Glossary

Open source software is an application with publicly available source code that anyone can access, modify, and distribute based on the terms of the license. Many modern applications use some OSS components. Because anyone can modify or expand open source code, threat actors can inject malicious code into an OSS that otherwise appears safe. Malicious changes are often detected only after the application has been widely distributed throughout the digital supply chain, impacting millions of users. Hackers can also study open source code to identify potential vulnerabilities they can exploit.