<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Tidelift advisory: New White House OMB guidance impacts organizations building apps with open source

Yesterday, the U.S. government’s Office of Management and Budget (part of the Executive Office of the President) released memorandum M-22-18 on ...
Donald Fischer
by Donald Fischer
on September 15, 2022

New NSA, CISA, ODNI best practices for securing the open source software supply chain

By Donald Fischer on September 6, 2022
Last week, in a response to the ever-growing list of software supply chain attacks (SolarWinds and Log4Shell specifically), the U.S. National ...

Deadline alert: OMB cybersecurity list of "critical software" due by Oct. 9

By Amy Hays on October 7, 2021
Back in May, the U.S. White House released cybersecurity executive order 14028, an attempt by the government to use its buying power to prevent high ...

Tidelift at Straight Talk for Government

By Amy Hays on September 7, 2021
We’re excited to be sponsoring the DevOps Institute’s Straight Talk for Government conference this Thursday. This one day virtual summit brings ...

Pay to play? Don't expect maintainers to solve your supply chain issues for free

By Luis Villa on August 24, 2021
For a long time, there were two basic tests for releasing open source: “does it do what I need it to do?” and “does it compile?” Sure, it was nice if ...

Software bills of materials are important—but they won't work at scale if we don't pay the maintainers

By Luis Villa on June 22, 2021
On June 2, the U.S. government posted a call for comments on the minimum elements that should be required in a software bill of materials (SBOM). At ...

Don't miss the latest from Tidelift

Filter by Topic