<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Tidelift advisory | “Text4Shell” Apache Commons Text vulnerability: what you need to know and do

In this advisory, we will address the core facts regarding the recently disclosed security vulnerability in the Apache Commons Text project, which ...
Donald Fischer
by Donald Fischer
on October 19, 2022

New NSA, CISA, ODNI best practices for securing the open source software supply chain

By Donald Fischer on September 6, 2022
Last week, in a response to the ever-growing list of software supply chain attacks (SolarWinds and Log4Shell specifically), the U.S. National ...

Tidelift’s take on the U.S. Cyber Safety Review Board Report on Log4Shell vulnerability

By Donald Fischer on July 15, 2022
Yesterday, the U.S. Department of Homeland Security released the first report from the recently created Cyber Safety Review Board (CSRB), reviewing ...

You're invited:  Log4Shell, open source maintenance, and why SBOMs are critical now

By Amy Hays on March 1, 2022
Did you or your development team lose some nights, weekends, or holidays when the Log4Shell vulnerability broke over the 2021 holidays? You weren't ...

Recap: Tidelift at AWS Startup Showcase

By Kristina Kaldenbach on February 3, 2022
We were excited to be one of eight companies featured at the AWS Startup Showcase last week. Tidelift CEO and co-founder Donald Fischer talked with ...

How to prepare your organization for the next Log4Shell

By Kanish Sharma on February 1, 2022
The last few months have seen a flurry of activity around improving cyber security and the overall health and safety of the open source software ...

Tidelift at AWS Startup Showcase

By Kristina Kaldenbach on January 20, 2022
We are honored to be a part of the AWS Startup Showcase coming up on Wednesday, Jan. 26 this year. AWS partnered with theCUBE to bring together 8 ...

Donald Fischer chats with SiliconANGLE about how Tidelift can help organizations prepare for the next Log4Shell

By Kristina Kaldenbach on January 13, 2022
We are honored to be a part of the AWS Startup Showcase coming up on Jan. 26 this year. AWS partnered with theCUBE to bring together 8 innovative ...

FTC warns of legal action for failure to protect against open source vulnerabilities—here’s how you can minimize risk

By Donald Fischer on January 7, 2022
This week, in response to the ongoing fallout from the Log4Shell vulnerability, the United States Federal Trade Commission issued an alert warning ...

Log4Shell: What your organization needs to know about the zero-day vulnerability in Log4j, and how Tidelift can help

By Kanish Sharma on January 5, 2022
It was less than a month ago that news of the Log4j vulnerability called Log4Shell broke. The news and fixes around the zero-day vulnerability in ...

Don't miss the latest from Tidelift

Filter by Topic