Open Source & More - Blog | Tidelift

Featured

New NSA, CISA, ODNI best practices for securing the open source software supply chain

Last week, in a response to the ever-growing list of software supply chain attacks (SolarWinds and Log4Shell specifically), the U.S. National ...

by Donald Fischer
on September 6, 2022

Tidelift’s take on the U.S. Cyber Safety Review Board Report on Log4Shell vulnerability

By Donald Fischer on July 15, 2022

Yesterday, the U.S. Department of Homeland Security released the first report from the recently created Cyber Safety Review Board (CSRB), reviewing ...

Three key facts to consider when developing with open source in a post-Log4Shell world

By Amy Hays on March 29, 2022

A few weeks ago, Tidelift CEO and co-founder Donald Fischer sat down with guest speaker Sandy Carielli from Forrester to chat about Log4Shell, open ...

Recap: Tidelift at AWS Startup Showcase

By Kristina Kaldenbach on February 3, 2022

We were excited to be one of eight companies featured at the AWS Startup Showcase last week. Tidelift CEO and co-founder Donald Fischer talked with ...

Tidelift at AWS Startup Showcase

By Kristina Kaldenbach on January 20, 2022

We are honored to be a part of the AWS Startup Showcase coming up on Wednesday, Jan. 26 this year. AWS partnered with theCUBE to bring together 8 ...

Donald Fischer chats with SiliconANGLE about how Tidelift can help organizations prepare for the next Log4Shell

By Kristina Kaldenbach on January 13, 2022

We are honored to be a part of the AWS Startup Showcase coming up on Jan. 26 this year. AWS partnered with theCUBE to bring together 8 innovative ...

FTC warns of legal action for failure to protect against open source vulnerabilities—here’s how you can minimize risk

By Donald Fischer on January 7, 2022

This week, in response to the ongoing fallout from the Log4Shell vulnerability, the United States Federal Trade Commission issued an alert warning ...

Log4Shell: What your organization needs to know about the zero-day vulnerability in Log4j, and how Tidelift can help

By Kanish Sharma on January 5, 2022

It was less than a month ago that news of the Log4j vulnerability called Log4Shell broke. The news and fixes around the zero-day vulnerability in ...

Tidelift briefing: What you need to know about the Log4Shell vulnerability

By Mark Galpin on December 15, 2021

It’s Wednesday, December 15, 2021. It has been a mad scramble over the last few days to understand the impact of the Log4Shell vulnerability (first ...

Log4Shell highlights the need to proactively cooperate with open source maintainers at scale

By Luis Villa on December 14, 2021

Over the weekend, there was much ado on tech Twitter about the Log4Shell vulnerability and the reality of unpaid maintainers being asked to shoulder ...

RSVP: How to reduce your organization's reliance on "bad" open source packages

Featured

New NSA, CISA, ODNI best practices for securing the open source software supply chain

Tidelift’s take on the U.S. Cyber Safety Review Board Report on Log4Shell vulnerability

Three key facts to consider when developing with open source in a post-Log4Shell world

Recap: Tidelift at AWS Startup Showcase

Tidelift at AWS Startup Showcase

Donald Fischer chats with SiliconANGLE about how Tidelift can help organizations prepare for the next Log4Shell

FTC warns of legal action for failure to protect against open source vulnerabilities—here’s how you can minimize risk

Log4Shell: What your organization needs to know about the zero-day vulnerability in Log4j, and how Tidelift can help

Tidelift briefing: What you need to know about the Log4Shell vulnerability

Log4Shell highlights the need to proactively cooperate with open source maintainers at scale

Don't miss the latest from Tidelift

Filter by Topic

Address

Tidelift

Product

Resources

For Maintainers