What the 2021 OSSRA Report Tells Us About the State of Open Source in Commercial Software

Developer working on code late at night, view from the back

The 2021 “Open Source Security and Risk Analysis” (OSSRA) report, produced by the Synopsys Cybersecurity Research Center (CyRC), examines the results of more than 1,500 audits of commercial codebases, performed by the Black Duck Audit Services team.