Resources

If you’re responsible for developing a product monetization strategy, Revenera’s Monetization Monitor should be essential reading. The annual report based on our survey of global software suppliers is packed full of insights into how they are evolving business models, pricing plans, and deployment options to meet customer expectations and stay competitive in today’s market. The first report in the 2022 series focuses on Monetization Models and Strategies, and results indicate the trend toward SaaS offerings and subscription-based licensing continues to grow as publishers transition with hybrid

The OpenSSL project announced on October 25, 2022 that it was releasing OpenSSL version 3.0.7 which will patch newly discovered vulnerabilities in current versions of OpenSSL. Patches were released today.   OpenSSL is the core open source library that implements SSL and TLS protocols which makes it possible to securely communicate over the internet. Does all of this sound familiar? Remember “Heartbleed (CVE-2014-0160)?” Multiple attacks in 2014 exploited the ”Heartbleed” software flaw in OpenSSL, allowing attackers to spy on Internet communications, steal data, and impersonate services.

Adoption of Software Bills of Material (SBoMs) is critical to securing the software supply chain and improving cybersecurity throughout the open source ecosystem. Watch this webinar to learn how to use SBoMs to effectively manage all your open source, third-party and commercial software, regardless of its origin in all software deployment models including on-prem and SaaS

While there are currently thousands of institutions around the globe that train people in software development, only a fraction of those focus directly on code security. Surprisingly, even though there is an 80:1 ratio between software developers and security specialists, many still believe that the responsibility to find and eradicate vulnerabilities is only on security experts.

Analyst firm Frost & Sullivan has published a new report into the evolution of software enforcement, detailing how publishers are increasingly moving away from homegrown licensing to embrace specialist third-party integrations.

Watch Revenera and a panel of experts to discuss trends in open source, regulatory changes, the criticality of implementing a Software Bill of Materials and what organizations should be doing, along with what’s happening in the software supply chain.

Join Revenera VP, Product Management, Software Monetization, Vic DeMarines for a discussion that will dispel myths and assumptions about what it means to run a software compliance program in 2023 and beyond.

Read Revenera’s research report on trends around monetization, licensing and deployment models. 

Better manage your software supply chain with SBOM Insights from Revenera. SBOM Insights ingests data from a wide range of sources—both inside and outside your organization—and then unifies all SBOMs into a single actionable view.

Over the past few years, the software industry has increasingly relied on open-source software. It’s rare to find an application that solely uses proprietary components, with most enlisting a mix of third-party and open-source components. While this has led to a greater scope of what applications can do, as well…

The Software Bill of Materials (SBOM) enables software-producing organizations to provide transparency to customers and downstream supply chain partners by disclosing the composition of their applications. Producing complete, accurate SBOMs supports better management of licensing and security risk within applications.

Manage a complete Software Bill of Materials in a SaaS environment and ingest data from a wide range of sources, unifying internal and external SBOMs across your organization.

  The OpenChain Standard defines the key requirements that are needed when constructing a high-quality open-source program. This standard was designed and elaborated by the OpenChain Project and has been the go-to international standard for open-source license compliance since 2016. The central goal of the OpenChain Standard is to ensure…

Register to learn about the latest technology that helps you, effectively manage ALL your open-source, third-party, commercial software, regardless of where it originates from and much more in this Revenera webinar, where you’ll be able to see it in action

Revenera introduces the next version of InstallShield. Venkat Ram Donga, Principal Product Manager, talks about InstallShield’s integration with Visual Studio 2022 and support for custom extensions in MSIX projects. At the end of the discussion, Venkat gives a quick demo.

On the 12th of May 2021, The White House released an Executive Order (EO) that outlined the guidelines for improving the cybersecurity of the United States. After many high-profile cybersecurity breaches related to exploits within widely used open source software, the Federal Government moved to learn from past exploits and…

The SoftSummit 2022 conference brought together industry leaders in software monetization to discuss their insights and experiences within this evolving landscape. With a global audience and leaders in the space sharing their findings, the event was a day packed full of actionable insights, engaging strategies, and detailed use data. Across…

Watch Revenera’s VP, Product Management, Software Monetization, Vic DeMarines to learn how software suppliers are leveraging software usage data and hear about the types of usage data that can yield significant and actionable insights.

  Early in December of 2021, the international cybersecurity community mobilized in response to the discovery of the Log4J vulnerability. This critical vulnerability was within the logging library of Apache, a core component used across millions of Java-based applications. The vulnerability, known as Log4Shell, rated a 10/10 on the CVSS…

To be a successful IIoT device company, you must be a successful software company. And successful software companies have learned to optimize all aspects of their operations to serve their customers well and create a healthy recurring revenue stream.

Join Forester’s Senior Analyst, Janet Worthington and Revenera’s Senior Director of Product Management, Alex Rybak, as they provide clarity on the role of the (SBOM) and steps for improved software supply chain integrity.

We’ve discussed the CFO’s role in growing company revenue and overall valuation, and how transitioning on-premises offerings to SaaS and moving from one-time perpetual license sales to recurring revenue models are at the top the strategic project lists for many technology CFOs. It is important to know that moving to…

Hear why Open Source Program Office’s (OSPO) are important from industry leading experts and learn, not only how to get started, but which stakeholders should play critical roles in your OSPO in this Revenera and DevOps webinar.

