Open source software has comparable security, faster bug fixing, and fewer
potential backdoors than commercial software, according to a study on software
application vulnerabilities by security firm VeraCode.
The study, published on the first day of the RSA Conference, is based on
aggregated data from real world scanning of billions of lines of code and
thousands of applications by the code quality assurance and security firm. Open
source is as good if not better than commercial packages in key metrics accessed
by VeraCode, which argues the findings dispel the myth that open source is
inherently riskier than commercial code.