Open source is everywhere. From once infamously being called a cancer by Microsoft, the essence of open source runs our modern world. In the early 2000s, open source helped the web to grow through servers such as Linux Apache or content platforms powered by PHP-coded software. The reversal in our use and perception of open source is so complete that Microsoft not only admitted it was wrong about open source, it’s also its single-largest contributor.

But this popularity and how the open-source supply chain works have created security concerns. The benefits still vastly outnumber the risks, yet companies must be aware of these problems. If an open-source security flaw leads to an attack, the criminals don’t care that you didn’t write that code. Nor will customers.