{"id":14472,"date":"2026-04-20T12:44:43","date_gmt":"2026-04-20T09:44:43","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=14472"},"modified":"2026-04-20T12:44:43","modified_gmt":"2026-04-20T09:44:43","slug":"managing-open-source-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/managing-open-source-vulnerabilities\/14472\/","title":{"rendered":"A\u00e7\u0131k kaynakl\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netim mimarisi"},"content":{"rendered":"<p><a href=\"https:\/\/www.kaspersky.com.tr\/blog\/open-source-vulnerabilities-in-ai-era\/14465\/\" target=\"_blank\" rel=\"noopener\">Bir \u00f6nceki yaz\u0131m\u0131zda<\/a> da bahsetti\u011fimiz gibi, a\u00e7\u0131k kaynakl\u0131 bile\u015fenlerin kullan\u0131m\u0131 olmadan modern yaz\u0131l\u0131m geli\u015ftirme pratikte d\u00fc\u015f\u00fcn\u00fclemez. Ancak son y\u0131llarda bu konuyla ilgili riskler giderek daha \u00e7e\u015fitli, karma\u015f\u0131k ve \u00e7ok say\u0131da hale gelmi\u015ftir. Birincisi, g\u00fcvenlik a\u00e7\u0131klar\u0131 bir \u015firketin altyap\u0131s\u0131n\u0131 ve kodunu d\u00fczeltilme h\u0131z\u0131ndan daha h\u0131zl\u0131 etkiledi\u011finde; ikincisi, veriler g\u00fcvenilmez ve eksik oldu\u011funda ve \u00fc\u00e7\u00fcnc\u00fcs\u00fc, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar yayg\u0131n olarak kullan\u0131lan bile\u015fenlerin i\u00e7inde gizlendi\u011finde sadece s\u00fcr\u00fcm numaralar\u0131n\u0131 taramak ve BT ekibine d\u00fczeltme talepleri g\u00f6ndermek yeterli de\u011fildir. G\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi, yaz\u0131l\u0131m indirme ilkelerini, yapay zeka asistanlar\u0131 i\u00e7in koruma \u00f6nlemlerini ve yaz\u0131l\u0131m derleme s\u00fcrecinin tamam\u0131n\u0131 kapsayacak \u015fekilde geni\u015fletilmelidir.<\/p>\n<h1>G\u00fcvenilir bir a\u00e7\u0131k kaynak bile\u015fen havuzu<\/h1>\n<p>\u00c7\u00f6z\u00fcm\u00fcn temel amac\u0131, g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan ve zararl\u0131 kodlar\u0131n kullan\u0131lmas\u0131n\u0131 \u00f6nlemektir. A\u015fa\u011f\u0131daki \u00f6nlemler al\u0131nmal\u0131d\u0131r:<\/p>\n<ul>\n<li>Kendi i\u00e7inde bir yap\u0131 \u00f6geleri deposuna sahip olmak: \u0130\u00e7 geli\u015ftirme i\u00e7in bile\u015fenlerin tek kayna\u011f\u0131, bile\u015fenlerin ancak bir dizi kontrol\u00fcn ard\u0131ndan kabul edildi\u011fi tek bir depo olmal\u0131d\u0131r.<\/li>\n<li>Bile\u015fenlerin titiz bir \u015fekilde taranmas\u0131: Bunlar aras\u0131nda; bile\u015fenin bilinen s\u00fcr\u00fcmleri, bilinen g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan ve zararl\u0131 s\u00fcr\u00fcmler, yay\u0131n tarihi, etkinlik ge\u00e7mi\u015fi ile paketin ve yazarlar\u0131n\u0131n itibar durumu yer al\u0131r. Paketin t\u00fcm i\u00e7eri\u011fini (derleme talimatlar\u0131, test senaryolar\u0131 ve di\u011fer yard\u0131mc\u0131 veriler dahil) taramak zorunludur. Verilerin al\u0131n\u0131rken kay\u0131t defterini filtrelemek i\u00e7in, \u00f6zel a\u00e7\u0131k kaynakl\u0131 taray\u0131c\u0131lar veya <a href=\"https:\/\/www.kaspersky.com.tr\/enterprise-security\/cloud-workload-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team_______96ff410b20ac5915\" target=\"_blank\" rel=\"noopener\">kapsaml\u0131 bir bulut i\u015f y\u00fck\u00fc g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> kullan\u0131n.