Resources

Blog

Product Monetization Strategy: Your Forecast for the Future

If you’re responsible for developing a product monetization strategy, Revenera’s Monetization Monitor should be essential reading. The annual report based on our survey of global software suppliers is packed full of insights into how they are evolving business models, pricing plans, and deployment options to meet customer expectations and stay competitive in today’s market. The first report in the 2022 series focuses on Monetization Models and Strategies, and results indicate the trend toward SaaS offerings and subscription-based licensing continues to grow as publishers transition with hybrid

Blog

New OpenSSL Vulnerability: Act Now

The OpenSSL project announced on October 25, 2022 that it was releasing OpenSSL version 3.0.7 which will patch newly discovered vulnerabilities in current versions of OpenSSL. Patches were released today.   OpenSSL is the core open source library that implements SSL and TLS protocols which makes it possible to securely communicate over the internet. Does all of this sound familiar? Remember “Heartbleed (CVE-2014-0160)?” Multiple attacks in 2014 exploited the ”Heartbleed” software flaw in OpenSSL, allowing attackers to spy on Internet communications, steal data, and impersonate services.

Webinars & Events

Manage Software Ingredients for Complete Transparency

Adoption of Software Bills of Material (SBoMs) is critical to securing the software supply chain and improving cybersecurity throughout the open source ecosystem. Watch this webinar to learn how to use SBoMs to effectively manage all your open source, third-party and commercial software, regardless of its origin in all software deployment models including on-prem and SaaS

Blog

The Need for Ongoing Software Developer Training

While there are currently thousands of institutions around the globe that train people in software development, only a fraction of those focus directly on code security. Surprisingly, even though there is an 80:1 ratio between software developers and security specialists, many still believe that the responsibility to find and eradicate vulnerabilities is only on security experts.

White Papers & Industry Reports

Frost & Sullivan: Software License Management - A Global Analysis of the Software Enforcement Segment

Analyst firm Frost & Sullivan has published a new report into the evolution of software enforcement, detailing how publishers are increasingly moving away from homegrown licensing to embrace specialist third-party integrations.

Webinars & Events

Open Source Exchange – November 2022

Watch Revenera and a panel of experts to discuss trends in open source, regulatory changes, the criticality of implementing a Software Bill of Materials and what organizations should be doing, along with what’s happening in the software supply chain.

Webinars & Events

Building Software License Compliance Programs in a Cloud World

Join Revenera VP, Product Management, Software Monetization, Vic DeMarines for a discussion that will dispel myths and assumptions about what it means to run a software compliance program in 2023 and beyond.

White Papers & Industry Reports

Revenera Monetization Monitor: Software Monetization Models and Strategies 2022

Read Revenera’s research report on trends around monetization, licensing and deployment models. 

Video

Manage Your Software Supply Chain

Better manage your software supply chain with SBOM Insights from Revenera. SBOM Insights ingests data from a wide range of sources—both inside and outside your organization—and then unifies all SBOMs into a single actionable view.

Blog

SBOMs: It’s All About Transparency into the Complexity of Your Software

Over the past few years, the software industry has increasingly relied on open-source software. It’s rare to find an application that solely uses proprietary components, with most enlisting a mix of third-party and open-source components. While this has led to a greater scope of what applications can do, as well…

White Papers & Industry Reports

Business Drivers of SBOM Adoption

The Software Bill of Materials (SBOM) enables software-producing organizations to provide transparency to customers and downstream supply chain partners by disclosing the composition of their applications. Producing complete, accurate SBOMs supports better management of licensing and security risk within applications.

Data Sheets

SBOM Insights for Intelligent SBOM Management

Data Sheet

Manage a complete Software Bill of Materials in a SaaS environment and ingest data from a wide range of sources, unifying internal and external SBOMs across your organization.

Blog

The Role of OpenChain Conformance

  The OpenChain Standard defines the key requirements that are needed when constructing a high-quality open-source program. This standard was designed and elaborated by the OpenChain Project and has been the go-to international standard for open-source license compliance since 2016. The central goal of the OpenChain Standard is to ensure…

Webinars & Events

A New, More Effective Way to Create and Manage SBOMs

Register to learn about the latest technology that helps you, effectively manage ALL your open-source, third-party, commercial software, regardless of where it originates from and much more in this Revenera webinar, where you’ll be able to see it in action

Video

InstallShield 2022 Features and Benefits

Revenera introduces the next version of InstallShield. Venkat Ram Donga, Principal Product Manager, talks about InstallShield’s integration with Visual Studio 2022 and support for custom extensions in MSIX projects. At the end of the discussion, Venkat gives a quick demo.

