Qualys, Inc. (NASDAQ: QLYS), a provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its risk management platform to AppSec teams to bring their own detections to assess, prioritize and remediate the risk associated with first-party software and its embedded open source components.

In the digital transformation era, every organization develops its own software to run its business. This first-party, or company-developed, software often lacks the disciplined vulnerability and configuration management practices used for third-party software. Studies have shown that over 90% of first-party software includes open source components while more than 40% have high risks such as exploitable vulnerabilities.