Categories
compliance Mergers & Acquisitions

The Happiest Day of your Life: You are Being Acquired

Imagine, if you will, you (and your team of developers) have invested the last two years building a fantastic new Software as a Service solution, and you have poured blood, sweat, and tears into the development process. Your team of developers has used every trick in the book to build the fastest, most efficient, incredible […]

Categories
open source licensing open source security Software Bill of Materials

Measuring Up Software Composition Analysis Tools

The most critical challenge your organization faces when choosing a software composition analysis (SCA) vendor is understanding that some miss up to 60% of the open source, exposing your organization to security and licensing risks. We’re also seeing challenges surrounding the accuracy of the results. A vendor will find some open source but then mismatch […]

Categories
open source security Uncategorized

“Set and Forget” Approach to Open Source Software Creates Security and Compliance Risks

According to two recent security research reports* on open source software, internally developed software contains up to 75% of open-source software.  The report also concludes that open-source used within codebases contain on average 158 vulnerabilities and 60% of the codebases have ‘high risk’ open-source vulnerabilities that have been actively exploited. According to research, the three […]