<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">


Maintainer panel: Hear from maintainers in a post-xz utils backdoor world

A few weeks ago, a very sinister, sophisticated hack was uncovered in an obscure but ubiquitous Linux library called xz utils.
Amy Hays
by Amy Hays
on April 15, 2024

Upstream rewind: the 2023 Upstream maintainer panel and the insights that resonate in 2024

By Caitlin Bixby on April 11, 2024
As we count down to this year’s Upstream, we’ll be looking back at Upstream moments from years past. Discover how topics may have changed and how ...

Tidelift advisory: Final CISA Secure Software Development Attestation Form released

By Donald Fischer on March 12, 2024
On Monday March 11, CISA and the Office of Management and Budget (OMB) released the final version of the Secure Software Development Attestation Form ...

Why Tidelift joined FINOS

By Donald Fischer on March 7, 2024
Today, I’m excited to share that Tidelift has officially joined FINOS, the Fintech Open Source Foundation.

Software liability changes are coming. Are you ready?

By Donald Fischer on March 6, 2024
This week, CyberScoop reported on new developments in U.S. software cybersecurity liability:

What makes an open source package “bad” for enterprise use?

By Havoc Pennington on March 6, 2024
The most effective development teams adopt a proactive approach to managing the health and security of their open source dependencies. Explained in ...

Webinar recap: 2024 recommendations from IDC to proactively reduce open source risk

By Caitlin Bixby on February 29, 2024
Last week, we hosted a highly anticipated webinar with guest speaker Katie Norton, Research Manager at IDC. The task: to discuss the latest IDC ...

New White House ONCD report highlights importance of proactive approach to software security

By Donald Fischer on February 26, 2024
This morning, the U.S. White House Office of the National Cyber Director (ONCD) released a new report entitled Back to the Building Blocks: A Path ...

OS3I’s 2023 End of Year Report

By Luis Villa on February 13, 2024
Our friends at the Open-Source Software Security Initiative (OS3I), a federal interagency and stakeholder working group, recently released their ...

Recap: 2024 open source software security predictions webinar

By Caitlin Bixby on January 19, 2024
Webinar highlights: In the open source software security predictions webinar this week, our team of expert prognosticators sees 2024 bringing us open ...

Don't miss the latest from Tidelift

Filter by Topic