If you’re not scrambling to contain and fix this vulnerability, do so now. It’s a doozy folks! Every organization using third-party software or developing custom applications with the Java programming language is potentially impacted. All current versions of log4j2 up to 2.14.1 are vulnerable. Log4j is a very popular logging…

No matter what industry you are in, your company’s code most definitely contains code from someone else.  Today’s software is not written from scratch, but rather assembled from parts.  These parts mostly originate from open source software that’s freely available from the internet.  However, your awareness should not be limited…

Notes from the Field: SCA Analysts and Code Insight Product Trainers talk Observations, Trends and Findings. I find the subject of GPL Linking Exceptions resurfacing often, whether I’m on a SBOM review call with an audit client, advising on Remediation Practices and open source license policy creation, or simply refreshing…

The responsibility for security and license compliance in your software falls to security, developer and legal teams. What happens when an issue comes up that requires fast remediation?

Cyber threats are more real today than ever before. The industry is responding with new regulations. Get the right advice for a successful cyber program.

Perhaps you’ve seen the delightfully clever new ad for the iPhone and Apple Watch integration, in which a farmer taps a button on his watch that then signals his phone, lost in a huge haystack, to beep. He reaches in and finds it in seconds. Pre-Apple Watch, we might characterize…

When most of us want to leave 2020 behind as a year of unquestionable struggle, we can’t ignore the impact it’s had, specifically on the need for organizations to step up their efforts to meet changing digital transformation requirements. We’ve been talking about it for a while. You may think…

A little more than a week before the Colonial Pipeline attack, two government agencies issued an overview and guidance on how software buyers and vendors could identify, assess and mitigate software supply chain risks. In that 16-page document, “Defending Against Software Supply Chain Attacks” the National Institute of Standards and…

Manage license compliance and security vulnerabilities in your software components with Revenera Software Composition Analysis.

In this Knowledge Brief, Aberdeen reports that nearly half of security-related issues uncovered in nearly 200 audit projects had a high severity rating. Find out more.

Using open source software creates a responsibility to manage the associated risks surrounding security, license compliance and quality.

Open Source Software Audit Services from Revenera help your business and legal teams mitigate legal exposure by discovering unknown open source software and third-party code.

Empower the use of open source software through Revenera’s Standard and Forensic Audit Services. Learn more from this guide.

Framework for Open Source Security and License Compliance

Interneuron’s focus on license compliance and risk mitigation helps build trust and confidence with prospects, creating new business opportunities and growth.

Most open source licenses require passing along the text of the license, preserving copyrights and license text where originally seen and providing attribution in About boxes, documentatio…

Revenera uses FlexNet Code Insight to manage open source risk. Read this success story and learn more about Revenera’s “Get Clean, Stay Clean” approach to Software Composit…