Blog

Everything Your Business Needs to Know About SBOMs

On the 12th of May 2021, The White House released an Executive Order (EO) that outlined the guidelines for improving the cybersecurity of the United States. After many high-profile cybersecurity breaches related to exploits within widely used open source software, the Federal Government moved to learn from past exploits and…

Blog

SoftSummit 2022 Breakdown: Software Monetization Trends, Models, and Implementation Strategies

The SoftSummit 2022 conference brought together industry leaders in software monetization to discuss their insights and experiences within this evolving landscape. With a global audience and leaders in the space sharing their findings, the event was a day packed full of actionable insights, engaging strategies, and detailed use data. Across…

Webinars & Events

Transforming Software Usage Data into Actionable Insights

Watch Revenera’s VP, Product Management, Software Monetization, Vic DeMarines to learn how software suppliers are leveraging software usage data and hear about the types of usage data that can yield significant and actionable insights.

Blog

How the U.S. Executive Order Is Shaping the Software Supply Chain Going Forward

  Early in December of 2021, the international cybersecurity community mobilized in response to the discovery of the Log4J vulnerability. This critical vulnerability was within the logging library of Apache, a core component used across millions of Java-based applications. The vulnerability, known as Log4Shell, rated a 10/10 on the CVSS…

Webinars & Events

Modernizing Monetization: Making the Move to Recurring Revenue Models

To be a successful IIoT device company, you must be a successful software company. And successful software companies have learned to optimize all aspects of their operations to serve their customers well and create a healthy recurring revenue stream.

Webinars & Events

Reduce Software Supply Chain Uncertainty

Join Forester’s Senior Analyst, Janet Worthington and Revenera’s Senior Director of Product Management, Alex Rybak, as they provide clarity on the role of the (SBOM) and steps for improved software supply chain integrity.

Blog

The CFO’s Role in Preparing for the Transition to SaaS

We’ve discussed the CFO’s role in growing company revenue and overall valuation, and how transitioning on-premises offerings to SaaS and moving from one-time perpetual license sales to recurring revenue models are at the top the strategic project lists for many technology CFOs. It is important to know that moving to…

Webinars & Events

Building a Successful Open Source Program Office

Hear why Open Source Program Office’s (OSPO) are important from industry leading experts and learn, not only how to get started, but which stakeholders should play critical roles in your OSPO in this Revenera and DevOps webinar.

Webinars & Events

SoftSummit 2022

Revenera’s annual SoftSummit event returns for its 2022 installment. Join industry leaders for sessions focused on software monetization trends & strategies, along with implementing & balancing on-premise, SaaS, & hybrid deployment models.

Blog

June Newsletter: The Latest Buzz in Software Composition Analysis Professional Services

In The News Software Composition Analysis Certification for Legal Professionals Log4j: Come out, come out wherever you are! Spring4Shell: Deep breath. Don’t panic. Mitigate. Field Notes: Understanding GPL Linking Exceptions The Legal Side of of Compliance and Security in M&A and Software Auditing (Panel Discussion) Trends 2021 – 2022 Audit…

Video

Pursuing Software Piracy Claims in China

Register to listen to a conversation with Chris Bailey and Landy Jiang, Partner at Lushung, Rouse’s network law firm, along with Revenera experts and discover key insights on software piracy and litigation in China.

Video

Legal Attribution for OSS Authors

When open source components are used, that code is authored by someone who licenses the use of the code to others. Licenses vary and so do the legal obligations of the user. Listen to this podcast to learn about attribution obligations.

White Papers & Industry Reports

IDC Analyst Brief: The Open Source Blind Spot Putting Businesses at Risk

IDC analysts explain why having a plan for protecting the software supply chain that includes a robust SCA solution, SBOM creation, and an open source license compliance and security policy is essential.

Data Sheets

User's Guide to Open Source Licenses

Not all open source licenses are the same. Users must adhere to individual license requirements,
like preserving copyrights and license text, and providing attribution. Learn more about some of the popular licenses and get a helpful license compliance checklist.

Blog

Software Piracy Statistics 2022 – Stat Watch

Once again, we’ve compiled aggregate Revenera Compliance Intelligence data to produce our annual list of the Top 20 Software License Misuse and Piracy Hotspots around the globe for 2022. If you’re not familiar, Compliance Intelligence enables software suppliers to detect, identify and report on the unlicensed use of their applications…

Blog

Your Experience Matters: Take the 2022 Monetization Monitor Survey

Regular readers of the Revenera blog will not be surprised to learn that I am fascinated by data and the insights that analysis of that data can surface. One of my favorite projects each year is analyzing the data in our Monetization Monitor Software Industry Survey to uncover where our…

Webinars & Events

Open Source Exchange: The Legal Side of Compliance and Security in M&A and Software Auditing

Join legal experts in this Revenera panel discussion to learn more about what’s happening in the software supply chain and setting legal best practices for helping your clients and organizations through the complexity of open source use.

