There are more than a few myths and definite room for improvement, especially with respect to encryption. With buy-in, you’re given a handshake deal on data protection, someone for backup or blame. Recent notable incidents offer insight into ways open source security and crypto can get better. As simple as it seems, take your developer team to task on what they’re using. If open source creations are woven throughout the enterprise software stack, it could be left to linger long after its useful life.”]
Source: https://www.darkreading.com/application-security/open-source-encryption-must-get-smarter