Open Source Vulnerability Management All About CWE-79: Cross-Site Scripting CWE-79: Cross Site Scripting (XSS) is one of today's most commonly found vulnerabilities. Here's a look at different types of XSS attacks and how to stop them.
Open Source License Compliance Copyleft Licenses and the Venture Capital Connection There's an easy-to-miss OSS compliance clause in the National Venture Capital Association's Stock Purchase Agreement Model Form that has significant ramifications.
Open Source License Compliance All About Permissive Licenses Explore the history, use cases, and provisions of permissive software licenses. Plus, see how they compare to copyleft licenses.
Open Source in the News Cybersecurity Executive Order and Software Supply Chain Security See our top takeaways from the software supply chain security section of the Biden Administration's cybersecurity executive order.
Software Composition Analysis IT Central Station: What Makes for an Effective SCA Solution Enterprise technology review site IT Central Station shares insight from software composition analysis (SCA) users on the elements of an effective SCA solution.
Open Source License Compliance All About Copyleft Licenses Get an overview of copyleft software licenses, including key provisions and how they compare to permissive licenses.
Open Source Vulnerability Management Application Security for Developers: SCA, DAST, and GitHub Actions See how tools like SCA and DAST can fuel developer-centric application security, and get step-by-step guidance for using them in GitHub Actions.
Software Composition Analysis Software Bill Of Materials: Formats, Use Cases, and Tools A software bill of materials (SBOM) plays an important role in everything from application security to OSS license compliance.
Software Composition Analysis How SCA Helps Manage OSS Vulnerabilities See four ways software composition analysis (SCA) helps organizations identify and manage potential vulnerabilities in OSS.
Open Source License Compliance Open Source Software Licenses 101: The ISC License Explore key elements of the ISC License, including requirements and permissions, and see why it's not used as often as other permissive OSS licenses.
Open Source License Compliance Open Source Software Licenses 101: Mozilla Public License 2.0 Get an overview of key provisions in the Mozilla Public License 2.0, and see why OSS users and authors alike may be drawn to it.
Developer Perspectives Top Build Systems for Monorepos See how build systems like Bazel, Buck, and Pants help organizations tackle some of the complexities that come with using monorepos.
Open Source License Compliance Open Source Software Licenses 101: The BSD 3-Clause License Get the lowdown on the BSD 3-Clause open source software license, including key requirements and how it compares to other BSD license variants.
Software Composition Analysis Software Supply Chain Security for Automotive Organizations Technological innovation in the automotive industry has put software supply chain security in the spotlight.
Open Source in the News How OSS Conquered the World: Insight from Veteran Developers Join FOSSA's Konstantin Gredeskoul and veteran engineer Bryan Cantrill for an informative and entertaining podcast on the growth and history of open source software.
Open Source License Compliance Building an Open Source Program Office (OSPO) Explore elements of an Open Source Program Office (OSPO), including staffing strategies, strategic pillars, and more.
Open Source License Compliance Open Source Software Licenses 101: GPL v3 Get an overview of the GPL v3 open source software license and what it permits, requires, and prohibits of users. Also, see how it compares to GPL v2.
Open Source License Compliance Open Source Software Licenses 101: GPL v2 See what the popular copyleft open source software license GPL v2 requires, allows, and prohibits of users.
Open Source License Compliance How to Choose an Open Source Software License Compliance Tool Here are five features to prioritize when evaluating open source software license compliance tools.
Open Source in the News 4 Takeaways from the 2021 State of Open Source Vulnerabilities Report Dive into the latest data on today's open source security landscape, and see which libraries and languages are most vulnerable to attacks.
Open Source License Compliance Open Source Licenses 101: Apache License 2.0 Explore key elements of the popular Apache 2.0 open source software license and how it compares to other permissive OSS licenses.
Developer Perspectives How to Apply a License to Your Open Source Software Project Get step-by-step guidance on how to add a license to your open source software project and how to approach copyright statements.
Open Source License Compliance Open Source Software Licenses 101: The MIT License Get an overview of the extremely popular MIT open source software license, including what it allows, prohibits, and requires of its users.
Open Source in the News Takeaways from ISO/IEC DIS 5230: OpenChain Specification Explore key takeaways from ISO/IEC DIS 5230: OpenChain Specification, including steps to becoming an OpenChain Conformant organization.
Open Source in the News Top Security Takeaways from the 2020 FOSS Contributor Survey See four top security takeaways from the 2020 FOSS Contributor Survey, which was produced by the Linux Foundation and Harvard's Laboratory for Innovation Science.
