Open Source Vulnerability Management How to Quickly Find and Remediate Log4J Vulnerabilities (Log4Shell) See how your organization can quickly identify and remediate Log4J vulnerabilities in your code.
Open Source Vulnerability Management How to Fix the New Log4J DoS Vulnerability: CVE-2021-45105 See the impact of the new Log4J denial of service (DoS) vulnerability, and get guidance on how to fix it.
Inside FOSSA FOSSA Partners with OpenChain to Promote Open Source Management FOSSA has partnered with OpenChain to help organizations build and maintain successful open source software license compliance programs.
Open Source in the News Embedded Malware in NPM: Coa, Rc, Ua-parser Several widely used NPM packages have been struck by malware in recent weeks. Get a deep dive into how the incidents happened and what you can do about them.
Software Composition Analysis 4 Key Elements of Technical Due Diligence Explore key areas of conducting technical due diligence, including auditing third-party software usage and evaluating protections on intellectual property.
Open Source in the News bouk/monkey and the Importance of Knowing Your Dependencies A recent news item involving the bouk/monkey open source program shows why it's so important for organizations to have visibility into their dependencies.
Open Source in the News Stockfish vs. ChessBase and What it Means for GPL v3 Stockfish vs. ChessBase could test several key provisions of GPL v3. Here's our analysis of the case, with input from OSS compliance expert Heather Meeker.
Software Composition Analysis The Minimum Required Elements of a Software Bill of Materials As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.
Open Source License Compliance Analyzing the Legal Implications of GitHub Copilot The release of GitHub Copilot raises questions about potential copyright infringement and license compliance issues.
Open Source in the News Cybersecurity Executive Order and Software Supply Chain Security See our top takeaways from the software supply chain security section of the Biden Administration's cybersecurity executive order.
Open Source in the News How OSS Conquered the World: Insight from Veteran Developers Join FOSSA's Konstantin Gredeskoul and veteran engineer Bryan Cantrill for an informative and entertaining podcast on the growth and history of open source software.
Open Source in the News 4 Takeaways from the 2021 State of Open Source Vulnerabilities Report Dive into the latest data on today's open source security landscape, and see which libraries and languages are most vulnerable to attacks.
Open Source in the News Takeaways from OpenChain ISO/IEC 5230:2020 Explore key takeaways from ISO/IEC 5230: OpenChain Specification, including steps to becoming an OpenChain Conformant organization.
Open Source in the News Top Security Takeaways from the 2020 FOSS Contributor Survey See four top security takeaways from the 2020 FOSS Contributor Survey, which was produced by the Linux Foundation and Harvard's Laboratory for Innovation Science.
Open Source in the News SolarWinds, Supply Chain Attacks, and Software Composition Analysis Software supply chain security has been in the spotlight following the SolarWinds hack. Here's how you can strengthen your defenses against such an attack.
Open Source in the News TikTok, Trump, and the Future of Open Source Surveillance What could President Trump’s executive orders on TikTok mean for other software? And what about policy related to the perceived security of open source? Do you know where your OSS comes from? Should it matter?
Open Source in the News Discussing Commons Clause on Software Engineering Daily Fossa Inc's CEO Kevin discusses Commons Clause with Software Engineering Daily Podcast.
