What is your organization’s current strategy for managing open source components?
Do you have a way to vet the packages you use to ensure they are well maintained and secure? Do you have a list of permissible licenses, with only packages using those licenses being allowed in your build? Do you have a policy for how new open source components get vetted by your security or compliance teams?
Or perhaps you just download new packages as needed, and hope that no issues with them ever come up?
If you’ve ever thought that there should be a better way to ensure the open source components you bring into your organization are safe, secure, and well maintained, you’ll want to learn more about how to implement a managed open source strategy.
Managed open source is an approach that takes all the complexities of choosing and using open source components to develop applications, and makes them someone else’s problem.
In this new video, Tidelift co-founder and CEO Donald Fischer explains the Tidelift approach to managed open source, which is centered around the Tidelift Subscription. Check it out!