Revenera’s annual SoftSummit event returns for its 2022 installment. Join industry leaders for sessions focused on software monetization trends & strategies, along with implementing & balancing on-premise, SaaS, & hybrid deployment models.

In The News Software Composition Analysis Certification for Legal Professionals Log4j: Come out, come out wherever you are! Spring4Shell: Deep breath. Don’t panic. Mitigate. Field Notes: Understanding GPL Linking Exceptions The Legal Side of of Compliance and Security in M&A and Software Auditing (Panel Discussion) Trends 2021 – 2022 Audit…

Register to listen to a conversation with Chris Bailey and Landy Jiang, Partner at Lushung, Rouse’s network law firm, along with Revenera experts and discover key insights on software piracy and litigation in China.

When open source components are used, that code is authored by someone who licenses the use of the code to others. Licenses vary and so do the legal obligations of the user. Listen to this podcast to learn about attribution obligations.

IDC analysts explain why having a plan for protecting the software supply chain that includes a robust SCA solution, SBOM creation, and an open source license compliance and security policy is essential.

Not all open source licenses are the same. Users must adhere to individual license requirements,
like preserving copyrights and license text, and providing attribution. Learn more about some of the popular licenses and get a helpful license compliance checklist.

Once again, we’ve compiled aggregate Revenera Compliance Intelligence data to produce our annual list of the Top 20 Software License Misuse and Piracy Hotspots around the globe for 2022. If you’re not familiar, Compliance Intelligence enables software suppliers to detect, identify and report on the unlicensed use of their applications…

Regular readers of the Revenera blog will not be surprised to learn that I am fascinated by data and the insights that analysis of that data can surface. One of my favorite projects each year is analyzing the data in our Monetization Monitor Software Industry Survey to uncover where our…

Join legal experts in this Revenera panel discussion to learn more about what’s happening in the software supply chain and setting legal best practices for helping your clients and organizations through the complexity of open source use.

Join Revenera’s Scott Niemann, Director of Product Management, for a discussion on the challenges of managing use rights for SaaS applications and review how providers are using Identity and Access Management (IAM) & Entitlement Management solutions

Those involved in the world of software development are used to continuous change, high expectations, and industry interruptions that require constant pivoting, but the last couple of years have challenged the most stalwart of professionals. There was the pandemic beginning in 2020 that may have long-lasting impact. In 2021, we…

Get your questions answered about how to eliminate the time and effort required to set up and manage local License Servers. Easily configure your builds from the DevOps build pipeline with InstallShield’s Cloud License Server.

Licenses vary and so do the legal obligations of the user. Attribution for the author is one of those necessary obligations. Code Insight from Revenera automatically satisfies this requirement by generating complete third-party notices with just the push of a button.

There are many misconceptions about intellectual property protections in China, the processes for seeking redress, and the likelihood of success. My colleague Vic DeMarines, VP, Product Management for Software Monetization, and I recently welcomed Chris Bailey, a Principal at Rouse, and Landy Jiang, a Partner at Lusheng, (Rouse’s network law…

The way a company monetizes its software has a huge impact on business success, growth and profitability. CFOs and financial leaders strive to make their software companies even more successful and set them up for growth. Moving away from one-time perpetual license sales to recurring revenue models, as well as…

Join Revenera’s VP, Engineering, Ravi Mazumdar and VP, Products and Marketing, Nicole Segerer for a discussion centered around whether you should build or buy.

Watch this roundtable discussion to learn more about how developers can retain as much code as possible as they continue to innovate and modernize applications.

The Spring4Shell vulnerability can be exploited when an attacker sends a specially crafted query to a web server running the Spring Core framework. Listen to this podcast to learn what it is and steps to take.

This Guide is a valuable primer for CFOs (and those that need insight into CFO priorities) that are on the path to SaaS deployment and subscription monetization models. Learn which metrics to focus on, and how to change your business’ operations to accommodate SaaS.

In this eBook learn how to facilitate the successful operation of a SaaS business, with flexible and hybrid monetization models, new packaging and pricing models, and streamlined processes for provisioning and fulfillment across product offerings

Development and security teams, software creators, and companies alike were hit once again with another vulnerability when news made its way online of a disclosure of a PoC for an unauthenticated zero-day vulnerability in Spring Core. The disclosure of CVE-2022-22965—nicknamed Spring4Shell—is an RCE vulnerability in one of the most popular…

Expert in open source audit analysis explains the difference between Static linking and Dynamic linking, how users can avoid conflict with LGPL licensed code, and a clear explanation on the basics of GPL linking exceptions.

In this TechTalk you’ll learn about Suite, a project type within InstallShield, and how it resolves the problem of installing multiple packages, learn how Windows features in Suite works, and how secure it is to send packages via an installer.

Listen to our expert open source panel as they discuss topics such as; Log4j; 
legal developments resulting from GPL enforcement actions and SBOM mandates, the status of the cybersecurity executive order and long-lasting affects and more.

On December 10th, 2021, a critical vulnerability was found in Log4j.  It impacts almost every organization which develops applications in Java, or that uses third-party software.  Vulnerabilities get discovered every day.  However, due to the impact and widespread use of log4j, this vulnerability is driving a serious discussion on the…