<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Webinar recap: how to use Tidelift alongside your SCA tool

One question we sometimes get when talking to customers: how does Tidelift fit in with software composition analysis (SCA) tools, like Black Duck, ...
Kristina Kaldenbach
by Kristina Kaldenbach
on November 7, 2023

A maintainer-verified approach to minimizing false positives

By Kanish Sharma on October 19, 2022
Software composition analysis (SCA) tools have long been a popular way to identify security and licensing issues with open source packages. While ...

Recap: Why software composition analysis tools are not enough

By Caitlin Bixby on October 4, 2022
Last week, Tidelift CEO and co-founder Donald Fischer explored why software composition analysis (SCA) tools alone are not enough to robustly address ...

Let's talk about the hidden challenges of securing the open source software supply chain

By Amy Hays on September 8, 2022
Fact: most application developers love open source because it makes them more productive. Also a fact: Open source brings with it some security and ...

New NSA, CISA, ODNI best practices for securing the open source software supply chain

By Donald Fischer on September 6, 2022
Last week, in a response to the ever-growing list of software supply chain attacks (SolarWinds and Log4Shell specifically), the U.S. National ...
  • There are no suggestions because the search field is empty.

Don't miss the latest from Tidelift

Filter by Topic