Flexera and KPMG Expand Alliance to Keep Open Source Software Clean and Safe
KPMG Adopts FlexNet Code Insight to Identify Open Source License Compliance and Security Risks
Itasca, IL and New York, NY - August 27, 2018 Flexera, the company that’s reimagining how software is bought, sold, managed and secured, and KPMG LLP, the U.S. audit, tax and advisory firm, today announced an expanded strategic alliance to help development, legal and security teams with open source license and security management.
FlexNet Code Insight, Flexera’s next-generation open source security and compliance platform, is now the technology behind KPMG’s software composition analysis offering, which helps clients detect open source license compliance risk and security vulnerabilities.
“With the proliferation of open source software (OSS) in today’s development environment, we share Flexera’s commitment to serving and protecting organizations from open source licensing and security risk,” said Paul Baguley, Major Projects and Contract Advisory Services Principal at KPMG LLP. “We’re excited to expand our alliance to include Flexera’s leading technology in software composition analysis.”
“Flexera’s extremely proud to support KPMG’s new software composition analysis offering – aligning process, governance and technology. We couldn’t have asked for a better opportunity to expand our strategic alliance,” said Jeff Luszcz, Vice President of Product Management at Flexera. “Adding FlexNet Code Insight to KPMG’s analysis gives companies an easy path to open source management. Now, organizations can take a smart and automated approach to open source scanning and monitoring and stay ahead of vulnerabilities and license compliance issues.”
New KPMG Service Uncovers OSS Risks
KPMG’s new software composition analysis, featuring Flexera’s FlexNet Code Insight, helps suppliers and buyers of software and Internet of Things solutions uncover OSS risks through regular monitoring that reviews software developed, used and distributed by an organization. The service results in a detailed Software Bill of Materials (BOM) that defines the organization’s OSS footprint, vulnerabilities that need to be patched and licensing risks that require action. Fast, high-level scans can be performed to identify critical problems, and deeper scans and analysis are available on high-risk code. The analysis also helps companies navigating technical due diligence because of a pending merger or acquisition.
“Organizations need assurances that there are no significant open source compliance or security issues lurking in the software code of the company they’re acquiring,” added Luszcz. “KPMG and Flexera can provide the automated tools and experience in comprehensive OSS assessment that few M&A teams currently have. Ultimately, companies can avoid unexpected disclosures that have the potential to impact final acquisition valuation and remediation costs.”
To learn more, attend a webinar, Preparing for the Technology M&A: Important Considerations and Best Practices for the Buy Side, on Tuesday, September 18 at 11:00 a.m. CT.
Revenera helps product executives build better products, accelerate time to value and monetize what matters. Revenera's leading solutions help software and technology companies drive top line revenue with modern software monetization, understand usage and compliance with software usage analytics, empower the use of open source with software composition analysis and deliver an excellent user experience—for embedded, on-premises, cloud and SaaS products. To learn more, visit www.revenera.com.
Follow KPMG LLP…
About KPMG LLP
KPMG LLP is the independent U.S. member firm of KPMG International Cooperative (“KPMG International”). KPMG International’s independent member firms have 197,000 professionals working in 154 countries. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities. Learn more at www.kpmg.com/us or follow us @KPMGUS_News.
For More Information, Contact: