<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

$27m to improve open source health and security with Tidelift’s partnered maintainers

Today we’re excited to announce that Tidelift has closed on $27 million of Series C funding, led by Dorilton Ventures with participation by Kaiser ...
Donald Fischer
by Donald Fischer
on May 24, 2022

FTC warns of legal action for failure to protect against open source vulnerabilities—here’s how you can minimize risk

By Donald Fischer on January 7, 2022
This week, in response to the ongoing fallout from the Log4Shell vulnerability, the United States Federal Trade Commission issued an alert warning ...

Pay to play? Don't expect maintainers to solve your supply chain issues for free

By Luis Villa on August 24, 2021
For a long time, there were two basic tests for releasing open source: “does it do what I need it to do?” and “does it compile?” Sure, it was nice if ...

Improving the health and security of the open source supply chain

By Amy Hays on June 29, 2021
Until recently, the term “software supply chain” was rarely uttered outside of the offices of CIOs and senior government officials. But in the wake ...

Thinking upstream about the White House cybersecurity executive order 14028

By Donald Fischer on May 19, 2021
The upstream parable Stop me if you’ve heard this one before.

Tidelift advisory | Impacts of the new White House cybersecurity executive order 14028 on application development teams

By Donald Fischer on May 13, 2021
Yesterday, the White House issued a much anticipated executive order on improving the cybersecurity of the United States. I’d like to share some of ...

Three new features that can help minimize the risk of open source software supply chain attacks

By Jeff Stern on May 13, 2021
Welcome to the May 2021 edition of the Tidelift product update, or Pupdate for short! The Pupdate is our monthly rundown of new features and ...

Tidelift advisory: facts about recent wave of software supply chain attacks and how to address them

By Donald Fischer on March 30, 2021
There has been a huge spike in online searches around words like “SolarWinds” and “Hafnium Microsoft Exchange” in recent days and weeks—and for good ...

Tidelift catalogs and the rising urgency of managing your open source supply chain

By Donald Fischer on February 2, 2021
Today, Tidelift is introducing several exciting elements of the Tidelift Subscription that help organizations more efficiently manage the health of ...

Justin Rackliffe of Fidelity Investments on best practices for managing your open source supply chain

By Donald Fischer on May 5, 2020
Last week, I co-hosted a virtual roundtable with Justin Rackliffe, the Director of Open Source Governance at Fidelity Investments. The goal was to ...

Don't miss the latest from Tidelift

Filter by Topic

See All