• +1.800.374.4353
  • Contact Us
  • Search
  • revenera.de
Revenera
Revenera
  • Search
    • Search
  • Blog
    • Software Installation
    • Software Composition Analysis
    • Software Monetization
  • Install
  • Protect
  • Monetize
  • Resources
  • About Us
  • Revenera.com
    • Homepage
    • Install
    • Protect
    • Monetize
    • Resources
    • About Us
  • Community
  • flexera.com
  • BLOG
  • Software Installation
  • Software Composition Analysis
  • Software Monetization
  • Subscribe
    • Get updates delivered to your inbox:

    • Follow Us:  

Software Composition Analysis – What’s in Your Code?

What’s Trending with SBOMs, Developers, and Code Scanning

Those involved in the world of software development are used to continuous change, high expectations, and industry interruptions that require constant pivoting, but the last couple of years have chall…

May 19, 2022 Alex Rybak

Spring4Shell: Deep breath. Don’t panic. Mitigate.

Development and security teams, software creators, and companies alike were hit once again with another vulnerability when news made its way online of a disclosure of a PoC for an unauthenticated zero…

April 4, 2022 Kendra Morton

Log4j: Come out, come out wherever you are!

On December 10th, 2021, a critical vulnerability was found in Log4j.  It impacts almost every organization which develops applications in Java, or that uses third-party software.  Vulnerabilities get …

March 11, 2022 Michael Lelchuk

Open Source: Trouble because of sudden license changes

Open Source does not mean that the use of the code is allowed without any restriction: The use is subject to conditions which are formulated by the author (copyright holder) in the form of a license. …

February 22, 2022 Kendra Morton

The story behind colors.js and faker.js

The bizarre case of the author who corrupted his own npm packages – colors.js and faker.js. Originally reported by Bleeping Computer on Jan 9th the author of npm packages colors.js and faker.js…

February 9, 2022 Marcus Lucero

The FTC’s warning to companies about the failure to protect against open source vulnerabilities

In direct response to the Log4j vulnerability, the United States Federal Trade Commission published an alert. Net? If your company does not take proactive steps to prepare for future vulnerabilities l…

February 4, 2022 Kendra Morton

Software supply-chain vulnerabilities: A close look on code

Vulnerabilities that affect the supply chain of software and its distribution are easily among the most terrifying experiences any company involved must endure. Such vulnerabilities typically affect a…

December 15, 2021 Lars Wiebusch

What you need to know about the Log4j security vulnerability

If you’re not scrambling to contain and fix this vulnerability, do so now. It’s a doozy folks! Every organization using third-party software or developing custom applications with the Java programming…

December 13, 2021 Kendra Morton

When is the right time to conduct an open source audit?

No matter what industry you are in, your company’s code most definitely contains code from someone else.  Today’s software is not written from scratch, but rather assembled from parts.  Th…

November 22, 2021 Michael Lelchuk

Field Notes: Understanding GPL Linking Exceptions

Notes from the Field: SCA Analysts and Code Insight Product Trainers talk Observations, Trends and Findings. I find the subject of GPL Linking Exceptions resurfacing often, whether I’m on a SBOM revie…

November 3, 2021 Marcus Lucero

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • …
  • 11
  • »

Top 10 Posts

  • What is Software Composition Analysis?
  • Open Source Software Licensing: Not everything is as it seems.
  • Let’s Talk Open Source Trends (A 2020 Early Look)
  • What’s Trending with SBOMs, Developers, and Code Scanning
  • Spring4Shell: Deep breath. Don’t panic. Mitigate.
  • Log4j: Come out, come out wherever you are!
  • Open Source: Trouble because of sudden license changes
  • The story behind colors.js and faker.js
  • The FTC’s warning to companies about the failure to protect against open source vulnerabilities
  • Software supply-chain vulnerabilities: A close look on code
  • What you need to know about the Log4j security vulnerability
  • When is the right time to conduct an open source audit?
  • Field Notes: Understanding GPL Linking Exceptions

Topics

  • Software Installation
  • Software Composition Analysis
  • Software Monetization

Tweets by Revenera

New research published by @AberdeenSR on #opensource software licensing covers licensing risks, common open source issues, and how to deliver max ROI. Get the full report here:

https://info.revenera.com/SCA-WP-Aberdeen-OSS-Report?utm_source=twitter&utm_medium=social&utm_campaign=SCA-WP-Aberdeen-OSS-Report&utm_content=WP