<\/li>\n<li>Ba\u011f\u0131ml\u0131l\u0131k sabitleme i\u015flemi ger\u00e7ekle\u015ftirme: Derleme s\u00fcre\u00e7leri, yapay zeka ara\u00e7lar\u0131 ve geli\u015ftiriciler, s\u00fcr\u00fcmleri belirtirken \u015fablonlar (\u00f6rne\u011fin \u201cen son\u201d) kullanmamal\u0131d\u0131r. Proje derlemeleri, do\u011frulanm\u0131\u015f s\u00fcr\u00fcmleri temel almal\u0131d\u0131r. Ayn\u0131 zamanda, sabitlenmi\u015f ba\u011f\u0131ml\u0131l\u0131klar, uyumlulu\u011fu koruyan ve bilinen g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7ermeyen en son do\u011frulanm\u0131\u015f s\u00fcr\u00fcmlere d\u00fczenli olarak g\u00fcncellenmelidir. Bu, <a href=\"https:\/\/www.kaspersky.com\/blog\/npm-packages-trojanized\/54280\/\" target=\"_blank\" rel=\"noopener nofollow\">bilinen bir paketin ele ge\u00e7irilmesi yoluyla ger\u00e7ekle\u015fen tedarik zinciri sald\u0131r\u0131lar\u0131n\u0131n riskini<\/a> \u00f6nemli \u00f6l\u00e7\u00fcde azalt\u0131r.<\/li>\n<\/ul>\n<h1>G\u00fcvenlik a\u00e7\u0131\u011f\u0131 verilerinin iyile\u015ftirilmesi<\/h1>\n<p>G\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 daha etkili bir \u015fekilde tespit etmek ve bunlar\u0131 do\u011fru bir \u015fekilde <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/cvss-rbvm-vulnerability-management\/13591\/\" target=\"_blank\" rel=\"noopener\">\u00f6nceliklendirmek<\/a> i\u00e7in, bir kurulu\u015fun \u00e7e\u015fitli BT ve g\u00fcvenlik s\u00fcre\u00e7leri olu\u015fturmas\u0131 gerekir:<\/p>\n<ul>\n<li>G\u00fcvenlik a\u00e7\u0131\u011f\u0131 verilerinin zenginle\u015ftirilmesi: Kurulu\u015fun ihtiya\u00e7lar\u0131na ba\u011fl\u0131 olarak, bu i\u015flem ya NVD, EUVD, BDU, GitHub Advisory Database ve osv.dev gibi kaynaklardan gelen verileri birle\u015ftirerek bilgileri zenginle\u015ftirmek ya da verilerin halihaz\u0131rda toplanm\u0131\u015f ve zenginle\u015ftirilmi\u015f oldu\u011fu ticari bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 istihbarat beslemesi sat\u0131n almak i\u00e7in gereklidir. Her iki durumda da ger\u00e7ek d\u00fcnyadaki istismar e\u011filimlerini takip etmek ve belirli g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 hedef alan sald\u0131rganlar\u0131n profiline ili\u015fkin bilgi edinmek i\u00e7in tehdit istihbarat\u0131 kaynaklar\u0131n\u0131 da izlemeye de\u011fer. Kaspersky, <a href=\"https:\/\/www.kaspersky.com\/open-source-feed?icid=de_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team___kti____43855f8ca277779d\" target=\"_blank\" rel=\"noopener nofollow\">\u00f6zellikle a\u00e7\u0131k kaynakl\u0131 bile\u015fenlere odaklanan \u00f6zel bir veri ak\u0131\u015f\u0131 sunmaktad\u0131r<\/a>.<\/li>\n<li>Kapsaml\u0131 yaz\u0131l\u0131m bile\u015fimi analizi: \u00d6zel yaz\u0131l\u0131m bile\u015fimi analizi (SCA) ara\u00e7lar\u0131, a\u00e7\u0131k kaynak kodundaki ba\u011f\u0131ml\u0131l\u0131k zincirinde do\u011fru bir \u015fekilde gezinilmesini sa\u011flayarak, kullan\u0131lan k\u00fct\u00fcphanelerin tam bir envanterini \u00e7\u0131kar\u0131r ve g\u00fcncel olmayan veya desteklenmeyen bile\u015fenleri tespit eder. Sa\u011fl\u0131kl\u0131 bile\u015fenlere ili\u015fkin veriler, \u00fcr\u00fcn kay\u0131t defterini zenginle\u015ftirmek a\u00e7\u0131s\u0131ndan da yararl\u0131d\u0131r.