Categories
compliance Mergers & Acquisitions

The Happiest Day of your Life: You are Being Acquired

Imagine, if you will, you (and your team of developers) have invested the last two years building a fantastic new Software as a Service solution, and you have poured blood, sweat, and tears into the development process. Your team of developers has used every trick in the book to build the fastest, most efficient, incredible […]

Categories
compliance DAST open source licensing open source security SAST Software Bill of Materials

Where to put your money first for Security tools. SCA, SAST, or DAST?

Having researched the importance of securing your company’s intellectual property, you have started down the road towards what tools work best for securing it. Let’s look at the three most common tools companies should consider purchasing and where best to allocate your cybersecurity funds. The three most popular tools are SCA, SAST, and DAST.  Software […]

Categories
compliance log4j open source licensing open source security

Security and License Compliance Awareness is the Theme of Open Source 2022

Open-source software is in all software development, and we’ll see even more growth continue in 2022. Every industry vertical uses and develops open-source software, and all businesses are considered software companies. As a result of the pandemic, more businesses offer their products and services online or through apps. The increase in open source adoption and […]

Categories
compliance cybersecurity Open Source open source licensing security

What Are the Ingredients for an Accurate SBOM?

The Software Bill of Materials (SBOM) has made quite a stir lately. From President Biden’s executive order to further secure our infrastructure to the NHS in Britain, emulating the mandate to improve security and transparency for England’s healthcare system. Given the sudden popularity of the SBOM and the resulting demand to create one, we feel […]

Categories
compliance cybersecurity Open Source

Why Software Supply Chain Security is so Important

How do you know what is really in your software? Open-source software is present in an overwhelming amount of proprietary codebases and public projects. For the global 2000, the question you should be asking is not “ if you are or aren’t using open source code.” The right question is, “what open-source code you’re using, […]

Categories
compliance Open Source open source licensing

Four New Licenses Approved by the Open Source Initiative

As the steward of the Open Source Definition, the Open Source Initiative has been designating licenses as “open source” for over 20 years. These licenses are the foundation of the open-source software ecosystem, ensuring that everyone can use, improve, and share software. When a license is approved, it is because the OSI believes that the […]

Categories
compliance cyber attack cybersecurity Open Source

Information Security Training Should Be Top Priority

The pressures of being a CISO are extensive and extend well past concerns of incident response time. There are pressures of maintaining budgets, reporting improved performance to stock-holders, and when the breadth and number of cyberattacks are increasing, the challenges to find qualified prospects to fill a considerable number of unfilled positions. Where does cybersecurity […]

Categories
compliance News Open Source

What Googles Supreme Court Win against Oracle means to the future of Open-Source Compliance

The Supreme Court has ruled in Google’s favor, stating that the use of 12,000 lines of code from Oracle’s Java SE program was permitted as “fair use.” In its ruling, the Supreme Court states Google’s copying “only those lines of code that were needed to allow programmers to put their accrued talents to work in […]

Categories
compliance developer Open Source

Developers that Copy and Paste Code Put Companies at Risk for Lawsuits

Go to developer forums, Youtube channels and blog posts, and you’ll find endless conversations about copying and pasting code. The discussion revolves around whether this practice is a lazy form of code development or whether it will cause problems with achieving the desired outcome. They discuss if it will take longer to fix the bugs […]

Categories
compliance cybersecurity Open Source security

The Four Laws of Cybersecurity

(Image: Wk1003mike via Shutterstock) 4.57 Billion humans are on-line, communicating with each other and multiple institutions daily. This ties us together through a common language that we all share, which is networking protocols, which are rules for communication between network devices and how those devices can connect to each other.   Social Media platforms that tie […]