Image for the Tweet beginning: New research published by @AberdeenSR Twitter feed image.
Reply on Twitter 1529915564893818993 Retweet on Twitter 1529915564893818993 0 Like on Twitter 1529915564893818993 0 Twitter 1529915564893818993

Join Revenera's Scott Niemann, Director of Product Management, and Michael Goff, Principal, Product Marketing, for a discussion on managing user rights for SaaS applications and using Identity and Access Management and Entitlement Management solutions.

http://ow.ly/L92250JfP30

Image for the Tweet beginning: Join Revenera's Scott Niemann, Director Twitter feed image.
Reply on Twitter 1529900331181780993 Retweet on Twitter 1529900331181780993 0 Like on Twitter 1529900331181780993 0 Twitter 1529900331181780993

"The most important step any leader can take toward building a more resilient business is to get out and listen—actively—to their customers."

@FastCompany shares practices for leveraging customer insights to know where new business opportunities lie.

https://www.fastcompany.com/90613213/listening-to-customers-5-practices-to-build-a-more-resilient-company?utm_source=twitter&utm_medium=social

Image for the Tweet beginning: "The most important step any Twitter feed image.
Reply on Twitter 1529885463036796935 Retweet on Twitter 1529885463036796935 0 Like on Twitter 1529885463036796935 0 Twitter 1529885463036796935

“OpenChain and Revenera share a value: we want to increase trust and transparency in open source software usage. Our adoption of the OpenChain specification demonstrates our commitment to lead by example.” - Alex Rybak, Director of Product Management.

https://www.revenera.com/about-us/press-center/revenera-announces-openchain-conformance?utm_source=twitter&utm_medium=social

Image for the Tweet beginning: “OpenChain and Revenera share a Twitter feed image.
Reply on Twitter 1529855429102247936 Retweet on Twitter 1529855429102247936 0 Like on Twitter 1529855429102247936 1 Twitter 1529855429102247936

Plot your course to SaaS by tuning into this webinar that discusses the importance of entitlement management when growing or scaling your business. In part 2 of the Path to SaaS Monetization Series, learn how to build a successful monetization strategy.

https://info.revenera.com/SWM-WBNR-SaaS-Technical-ProductPackaging-Part2?lead_source=Website%20Visitor?utm_source=twitter&utm_medium=social

Image for the Tweet beginning: Plot your course to SaaS Twitter feed image.
Reply on Twitter 1529537988501417984 Retweet on Twitter 1529537988501417984 1 Like on Twitter 1529537988501417984 2 Twitter 1529537988501417984
LOAD MORE...
Search

Archive

Software Composition Analysis Tags

agpl    Apache    Apache Log4j    Apache Struts 2    Bootloader    CISA    color.js    Cybersecurity    faker.js    GitHub    GPL    GRUB2    Healthcare    IoT / Intelligent Devices    Java    Legal counsel    License Management    Linux    Log4j    Log4Shell    MIT License    NIST    node modules    npm    Nvidia    Open Source Audits    Open Source Compliance    Open Source Security    Open Source Software (OSS)    OpenChain    Oracle WebLogic    OSS Licenses    Patching    RCE    Remote Code Execution    SBOM    SCA    SCA Maturity Model    SDLC    shift left    software bill of materials    software dependencies    software developers    software development    software licenses    software supply chain    software vulnerability    Spring4Shell    third-party software    US Government    vulnerabilities    Windows   
About the Software Composition Analysis blog

A resource for developers, legal and security experts using and managing open source software. We encourage your feedback as we discuss trends and insights around open source security and license compliance. What is Software Composition Analysis?

Updates in your inbox

Give us your email and we’ll keep you in the loop

Revenera
  • +1.800.374.4353
  • Contact Us
  • Revenera Community
  • revenera.de
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram

© 2022 Flexera Software. All Rights Reserved.

Install

  • Install
  • Products
  • Services & Training

Protect

  • Protect
  • Business Solutions
  • Products

Monetize

  • Monetize
  • Business Solutions
  • Products

Resources

  • All Resources
  • Blog
  • Case Studies
  • Datasheets
  • Demos & Trials
  • Videos
  • Webinars & Events
  • White Papers & Industry Reports

About Us

  • About Us
  • Leadership
  • Media/Press Center
  • Partners
  • Careers
  • Contact Us
  • Terms and Conditions
  • Privacy Policy
  • Revenera.com Sitemap
© 2022 Flexera Software. All rights reserved.    Terms and Conditions    Privacy Policy