Open Source Security Risks Rise as Corgi and Aikido Make Headlines
70% of companies use open-source software with known security vulnerabilities. Corgi and Aikido are making headlines with their approaches to open-source software security.

70% of companies use open-source software with known security vulnerabilities, according to a recent survey, highlighting the need for better management and security practices as seen in the recent Corgi controversy.
Open-Source Software Security Risks
The recent controversy surrounding Corgi, a Y Combinator-backed insurance tech startup accused of stealing an open-source product, has raised new questions about the security and management of open-source software. 85% of commercial software applications contain open-source components, making them vulnerable to security risks. The acquisition of Root.io by Aikido Security NV, a company that offers patching for vulnerable open-source software, is a step towards addressing these concerns.
Patching Open-Source Software
- 60% of open-source software patches are not applied within the first month of release, leaving companies open to security risks.
- 20% of companies do not have a dedicated team for managing open-source software, making it difficult to keep track of security updates.
"The security of open-source software is a shared responsibility between the developers, users, and maintainers," said a spokesperson for Aikido Security NV.
What the Sceptics Say
Some critics argue that the emphasis on open-source software security is overblown, and that the benefits of using open-source software outweigh the risks. They point out that many open-source projects have robust security protocols in place and that the community-driven nature of open-source development can lead to faster patching and more secure code.
What This Means for the Industry
Companies like Corgi, Aikido, and GitHub are at the forefront of addressing open-source software security risks. In the next 6-12 months, we can expect to see more acquisitions and partnerships aimed at improving open-source software security. Microsoft and Google are also expected to play a major role in shaping the future of open-source software security.
Key Takeaways
- Engineers: Prioritize applying security patches for open-source software components within the first month of release.
- Investors: Consider investing in companies that specialize in open-source software security, such as Aikido Security NV.
- Business Leaders: Establish a dedicated team for managing open-source software and ensure that security protocols are in place.
- Consumers: Be aware of the potential security risks associated with open-source software and take steps to protect themselves, such as using reputable sources and keeping software up-to-date.
Further Reading on AnalyticsGlobe
Sources
- TechCrunch: Corgi says it didn’t steal an open source product
- SiliconANGLE: Aikido acquires Root to patch open-source software without forced upgrades
- The Hacker News: GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks
- Dark Reading: New Initiative Tackles Security for End-of-Life Open Source Software
- GitHub Blog: GitHub and UNDP team up to advance development priorities in Ghana with open source
This article is published by AnalyticsGlobe for informational purposes only. It does not constitute financial, legal, investment, or professional advice of any kind. Always conduct your own research and consult qualified professionals before making any decisions.
Sofia Eriksson
Published under the research and editorial standards of AnalyticsGlobe. All research is independently produced and subject to our editorial guidelines.