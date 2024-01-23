Enterprise

 

Open-Source Experts’ 2024 Outlook for AI, Security, Sustainability

open source software in business

In 2024, open-source technology will face increased scrutiny as its prolific use, including in proprietary coding, raises the need for pervasive security screening.

Open-source libraries, valued by developers for their ease of integration and extensive functionalities, pose significant security risks. According to Chad Loeven, VP of business development at cybersecurity firm Opswat, these libraries remain a weak underbelly. They are particularly susceptible to attacks by malicious actors who may insert vulnerabilities or backdoors, compromising the integrity of the software.

“As a result, software bill of materials (SBOM) scanning will become critical to providing an accurate inventory of vulnerable open-source libraries and containers,” he told LinuxInsider.

There is little doubt among experts in the field that 2024 will primarily focus on better hardening open-source software in general. With its growing dominance in software development, enterprises can no longer afford to overlook open source, as it is everywhere.

The importance of managing open-source software and SBOM for software security will be an ever-present concern in 2024, according to Anthony Tam, manager for security engineering at Tigera, an active security platform with full-stack observability for containers and Kubernetes. The company is the creator and maintainer of Calico Open Source container networking and security solutions.

Preventative Measures Critical for Protection

SBOMs provide transparency into the software supply chain and help organizations manage third-party software components’ security and compliance risks.

By maintaining a comprehensive list of all software components and dependencies, organizations can ensure a complete and accurate understanding of their software makeup, including any potential security vulnerabilities,” Tam explained.

Organizations can then prioritize security patches and updates, track and manage vulnerabilities, and ensure compliance with relevant regulations and standards using this information. Given their ever-evolving nature, Tam urged the importance of continuously monitoring open-source components for emerging vulnerabilities.

“This can be achieved by using a reliable software composition analysis (SCA) tool to scan the software and its dependencies for vulnerabilities and license issues in software and automate the process of scanning software code and dependencies,” he told LinuxInsider.

When identifying vulnerabilities, it’s crucial to prioritize them based on severity and potential impact. This approach enables organizations to allocate resources more effectively, focusing first on the most critical vulnerabilities.

Prioritization should involve a risk-based approach, considering the likelihood and potential impact of a vulnerability being exploited. By focusing on the most critical vulnerabilities first, organizations can address the key security risks effectively and reduce the overall risk to their software systems,” Tam added.

“SBOMs should include all open-source components used in the software, including libraries, frameworks, and tools. This includes both direct and indirect [transitive] dependencies, as well as any customized or in-house developed software libraries,” he noted.

More Regulation Leads to Increased SBOM Usage

During the past couple of years, various government initiatives started worldwide to focus on open-source security. In 2022, the U.S. government introduced the Securing Open Source Software Act to push organizations to work with the OSS community to strengthen security practices.

“Organizations should anticipate this trend to continue manifesting itself in two ways: through increased government involvement and, in turn, the growing use of software bill of materials,” advised Javier Perez, chief open source evangelist and open source software advocate with OpenLogic by Perforce.

He expects governments in the U.S., U.K., Europe, and others to continue introducing and passing legislation. These governments will also issue internal agency guidance around using open-source software, focusing on OSS security.

As the industry continues to face new pressures around security, organizations will increasingly rely on generating SBOMs to meet compliance and apply updates and patches more quickly. Leveraging SBOMs to create an inventory of software and setting up continual security scans will empower organizations to combat any critical or high-severity vulnerabilities coming their way more effectively in 2024.

“Given that government initiatives typically require the generation of SBOMs, especially in heavily regulated industries, 2024 will witness an increase in security initiatives and the generation of SBOMs throughout software stacks,” Perez told LinuxInsider.

According to Opswat Senior Product Manager Matt Wiseman, increasing requests for SBOMs and more demand to understand tools at a deeper level will lead to increased requirements from regulatory organizations or government agencies.

