Open Source License Compliance Heather Meeker on Open Source License Compliance Tools Leading OSS licensing expert Heather Meeker shares guidance to help organizations evaluate new compliance tools and get more value from existing ones.
Open Source License Compliance Customer Q&A: Collibra's Journey to Scaling OSS License Compliance Amanda Weare, Collibra’s VP and Deputy General Counsel, discusses her experience managing Collibra's open source license compliance program.
Open Source Vulnerability Management How to Operationalize SBOMs Throughout the SDLC Explore best practices for getting value from software bill of materials (SBOM) data throughout the software development lifecycle.
Inside FOSSA Announcing Support for CycloneDX and SBOM Import FOSSA is excited to announce new support for importing SBOMs along with the CycloneDX SBOM standard.
Inside FOSSA How to Use 1Password to Authenticate the FOSSA CLI 1Password has released a shell plugin that will enable FOSSA users to authenticate with a simple fingerprint scan. Here's how to use it.
Software Composition Analysis How Applause Makes Open Source Management Work for Developers See how Applause has built developer-friendly open source license compliance and security programs with a significant assist from FOSSA.
Open Source License Compliance Complying with GPL v3’s User Product Clause Explore strategies for complying with the GPL v3 software license's User Product clause.
Open Source License Compliance Managing OSS License Compliance Risks in Commercial Software Licensing Agreements, Featuring Jim Markwith Organizations that ship products are ultimately responsible for OSS license compliance — even if the issue stems from a vendor-supplied component.
Inside FOSSA Announcing the GA of C and C++ Security and License Scanning We're thrilled to announce the GA of our security and license scanning for C and C++ projects, which will help users secure their critical applications
Inside FOSSA November 2022 FOSSA Product Updates We’re excited to announce new support for C/C++ and updates to our issue resolution workflow, container scanning offering, and integration with Azure repos.
Open Source Vulnerability Management OpenSSL Vulnerability 2022: Details and Fixes Two new high-severity vulnerabilities impacting OpenSSL have been disclosed. Here's what we know about the issues and how to address them.
Open Source in the News CVE-2022-42889 Text4Shell Vulnerability: Impact and Fixes See important details on the Text4Shell vulnerability, including affected versions, how it compares to Log4Shell, and how to identify and remediate it.
Open Source License Compliance Open Source Licenses 101: Microsoft Public License (Ms-PL) Get an overview of the Microsoft Public License (Ms-PL), including key provisions and how it compares to the Microsoft Reciprocal License (Ms-RL).
Open Source in the News Analyzing the Securing Open Source Software Act A new piece of proposed legislation would direct the U.S. federal government to create a framework for assessing security risks in open source software.
Open Source Vulnerability Management U.S. Government Memo Requires Self-Attestation to Secure Development Practices U.S. government agencies must now require software suppliers to self-attest that they have adhered to NIST Guidance for secure software development.
Open Source License Compliance Heather Meeker on Open Source License Compliance Tools Leading OSS licensing expert Heather Meeker shares guidance to help organizations evaluate new compliance tools and get more value from existing ones.
Open Source License Compliance Q and A: Heather Meeker on Hot Topics in OSS License Compliance IP attorney Heather Meeker tackles several hot topics in OSS license compliance, including SBOMs, the AGPL, triggers for distribution, and more.
Inside FOSSA FOSSA Earns Great Place To Work Certification FOSSA has earned the Great Place to Work Certification, which reflects our strong company culture and workplace environment.
Open Source License Compliance Customer Q&A: Collibra's Journey to Scaling OSS License Compliance Amanda Weare, Collibra’s VP and Deputy General Counsel, discusses her experience managing Collibra's open source license compliance program.
Open Source Vulnerability Management A Practical Guide to the SLSA Framework SLSA is a Google-created framework designed to help organizations improve the integrity of their software supply chains.
Open Source Vulnerability Management How to Implement the CSRB’s Log4j Security Recommendations See guidance for implementing the security recommendations in the CSRB's recent report on the Log4j vulnerability.
Developer Perspectives Rust: How to Transform a Byte Stream for Fun and Profit Here's one way to think about Rust readers that plays nicely with the way Rust programmers naturally think about streaming values.
Open Source in the News Why Open Source is ESG Leading IP attorney and open source software license compliance expert Heather Meeker explores the connection between ESG investing and OSS.
Inside FOSSA Announcing the Private Beta of FOSSA Risk Intelligence We're excited to announce the private beta of FOSSA Risk Intelligence, which will help users harden their software supply chains.
Open Source License Compliance Open Source Licenses 101: SIL Open Font License (OFL) The SIL Open Font License is an open source license designed for fonts and related software. Explore the license's notable requirements and provisions.
Open Source License Compliance How to Build an Open Source License Compliance Program, Featuring Jim Markwith Technology and transactions attorney Jim Markwith (JD/MBA) lists several key ingredients of a successful open source license compliance program.
Open Source Vulnerability Management Understanding and Preventing Dependency Confusion Attacks Dependency confusion exploits rely on a quirk in certain package managers. See how these attacks can happen, and get guidance on preventing them.
