<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">


Tidelift advisory: Securing Open Source Software Act advances in U.S. Senate

Yesterday, the U.S. Senate Committee on Homeland Security and Governmental Affairs voted to advance bipartisan legislation to help strengthen the ...
Donald Fischer
by Donald Fischer
on March 30, 2023

Donald Fischer

Donald Fischer

Recent Posts

Tidelift advisory: Impact of new U.S. National Cybersecurity Strategy on organizations building apps with open source software

By Donald Fischer on March 2, 2023
Today, the U.S. government issued the long anticipated 2023 National Cybersecurity Strategy. This is the next step in a series of recent actions ...

Tidelift advisory | “Text4Shell” Apache Commons Text vulnerability: what you need to know and do

By Donald Fischer on October 19, 2022
In this advisory, we will address the core facts regarding the recently disclosed security vulnerability in the Apache Commons Text project, which ...

Tidelift advisory: New White House OMB guidance impacts organizations building apps with open source

By Donald Fischer on September 15, 2022
Yesterday, the U.S. government’s Office of Management and Budget (part of the Executive Office of the President) released memorandum M-22-18 on ...

$33.5M to improve open source software supply chain resilience with help from AEI HorizonX and Cisco Investments

By Donald Fischer on September 13, 2022
We’re excited to announce today that Tidelift has extended our Series C financing to $33.5 million with additional investments from AEI HorizonX, AE ...

New NSA, CISA, ODNI best practices for securing the open source software supply chain

By Donald Fischer on September 6, 2022
Last week, in a response to the ever-growing list of software supply chain attacks (SolarWinds and Log4Shell specifically), the U.S. National ...

Tidelift’s take on the U.S. Cyber Safety Review Board Report on Log4Shell vulnerability

By Donald Fischer on July 15, 2022
Yesterday, the U.S. Department of Homeland Security released the first report from the recently created Cyber Safety Review Board (CSRB), reviewing ...

A people-centric way forward for the open source software supply chain

By Donald Fischer on June 7, 2022
Today at Tidelift’s annual Upstream event, I’m giving a talk entitled Software + People: An optimistic (and practical) way forward for the open ...

$27m to improve open source health and security with Tidelift’s partnered maintainers

By Donald Fischer on May 24, 2022
Today we’re excited to announce that Tidelift has closed on $27 million of Series C funding, led by Dorilton Ventures with participation by Kaiser ...

FTC warns of legal action for failure to protect against open source vulnerabilities—here’s how you can minimize risk

By Donald Fischer on January 7, 2022
This week, in response to the ongoing fallout from the Log4Shell vulnerability, the United States Federal Trade Commission issued an alert warning ...

Don't miss the latest from Tidelift

Filter by Topic