White paper: Addressing the hidden cost of embedding open source software
Provided by 
Revenera2020-11-19T04:32:00
“…modern DevOps teams are now more predisposed to seek out OSS solutions to help them more rapidly deliver value to their end users,” says Jim Mercer, Research Director, DevOps and DevSecOps with IDC.*
This increase requires a more demanding need for Software Composition Analysis to detect security and license compliance issues.
*IDC Analyst Brief, Sponsored by Revenera, “Addressing the Hidden Cost of Embedding Open Source Software,” #US46977220, November 2020
Sponsored white paper
Our white papers are prepared by our sponsors and are free to view.
How to download
You need to register for this site and agree to the sponsor’s conditions to be granted access.
Related articles
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
News BriefEU regulator questions 'culture of compliance' with Digital Markets Act at Apple, Google
The European Commission released its preliminary findings last week regarding Apple and Google not complying with the Digital Markets Act. It issued orders to both companies regarding their business practice and plans to release all of its findings next week.
-
PremiumMaking a pitch for compliance: The great chase for stakeholder engagement
Speakers at Compliance Week’s Ethics and Compliance Summit swapped engagement strategies rooted in human behavior, including with through the use of generative AI, free merchandise, and live events, to meet employees where they are.
More from Thought Leadership
-
ResourceWhite paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
-
ResourceWhite paper: Top 5 Mobile Compliance Best Practices
The message from the regulators is clear - having an off-channel policy for mobile communications is not good enough.
-
ResourceWhite paper: SEC doubles down on cyber risk management accountability
To help investors gain a better understanding of cyber risk, the US Securities and Exchange Commission (SEC) has created sweeping new rules—forcing companies to take a more proactive approach to cybersecurity.