<\/li>\n<li>Terk edilmi\u015f yaz\u0131l\u0131mlar\u0131 belirleme: Bir bile\u015fen resmi olarak g\u00fcvenlik a\u00e7\u0131\u011f\u0131na sahip olmasa ve resmi olarak destek d\u0131\u015f\u0131 ilan edilmemi\u015f olsa bile, tarama i\u015flemi bir y\u0131ldan uzun s\u00fcredir g\u00fcncelleme almam\u0131\u015f bile\u015fenleri i\u015faretlemelidir. Bunlar, kullan\u0131m \u00f6mr\u00fc sona eren bile\u015fenler gibi ayr\u0131 bir incelemeyi ve muhtemel de\u011fi\u015ftirilmeyi gerektirir.<\/li>\n<\/ul>\n<h1>Yapay zeka kodlar\u0131n\u0131n ve yapay zeka ajanlar\u0131n\u0131n g\u00fcvenli\u011fi<\/h1>\n<p>Kodlamada kullan\u0131lan yapay zeka sistemleri, girdi verilerinin filtrelenmesinden kullan\u0131c\u0131 e\u011fitimine kadar uzanan kapsaml\u0131 bir dizi g\u00fcvenlik \u00f6nlemi ile desteklenmelidir:<\/p>\n<ul>\n<li>Ba\u011f\u0131ml\u0131l\u0131k \u00f6nerilerine ili\u015fkin k\u0131s\u0131tlamalar: Geli\u015ftirme ortam\u0131n\u0131, yapay zeka ajanlar\u0131n\u0131n ve asistanlar\u0131n\u0131n yaln\u0131zca g\u00fcvenilir yap\u0131 kay\u0131t defterindeki bile\u015fenlere ve k\u00fct\u00fcphanelere ba\u015fvurabilmesini sa\u011flayacak \u015fekilde yap\u0131land\u0131r\u0131n. E\u011fer bunlar do\u011fru ara\u00e7lar\u0131 i\u00e7ermiyorsa, model, PyPI\u2019dan sadece a\u00e7\u0131klamaya uyan bir \u015feyi \u00e7ekmek yerine, ba\u011f\u0131ml\u0131l\u0131\u011f\u0131 kay\u0131t defterine eklemek i\u00e7in bir talep ba\u015flatmal\u0131d\u0131r.<\/li>\n<li>Model \u00e7\u0131kt\u0131lar\u0131n\u0131 filtreleme: Bu k\u0131s\u0131tlamalara ra\u011fmen, yapay zeka kodunun g\u00fcncel olmayan, desteklenmeyen, g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan veya uydurma ba\u011f\u0131ml\u0131l\u0131klar i\u00e7ermedi\u011finden emin olmak i\u00e7in model taraf\u0131ndan \u00fcretilen her \u015feyin de do\u011frulanmas\u0131 gerekir. Bu kontrol, kod kabul s\u00fcrecine veya derleme haz\u0131rl\u0131k a\u015famas\u0131na do\u011frudan entegre edilmelidir. Bu, geleneksel statik analiz s\u00fcrecinin yerini almaz: SAST ara\u00e7lar\u0131 yine de CI\/CD s\u00fcrecinde yerle\u015fik olmal\u0131d\u0131r.<\/li>\n<li>Geli\u015ftirici e\u011fitimi: BT ve g\u00fcvenlik ekipleri, yapay zeka sistemlerinin \u00f6zelliklerini, \u00e7al\u0131\u015fma prensiplerini ve s\u0131k kar\u015f\u0131la\u015f\u0131lan hatalar\u0131 \u00e7ok iyi bilmelidir. Bunu ba\u015farmak i\u00e7in, \u00e7al\u0131\u015fanlar kendi g\u00f6revlerine <a href=\"https:\/\/xtraining.kaspersky.com\/courses\/large-language-models-security\/?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kdaily_wpplaceholder_sm-team___xtraining____4bd5a9ac1c208278\" target=\"_blank\" rel=\"noopener\">\u00f6zel olarak haz\u0131rlanm\u0131\u015f bir e\u011fitim program\u0131n\u0131<\/a> tamamlamal\u0131d\u0131r.