<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Introducing the 2024 Tidelift maintainer impact report

Today I’m excited to share our 2024 Tidelift maintainer impact report.
Lauren Hanford
by Lauren Hanford
on November 21, 2024

Lauren Hanford

Lauren Hanford

Recent Posts

Case study: The business impact of paying open source maintainers to scale real-world application security

By Lauren Hanford on October 29, 2024
What if your team could save $1 million while improving the security and resilience of an application that your company depends on to deliver ...

Product update: Prioritize the most impactful work with contextualized end-of-life package and version insights

By Lauren Hanford on June 27, 2024
A few weeks ago, we announced the availability of open source package end-of-life data as part of the Tidelift Subscription. Today we are extending ...

Product update: Using end-of-life package data to identify and eliminate bad open source packages

By Lauren Hanford on May 7, 2024
Tidelift helps organizations remove risk to their revenue, data, and customers from bad open source packages. Bad packages (by which we mean ...

New report from Atlantic Council finds paying maintainers can positively impact open source security

By Lauren Hanford on April 23, 2024
A new report just out last week from the Digital Forensic Research Lab (DFRLab) at the Atlantic Council found that open source projects with funding ...

The ROI of paying open source maintainers (in light of the xz utils backdoor)

By Lauren Hanford on April 8, 2024
As we continue to watch the attempted xz utils backdoor hack unfold, I’ve been following several conversations where questions are being raised about ...

Introducing new capabilities to proactively manage open source software supply chain risk

By Lauren Hanford on October 11, 2023
Open source changes at a breathtaking rate in modern software development. Development teams make many choices each day about what packages to start ...

New data showing the impact of paying maintainers to improve open source security

By Lauren Hanford on June 15, 2023
Today, I’m excited to release our 2023 open source maintainer impact report—our first annual overview of the strategy and results from securing the ...

Tidelift advisory: How the proposed CISA self-attestation form impacts open source

By Lauren Hanford on May 1, 2023
On April 27, CISA released a proposed draft of the long-awaited self-attestation form organizations selling software to the government will need to ...

Introducing TACOS: Trusted Attestation and Compliance for Open Source

By Lauren Hanford on April 4, 2023
In the previous blog posts of this series, I talked about the NIST Secure Software Development Framework and its impact on open source software, and ...

Don't miss the latest from Tidelift

Filter by Topic