7 years of open source: Twilio, Synopsys & Veracode

As the Computer Weekly Open Source Insider blog approaches it’s 1000 post since first starting in June 2010, we feature a number of comments from movers (and hopefully shakers) in this space.

Looking back seven years, it was almost slightly hopeful to dedicate a whole column to open technologies, platforms, tools, software languages and wider open design principles.

Today, things are different, as we know… and even Microsoft ‘hearts’ Linux, right?

Let’s hear from code analysis and vulnerability software company Veracode, cloud communications platform firm Twilio and Synopsys Software Integrity Group.


“What was once considered fringe and anti-establishment has now become the norm powering some of the largest technological innovations of our times. In the fields of artificial intelligence, machine learning, autonomous driving and block chain, OSS leads the way,” said Mel Llaguno , open source solution manager  at Synopsys Software Integrity Group.


“These days it feels like there is an open source project for just about any computer science challenge that exists. Thanks largely to SourceForge and GitHub, community development and collaboration is easier than ever, leading to more creating and sharing between developers and as a result, more innovation,” suggests Patrick Malatack, VP of product & GM of messaging at Twilio.

That being said, Malatack says that scaling and operating the services you’re building is still an incredible development challenge.

“At Twilio, we believe serverless computing paired with web services like AWS, Stripe and our own communication APIs will have the same effect on operations that open source has had on developer collaboration,” said Malatack.


Solution architect at Veracode Chris Campbell says that 0pen source software is clearly enabling business to lean in on community expertise and deliver value from applications faster than ever before.

“But as recent high-profile breaches have shown us, there are tangible consequences to customers and employees if the vulnerability risk associated with OSS components isn’t managed effectively,” said Campbell.

Veracode’s 2017 State of Software Security report suggests that 88% of Java applications have at least one vulnerability from OSS components.

“The tools already exist to record and deal with OSS risk, many businesses now need to build these in to their application security programs as a top priority,” notes Campbell.