<\/li>\n<\/ul>\n<h1>Kullan\u0131m \u00f6mr\u00fc sona ermi\u015f bile\u015fenlerin sistematik olarak kald\u0131r\u0131lmas\u0131<\/h1>\n<p>Bir \u015firketin sistemlerinde g\u00fcncel olmayan a\u00e7\u0131k kaynakl\u0131 bile\u015fenler kullan\u0131l\u0131yorsa, bu bile\u015fenlerin g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 gidermek i\u00e7in sistematik ve tutarl\u0131 bir yakla\u015f\u0131m benimsenmelidir. Bunu yapmak i\u00e7in \u00fc\u00e7 temel y\u00f6ntem vard\u0131r:<\/p>\n<ul>\n<li>Ge\u00e7i\u015f: Bu, bir bile\u015fenin tamamen de\u011fi\u015ftirilmesini ve ard\u0131ndan bu bile\u015fen \u00fczerine kurulmu\u015f uygulamalar\u0131n uyarlanmas\u0131n\u0131, yeniden yaz\u0131lmas\u0131n\u0131 veya de\u011fi\u015ftirilmesini i\u00e7eren, organizasyonel a\u00e7\u0131dan en karma\u015f\u0131k ve maliyetli y\u00f6ntemdir. Bir ge\u00e7i\u015f karar\u0131, \u00f6zellikle t\u00fcm i\u00e7 kodun kapsaml\u0131 bir \u015fekilde elden ge\u00e7irilmesini gerektirdi\u011finde olduk\u00e7a zorlay\u0131c\u0131d\u0131r. Bu durum genellikle temel bile\u015fenleri etkiler; Node.js 14 veya Python 2\u2019den kolayca ge\u00e7i\u015f yapmak imkans\u0131zd\u0131r.<\/li>\n<li>Uzun vadeli destek (LTS): B\u00fcy\u00fck \u00f6l\u00e7ekli eski sistem projeleri i\u00e7in \u00f6zel bir destek hizmetleri pazar\u0131 bulunmaktad\u0131r. Bazen bu, \u00fc\u00e7\u00fcnc\u00fc taraf geli\u015ftiriciler taraf\u0131ndan s\u00fcrd\u00fcr\u00fclen eski sistemin bir \u00e7atal\u0131n\u0131 i\u00e7erir; di\u011fer durumlarda ise uzman ekipler, belirli g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 gideren yamalar\u0131 desteklenmeyen eski s\u00fcr\u00fcmlere geriye uyarlama yoluyla uygular. LTS s\u00fcr\u00fcm\u00fcne ge\u00e7i\u015f genellikle s\u00fcrekli destek maliyetleri gerektirir, ancak bu durum \u00e7o\u011fu durumda tam bir ge\u00e7i\u015ften daha uygun maliyetli olabilir.<\/li>\n<li>D\u00fczeltici \u00f6nlemler: Ayr\u0131nt\u0131l\u0131 analiz sonu\u00e7lar\u0131na dayanarak,<a href=\"https:\/\/www.kaspersky.com\/blog\/legacy-it-update-troubles-and-mitigations\/48692\/\" target=\"_blank\" rel=\"noopener nofollow\"> eski \u00fcr\u00fcndeki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131lmas\u0131 riskini azaltmaya y\u00f6nelik kapsaml\u0131 bir dizi g\u00fcvenlik \u00f6nlemi<\/a> al\u0131nabilir. Bu yakla\u015f\u0131m\u0131n hem etkinli\u011fi hem de ekonomik uygulanabilirli\u011fi, yaz\u0131l\u0131m\u0131n kurulu\u015f i\u00e7indeki rol\u00fcne ba\u011fl\u0131d\u0131r.<\/li>\n<\/ul>\n<p>G\u00fcvenlik, BT ve i\u015f birimleri, belgelenmi\u015f her bir kullan\u0131m \u00f6mr\u00fc sonu (EOL) veya kullan\u0131mdan kald\u0131r\u0131lm\u0131\u015f bile\u015fen i\u00e7in bu \u00fc\u00e7 yoldan birini se\u00e7mek \u00fczere i\u015fbirli\u011fi yapmal\u0131 ve yap\u0131lan se\u00e7imi \u015firketin varl\u0131k kay\u0131tlar\u0131na ve SBOM\u2019lar\u0131na yans\u0131tmal\u0131d\u0131r.<\/p>\n<h1>Risk temelli a\u00e7\u0131k kaynak g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi<\/h1>\n<p>Yukar\u0131da s\u0131ralanan t\u00fcm \u00f6nlemler, kuruma giren g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan yaz\u0131l\u0131m ve bile\u015fenlerin say\u0131s\u0131n\u0131 azalt\u0131r ve g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n tespitini ve giderilmesini kolayla\u015ft\u0131r\u0131r. Buna ra\u011fmen, her bir kusuru ortadan kald\u0131rmak imk\u00e2ns\u0131zd\u0131r: Uygulama ve bile\u015fenlerin say\u0131s\u0131 \u00e7ok h\u0131zl\u0131 artmaktad\u0131r.