• +1.800.374.4353
  • Contact Us
  • Search
  • revenera.de
Revenera
Revenera
  • Search
    • Search
  • Blog
    • Software Installation
    • Software Composition Analysis
    • Software Monetization
  • Install
  • Protect
  • Monetize
  • Resources
  • About Us
  • Revenera.com
    • Homepage
    • Install
    • Protect
    • Monetize
    • Resources
    • About Us
  • Community
  • flexera.com
  • BLOG
  • Software Installation
  • Software Composition Analysis
  • Software Monetization
  • Subscribe
    • Get updates delivered to your inbox:

    • Follow Us:  

Software Composition Analysis – What’s in Your Code?

June Newsletter: The Latest Buzz in Software Composition Analysis Professional Services

In The News Software Composition Analysis Certification for Legal Professionals Log4j: Come out, come out wherever you are! Spring4Shell: Deep breath. Don’t panic. Mitigate. Field Notes: Understanding…

June 15, 2022 Michael Lelchuk

What’s Trending with SBOMs, Developers, and Code Scanning

Those involved in the world of software development are used to continuous change, high expectations, and industry interruptions that require constant pivoting, but the last couple of years have chall…

May 19, 2022 Alex Rybak

Spring4Shell: Deep breath. Don’t panic. Mitigate.

Development and security teams, software creators, and companies alike were hit once again with another vulnerability when news made its way online of a disclosure of a PoC for an unauthenticated zero…

April 4, 2022 Kendra Morton

Log4j: Come out, come out wherever you are!

On December 10th, 2021, a critical vulnerability was found in Log4j.  It impacts almost every organization which develops applications in Java, or that uses third-party software.  Vulnerabilities get …

March 11, 2022 Michael Lelchuk

Open Source: Trouble because of sudden license changes

Open Source does not mean that the use of the code is allowed without any restriction: The use is subject to conditions which are formulated by the author (copyright holder) in the form of a license. …

February 22, 2022 Kendra Morton

The story behind colors.js and faker.js

The bizarre case of the author who corrupted his own npm packages – colors.js and faker.js. Originally reported by Bleeping Computer on Jan 9th the author of npm packages colors.js and faker.js…

February 9, 2022 Marcus Lucero

The FTC’s warning to companies about the failure to protect against open source vulnerabilities

In direct response to the Log4j vulnerability, the United States Federal Trade Commission published an alert. Net? If your company does not take proactive steps to prepare for future vulnerabilities l…

February 4, 2022 Kendra Morton

Software supply-chain vulnerabilities: A close look on code

Vulnerabilities that affect the supply chain of software and its distribution are easily among the most terrifying experiences any company involved must endure. Such vulnerabilities typically affect a…

December 15, 2021 Lars Wiebusch

What you need to know about the Log4j security vulnerability

If you’re not scrambling to contain and fix this vulnerability, do so now. It’s a doozy folks! Every organization using third-party software or developing custom applications with the Java programming…

December 13, 2021 Kendra Morton

When is the right time to conduct an open source audit?

No matter what industry you are in, your company’s code most definitely contains code from someone else.  Today’s software is not written from scratch, but rather assembled from parts.  Th…

November 22, 2021 Michael Lelchuk

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • …
  • 11
  • »

Top 10 Posts

  • What is Software Composition Analysis?
  • Open Source Software Licensing: Not everything is as it seems.
  • Let’s Talk Open Source Trends (A 2020 Early Look)
  • June Newsletter: The Latest Buzz in Software Composition Analysis Professional Services
  • What’s Trending with SBOMs, Developers, and Code Scanning
  • Spring4Shell: Deep breath. Don’t panic. Mitigate.
  • Log4j: Come out, come out wherever you are!
  • Open Source: Trouble because of sudden license changes
  • The story behind colors.js and faker.js
  • The FTC’s warning to companies about the failure to protect against open source vulnerabilities
  • Software supply-chain vulnerabilities: A close look on code
  • What you need to know about the Log4j security vulnerability
  • When is the right time to conduct an open source audit?