“Given the growing concern for threats from vendors, third parties, or nation-states, all software will be more thoroughly vetted before being deployed in critical areas,” he told LinuxInsider.

Stretching Sustainability to Broader Borders

In recent years, planet sustainability has been a war cry for certain factions that pushed the agenda, with political groups and consumers pressuring enterprises to adopt more favorable measures.

One largely unexplored relationship remains between open-source software and sustainability, which will become an important dialogue in 2024, according to Perez.

“Given that OSS is free and available to the public, with plenty of source code being used at the enterprise level, it’s fair to suggest that in 2024, we will begin to see more open source projects around sustainability efforts, whether it is software that will help calculate emission reductions or monitor carbon footprint,” Perez predicted.

As organizations continue to recognize the relationship between sustainability and OSS, increased visibility and collaboration for the greater good will be established in 2024. OSS innovative solutions will be born and shared.

Nurturing Conversational Web Development

OpenAI, an open-source software company, ignited the use of artificial intelligence across all industries in 2023.

Its move to create a conversational web could signal the end of the app store model, believes Hussein Hallak, co-founder and CEO of Momentable Art. His company is an AI-powered SaaS platform bridging the gap between the art world and avid art enthusiasts.

“With chatbots and other conversational interfaces, users can access services and information without needing to download and install apps. This could disrupt the entire app ecosystem and change the way developers create and distribute software,” he told LinuxInsider.

That, in turn, he reasoned, could spur changes in how the working world shifts direction. OpenAI’s technology has the potential to automate many routine tasks, freeing up humans to focus on more creative and strategic work.

“This could lead to a shift in the nature of work and how we organize ourselves,” he offered.

The Next Major Computing Platform

According to Hallak, conversational interfaces will improve and be even more helpful in 2024. Harmless and honest, they have the potential to reshape how we get things done online.

It will create a way to achieve equitable access to information. With a conversational agent, anyone with an internet connection can have an insightful discussion and get knowledgeable responses to their questions, he offered.

“OpenAI is working to make advanced AI accessible to all, which could help close digital divides and spread learning more widely around the world,” he said.

The next web will be interactive, designed to understand users’ needs and assist in achieving their goals through respectful and engaging dialogue. When built with care and oversight, conversational AI has exciting potential to augment human capabilities and make our lives more productive, he added.

New Approach for Big Tech

By open-sourcing techniques and prioritizing safety, OpenAI’s impact on high-tech is staking out the high road in AI development, observed Hallak. As platforms increasingly rely on conversational assistants, other companies would do well to thoughtfully consider questions around transparency, oversight, and benefit to humanity.

“The tech giants will fiercely compete to own this new conversational landscape. As it could be as important as search was, these companies must adapt fast or risk falling behind. For regular users, this conversational shift will be as profound as when Google search took over the web,” Hallack concluded.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
view all
AI Will Have a Transformative Impact on Software Development in 2024
January 16, 2024
Linux operating system review
LinDoz Returns With Advanced AI To Revamp the MakuluLinux Lineup
January 4, 2024
Linux software review
Kumander Linux: This New Distro Puts You in Charge of Computing
December 18, 2023
Monoprice CrystalPro 27″ Monitor Delivers Productivity, Convenience at a Bargain Price
December 7, 2023
the dashboard of a modern automobile with embedded Linux technology
Wind River Linux Drives New Solutions for Software-Defined Vehicles
October 31, 2023
Open Source Vulnerabilities
Qualys Discovers Critical Linux Flaw ‘Looney Tunables’
October 4, 2023
software engineers monitoring enterprise IT systems
More Linux Malware Means More Linux Monitoring
September 15, 2023
Doogee V30T Smartphone: A Rugged Masterpiece With Carrier Caveats
September 14, 2023
computer user discovers a VPN cybersecurity vulnerability
Atlas VPN Linux Leak Exposes Users’ IP Addresses
September 7, 2023
New US Initiatives Aim To Better Defend Against Cyberattacks
August 15, 2023
More in Enterprise
AppSec, Devs Clash Flags Need for Paradigm Shift in Software Industry
July 5, 2023
cloud computing
Canonical Broadens Commercial OpenStack to Small Clouds
June 14, 2023
AI ‘Hallucinations’ Can Become an Enterprise Security Nightmare
June 7, 2023
Red Hat Summit logo
Red Hat Summit Targets Fixing Open-Source Code Flaws
May 23, 2023
Ubuntu 23.04 Lunar Lobster
Ubuntu 23.04 ‘Lunar Lobster’ Lands With Newly Minted Cinnamon Desktop Flavor
May 1, 2023
open source
Business Conditions Prime for More Open-Source Contributors
March 15, 2023
network engineers system administrators
GitHub Hides Code Flaw Reports, New RHEL and AlmaLinux, Amazon Deploys DentOS
November 28, 2022
Open Source tools
Google Debugs, JFrog Jumps Code, Confidential Kubernetes, Meta-PyTorch
September 20, 2022
software license
License Change May Spark New Pricing Trend for Open-Source Projects
September 7, 2022
Linux
Feuding Developers, Dueling Distros Make Linux Lineage Revival Legendary
July 27, 2022