<\/p>\n<p>Bu nedenle, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/cvss-rbvm-vulnerability-management\/13591\/\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 ger\u00e7ek hayattaki risklere g\u00f6re \u00f6ncelik s\u0131ras\u0131na koymak <\/a>h\u00e2l\u00e2 b\u00fcy\u00fck \u00f6nem ta\u015f\u0131maktad\u0131r. Risk de\u011ferlendirme modeli, a\u00e7\u0131k kayna\u011f\u0131n \u00f6zelliklerini dikkate alacak \u015fekilde geni\u015fletilmeli ve a\u015fa\u011f\u0131daki sorular\u0131 yan\u0131tlamal\u0131d\u0131r:<\/p>\n<ul>\n<li>G\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan kod dal\u0131, kurulu\u015fun ortam\u0131nda ger\u00e7ekten \u00e7al\u0131\u015ft\u0131r\u0131l\u0131yor mu? Tespit edilen g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7in eri\u015filebilirlik analizi yap\u0131lmal\u0131d\u0131r. Kurulu\u015fun kendi uygulamas\u0131nda bir\u00e7ok hatal\u0131 kod par\u00e7ac\u0131\u011f\u0131 hi\u00e7bir zaman \u00e7al\u0131\u015ft\u0131r\u0131lmad\u0131\u011f\u0131ndan, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlan\u0131lmas\u0131 imkans\u0131z hale gelir. Baz\u0131 SCA \u00e7\u00f6z\u00fcmleri bu analizi ger\u00e7ekle\u015ftirebilir. Ayn\u0131 s\u00fcre\u00e7, alternatif bir senaryoyu de\u011ferlendirmemize olanak tan\u0131r: Ya savunmas\u0131z prosed\u00fcrler veya bile\u015fenler projeden tamamen \u00e7\u0131kar\u0131l\u0131rsa ne olur? Bazen bu d\u00fczeltme y\u00f6ntemi \u015fa\u015f\u0131rt\u0131c\u0131 derecede zahmetsiz olmaktad\u0131r.<\/li>\n<li>Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ger\u00e7ek hayattaki sald\u0131r\u0131larda kullan\u0131l\u0131yor mu? Bir kavram kan\u0131t\u0131 (PoC) mevcut mu? Bu sorular\u0131n yan\u0131tlar\u0131, EPSS gibi standart \u00f6nceliklendirme \u00e7er\u00e7evelerinin bir par\u00e7as\u0131d\u0131r; ancak izleme, \u00e7ok daha geni\u015f bir istihbarat kaynaklar\u0131 yelpazesi \u00fczerinden ger\u00e7ekle\u015ftirilmelidir.<\/li>\n<li>Bu ba\u011f\u0131ml\u0131l\u0131k kay\u0131t defterinde veya ilgili ve benzer bile\u015fenlerde siber su\u00e7 faaliyetleri bildirilmi\u015f mi? Bunlar, \u00f6nceliklendirme i\u00e7in dikkate al\u0131nmas\u0131 gereken ek fakt\u00f6rlerdir.<\/li>\n<\/ul>\n<p>Bu fakt\u00f6rleri g\u00f6z \u00f6n\u00fcnde bulundurmak, ekibin kaynaklar\u0131 etkin bir \u015fekilde tahsis etmesini ve en tehlikeli kusurlar\u0131 \u00f6ncelikle gidermesini sa\u011flar.<\/p>\n<h1>\u015eeffafl\u0131k art\u0131k moda<\/h1>\n<p>A\u00e7\u0131k kaynakl\u0131 yaz\u0131l\u0131mlar i\u00e7in g\u00fcvenlik \u00e7\u0131tas\u0131 giderek y\u00fckselmeye devam edecek. Uygulama geli\u015ftiren \u015firketler, i\u00e7 kullan\u0131m ama\u00e7l\u0131 olsa bile, sistemlerinde belgelenmi\u015f ve do\u011frulanabilir siber g\u00fcvenlik \u00f6nlemleri almas\u0131n\u0131 gerektiren yasal bask\u0131larla kar\u015f\u0131 kar\u015f\u0131ya kalacak. <a href=\"https:\/\/www.sonatype.com\/state-of-the-software-supply-chain\/introduction\" target=\"_blank\" rel=\"noopener nofollow\">Sonatype uzmanlar\u0131n\u0131n tahminlerine g\u00f6re<\/a>, d\u00fcnya \u00e7ap\u0131ndaki \u015firketlerin %90\u2019\u0131 halihaz\u0131rda kulland\u0131klar\u0131 yaz\u0131l\u0131m\u0131n g\u00fcvenilirli\u011fini kan\u0131tlamak i\u00e7in bir veya daha fazla gereklili\u011fe tabi; bu nedenle uzmanlar \u015feffafl\u0131\u011f\u0131 \u201cyaz\u0131l\u0131m tedarik zinciri g\u00fcvenli\u011finin temel unsuru\u201d olarak g\u00f6r\u00fcyor.