Topics

  • Software Installation
  • Software Composition Analysis
  • Software Monetization

Tweets by Revenera

"The Product Manager’s Ultimate Guide to Successfully Transitioning to SaaS" is a must-read for software product managers tasked with implementing a SaaS product. The eBook covers a variety of topics relevant to transitioning to SaaS. Link down below.

http://ow.ly/KihJ50Jzv8S

Image for the Tweet beginning: "The Product Manager’s Ultimate Guide Twitter feed image.
Reply on Twitter 1540409613283217408 Retweet on Twitter 1540409613283217408 0 Like on Twitter 1540409613283217408 1 Twitter 1540409613283217408

Read the new IDC Perspective "The Monetization Eco-System - 2021 Edition." New monetization eco-systems are evolving to help software companies sell at the right price and deliver specific customer insights that drive product development.

http://ow.ly/yToy50JzuXc

Image for the Tweet beginning: Read the new IDC Perspective Twitter feed image.
Reply on Twitter 1540364689414230018 Retweet on Twitter 1540364689414230018 0 Like on Twitter 1540364689414230018 0 Twitter 1540364689414230018

"If what we’re looking for is consistent innovation on behalf of our customers, we need to architect a team topology that makes knowledge reside in teams and not the heads of individuals."

Afonso Franco on navigating team topology:

http://ow.ly/gkuV50JzuLq

Image for the Tweet beginning: "If what we’re looking for Twitter feed image.
Reply on Twitter 1540047227900534789 Retweet on Twitter 1540047227900534789 0 Like on Twitter 1540047227900534789 0 Twitter 1540047227900534789

There are lots of perks associated with using MSIX. This blog takes a look at The Package Support Framework (PSF) and showcases how it is the solution for your Win32 apps running in a containerized environment.

Read more.

http://ow.ly/CWvH50JzuIk

Image for the Tweet beginning: There are lots of perks Twitter feed image.
Reply on Twitter 1540002245546315777 Retweet on Twitter 1540002245546315777 0 Like on Twitter 1540002245546315777 0 Twitter 1540002245546315777

The reality is, the software supply chain continues to get more complicated. #Log4j is an example of what can happen to today’s IT systems which are highly vulnerable to attack. Click the link to read more about the FTC’s warning to software companies.

http://ow.ly/rAqs50JzuBB

Image for the Tweet beginning: The reality is, the software Twitter feed image.
Reply on Twitter 1539684819906580480 Retweet on Twitter 1539684819906580480 0 Like on Twitter 1539684819906580480 3 Twitter 1539684819906580480
LOAD MORE...
Search

Archive

Software Composition Analysis Tags

agpl    Apache    Apache Log4j    Apache Struts 2    Bootloader    CISA    color.js    Cybersecurity    faker.js    GitHub    GPL    GRUB2    Healthcare    IoT / Intelligent Devices    Java    Legal counsel    License Management    Linux    Log4j    Log4Shell    MIT License    NIST    node modules    npm    Nvidia    Open Source Audits    Open Source Compliance    Open Source Security    Open Source Software (OSS)    OpenChain    Oracle WebLogic    OSS Licenses    Patching    RCE    Remote Code Execution    SBOM    SCA    SCA Maturity Model    SDLC    shift left    software bill of materials    software dependencies    software developers    software development    software licenses    software supply chain    software vulnerability    Spring4Shell    third-party software    US Government    vulnerabilities    Windows   
About the Software Composition Analysis blog

A resource for developers, legal and security experts using and managing open source software. We encourage your feedback as we discuss trends and insights around open source security and license compliance. What is Software Composition Analysis?

Updates in your inbox

Give us your email and we’ll keep you in the loop

Revenera
  • +1.800.374.4353
  • Contact Us
  • Revenera Community
  • revenera.de
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram

© 2022 Flexera Software. All Rights Reserved.

Install

  • Install
  • Products
  • Services & Training

Protect

  • Protect
  • Business Solutions
  • Products

Monetize

  • Monetize
  • Business Solutions
  • Products

Resources

  • All Resources
  • Blog
  • Case Studies
  • Datasheets
  • Demos & Trials
  • Videos
  • Webinars & Events
  • White Papers & Industry Reports

About Us

  • About Us
  • Leadership
  • Media/Press Center
  • Partners
  • Careers
  • Contact Us
  • Terms and Conditions
  • Privacy Policy
  • Revenera.com Sitemap
© 2022 Flexera Software. All rights reserved.    Terms and Conditions    Privacy Policy