Welcome To Our Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Now Tech: Software Composition Analysis, Q2 2021

You can use software composition analysis (SCA) to eliminate vulnerable components, reduce license risk, and apply consistent policies during the software development life cycle (SDLC). But to access these benefits, you’ll first have to select from a diverse set of vendors — vendors that vary by size, functionality, geography, and vertical market focus. Security professionals...

Selecting Technology Solution To Comply With OpenChain ISO Standard

OpenChain ISO/IEC 5230 is the International Standard for open source license compliance. Its relevance to modern software development is growing and it allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. The need to manage the software supply chain has never been more important given the ever-increasing dependence on third party...

Renovating with Renovate

Renovate was originally created to scratch an internal itch, so we’ve been both enjoying its capabilities and testing them from day one. When people get started or get comfortable with using Renovate, it’s pretty understandable that they might look at the Renovate project itself as a reference user. We’ve put together this post to share how...

ISIT Shifting Compliance & Security Left – Into the Hands of The Developers

The software world is alive with talk of shifting left – but what does it really mean? Theoretically, it means shifting responsibility for security & compliance to developers. In practice, it largely means enriching CI/CD processes to detect problematic licenses & vulnerabilities before they reach the main branch or production.  Shiri Arad Ivtsan, Director of Product Management at WhiteSource will discuss...

FOSSAware -Software Composition Analysis application as part of an effective Open Source compliance program

Encompassing over two-thirds of the average commercial software, open-source has become an essential part of modern software development. Undermanaging the consumption and redistribution of Open source expose the enterprise to extensive legal and security risks and is no longer a viable option. Having an effective Open Source compliance program is a key differentiator marking industry-leading...