<\/p>\n<p>Kurulu\u015flar; a\u00e7\u0131k kaynakl\u0131 bile\u015fenlerin ve uygulamalar\u0131n kullan\u0131m\u0131n\u0131 kontrol ederek, tehdit istihbarat\u0131n\u0131 zenginle\u015ftirerek ve yapay zeka destekli geli\u015ftirme sistemlerini s\u0131k\u0131 bir \u015fekilde takip ederek, hem i\u015f d\u00fcnyas\u0131n\u0131n ihtiya\u00e7 duydu\u011fu yenilikleri hayata ge\u00e7irebilir hem de d\u00fczenleyici kurumlar ve m\u00fc\u015fteriler taraf\u0131ndan belirlenen y\u00fcksek standartlar\u0131 kar\u015f\u0131layabilirler.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"mdr\">\n","protected":false},"excerpt":{"rendered":"<p>A\u00e7\u0131k kaynakl\u0131 yaz\u0131l\u0131mlarda geli\u015ftirme veya kullan\u0131m s\u0131ras\u0131nda g\u00fcvenlik a\u00e7\u0131klar\u0131yla nas\u0131l ba\u015fa \u00e7\u0131k\u0131l\u0131r?<\/p>\n","protected":false},"author":2722,"featured_media":14473,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[1781,1425,2795,790,2475,2377,1424,2849],"class_list":{"0":"post-14472","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-acik-kaynak","10":"tag-ai","11":"tag-cvss","12":"tag-guvenlik-aciklari","13":"tag-strateji","14":"tag-yamalar","15":"tag-yapay-zeka","16":"tag-yapay-zeka-ajanlari"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/managing-open-source-vulnerabilities\/14472\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/managing-open-source-vulnerabilities\/30368\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/managing-open-source-vulnerabilities\/25418\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/managing-open-source-vulnerabilities\/30215\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/managing-open-source-vulnerabilities\/32024\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/managing-open-source-vulnerabilities\/30614\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/managing-open-source-vulnerabilities\/41643\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/managing-open-source-vulnerabilities\/55554\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/managing-open-source-vulnerabilities\/24913\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/managing-open-source-vulnerabilities\/33403\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/managing-open-source-vulnerabilities\/30484\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/managing-open-source-vulnerabilities\/36103\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/managing-open-source-vulnerabilities\/35755\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14472","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2722"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=14472"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14472\/revisions"}],"predecessor-version":[{"id":14475,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/14472\/revisions\/14475"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/14473"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=14472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=14472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=14472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}