duplicating effort that could be leveraged from the wider community.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is software composition analysis?
Open an interactive chat with Bash
Why is ongoing vulnerability monitoring important?
Open an interactive chat with Bash
What are some challenges of maintaining forked open-source components?
Open an interactive chat with Bash
ISC2 CISSP
Software Development Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access