Companies need to embrace automation and dependency tracking to keep software secure, GitHub says in its annual security report. Developer mistakes and indirect dependencies are the two main sources of vulnerabilities in open source software projects, which together are expected to cause the majority of security alerts in the next year, according to GitHub’s annual Octoverse report, published today.

Read full article on Dark Reading