My overall satisfaction with search engine results in the past year has:
Loading ... Loading ...

LinuxInsider Channels

Business

Business

AI Expert Claims Big Tech Using Fear of AI To Scare Up Profits

Community

Community

If Only Documentation Looked as Clean as the Code

Developers

Developers

AI Will Have a Transformative Impact on Software Development in 2024

Enterprise

Enterprise

AppSec, Devs Clash Flags Need for Paradigm Shift in Software Industry

Exclusives

Exclusives

2023: Year of the Software Developer

Mobile

Mobile

Doogee V30T Smartphone: A Rugged Masterpiece With Carrier Caveats

Reviews

Reviews

Monoprice CrystalPro 27″ Monitor Delivers Productivity, Convenience at a Bargain Price

Security

Security

IT and Security Leaders Baffled by AI, Unsure About Security Risks: Study

Software

Software

When Betting on Linux Security, Look at the Big Picture

Spotlight Features

Spotlight Features

Cyber Forecast for 2023 and Beyond: Hang on for a Bumpy Digital Ride

Tech Blog

Tech Blog

Linux? What Linux? It Just Works

More from ECT News Network

E-Commerce Times

E-Commerce Resolution for 2024: Fearlessly Embrace AI
E-Commerce Resolution for 2024: Fearlessly Embrace AI
January 22, 2024
2024 Signals E-Commerce Fears, Frustrations, Fulfillment
2024 Signals E-Commerce Fears, Frustrations, Fulfillment
January 11, 2024
E-Tailers Face Ongoing Dilemmas of Friendly Fraud, Insider Crime
E-Tailers Face Ongoing Dilemmas of Friendly Fraud, Insider Crime
January 2, 2024

TechNewsWorld

Affiliate Marketing Contributing to Substandard Search Results: Study
Affiliate Marketing Contributing to Substandard Search Results: Study
January 23, 2024
10 Products From CES 2024 That Set the Innovation Bar
10 Products From CES 2024 That Set the Innovation Bar
January 22, 2024
SevaCare Blood Pressure Monitor Offers Affordable Home Health Assurance
SevaCare Blood Pressure Monitor Offers Affordable Home Health Assurance
January 19, 2024

CRM Buyer

CRM Advances With AI Powers Amid Data Privacy Challenges
CRM Advances With AI Powers Amid Data Privacy Challenges
January 9, 2024
A New Era of Customer Service
A New Era of Customer Service
January 5, 2024
CRM 2024 Challenge: Mastering AI for Peak Platform Performance
CRM 2024 Challenge: Mastering AI for Peak Platform Performance
January 2, 2024