Webinars & Events

Implementing Use Rights for SaaS: Identity and Access vs. Entitlement Management

Join Revenera’s Scott Niemann, Director of Product Management, for a discussion on the challenges of managing use rights for SaaS applications and review how providers are using Identity and Access Management (IAM) & Entitlement Management solutions

Blog

What’s Trending with SBOMs, Developers, and Code Scanning

Those involved in the world of software development are used to continuous change, high expectations, and industry interruptions that require constant pivoting, but the last couple of years have challenged the most stalwart of professionals. There was the pandemic beginning in 2020 that may have long-lasting impact. In 2021, we…

Data Sheets

Cloud License Server with InstallShield

Get your questions answered about how to eliminate the time and effort required to set up and manage local License Servers. Easily configure your builds from the DevOps build pipeline with InstallShield’s Cloud License Server.

Data Sheets

Automate Third-Party Attribution for Open Source Licenses

Licenses vary and so do the legal obligations of the user. Attribution for the author is one of those necessary obligations. Code Insight from Revenera automatically satisfies this requirement by generating complete third-party notices with just the push of a button.

Blog

Pursuing Software Piracy Claims in China

There are many misconceptions about intellectual property protections in China, the processes for seeking redress, and the likelihood of success. My colleague Vic DeMarines, VP, Product Management for Software Monetization, and I recently welcomed Chris Bailey, a Principal at Rouse, and Landy Jiang, a Partner at Lusheng, (Rouse’s network law…

Blog

The CFO’s Role in Growing Company Revenue and Overall Valuation

The way a company monetizes its software has a huge impact on business success, growth and profitability. CFOs and financial leaders strive to make their software companies even more successful and set them up for growth. Moving away from one-time perpetual license sales to recurring revenue models, as well as…

Webinars & Events

The R&D Dilemma: Build or Buy Systems for Entitlement, Licenses and Usage Management

Join Revenera’s VP, Engineering, Ravi Mazumdar and VP, Products and Marketing, Nicole Segerer for a discussion centered around whether you should build or buy.

Webinars & Events

“Unpacking MSIX”: Panel Discussion

Watch this roundtable discussion to learn more about how developers can retain as much code as possible as they continue to innovate and modernize applications.

Video

Understanding the Exploitability of Spring4Shell

The Spring4Shell vulnerability can be exploited when an attacker sends a specially crafted query to a web server running the Spring Core framework. Listen to this podcast to learn what it is and steps to take.

White Papers & Industry Reports

The CFO’s Ultimate Guide to Successfully Transitioning to SaaS

This Guide is a valuable primer for CFOs (and those that need insight into CFO priorities) that are on the path to SaaS deployment and subscription monetization models. Learn which metrics to focus on, and how to change your business’ operations to accommodate SaaS.

White Papers & Industry Reports

The Product Manager's Ultimate Guide to Successful SaaS Implementation

In this eBook learn how to facilitate the successful operation of a SaaS business, with flexible and hybrid monetization models, new packaging and pricing models, and streamlined processes for provisioning and fulfillment across product offerings

Blog

Spring4Shell: Deep breath. Don’t panic. Mitigate.

Development and security teams, software creators, and companies alike were hit once again with another vulnerability when news made its way online of a disclosure of a PoC for an unauthenticated zero-day vulnerability in Spring Core. The disclosure of CVE-2022-22965—nicknamed Spring4Shell—is an RCE vulnerability in one of the most popular…

Video

Understanding GPL Linking Exceptions

Expert in open source audit analysis explains the difference between Static linking and Dynamic linking, how users can avoid conflict with LGPL licensed code, and a clear explanation on the basics of GPL linking exceptions.

Webinars & Events

TechTalk: InstallShield “Suite” Secrets

In this TechTalk you’ll learn about Suite, a project type within InstallShield, and how it resolves the problem of installing multiple packages, learn how Windows features in Suite works, and how secure it is to send packages via an installer.

Webinars & Events

Open Source Exchange: Security and License Compliance Challenges in the Year Ahead

Listen to our expert open source panel as they discuss topics such as; Log4j; 
legal developments resulting from GPL enforcement actions and SBOM mandates, the status of the cybersecurity executive order and long-lasting affects and more.

Blog

Log4j: Come out, come out wherever you are!

On December 10th, 2021, a critical vulnerability was found in Log4j.  It impacts almost every organization which develops applications in Java, or that uses third-party software.  Vulnerabilities get discovered every day.  However, due to the impact and widespread use of log4j, this vulnerability is driving a serious discussion on the…