Bitsea GmbH, a leading provider of IT services and open source compliance analysis based in Germany, announces the acquisition of Revenera’s Auditing Services team. As part of this strategic expansion, Bitsea has established a new subsidiary in the United States: Bitsea US, Inc. By integrating this experienced team, Bitsea strengthens its international presence and strategically expands its capabilities in software

Open source software (OSS) is driving the automobile industry into the future. Automakers are looking to the advancement of integrated technology to power not just engines, but market share as well. Autonomous vehicles, sensor technology, speed monitoring, fuel efficiency tracking, diverse mobility, and social and In-Vehicle Infotainment (IVI) applications are just a few of the most recent advancements that inevitably

Developing software is a bit like playing LEGO: You assemble thousands of Open Source (OSS) components into a new product. Once assembled, the origin of the individual building blocks is difficult to trace – with consequences for compliance and security. Software development rarely starts from scratch. Development teams fall back on existing “legacy” code, work with third-party suppliers and rely

In this article Kendra Morton, Product Marketing Team Leader at Revenera, discusses how the software industries relies on open source software. She observes that most applications are a mix of proprietary code a mix of third-party and open source software. Morton describes of the acceleration production process and the rise of software complexity. Morton identifies some challenges like the increase

Back in February Revenera posted a blog titled “2021 Will Be the Year of the Automated Software Bill of Materials”. That prediction got a lot closer to reality by an executive order signed by President Biden. The order—focused on cybersecurity—includes new security requirements for software vendors selling software to the U.S. government. Some of the specific requirements in the order

Some 80% or more of most application code in modern software comes from dependencies, code referenced and bundled to make a software package work. Dependencies can be direct or transitive, the latter being sort of dependencies of dependencies. Javascript repositories, for instance, have on average 10 direct dependencies and 683 transitive dependencies, GitHub’s 2020 State of the Octo-verse report found.

The more ubiquitous open source software becomes, the greater potential it has to bring hidden risk to organizations because of open source dependencies and their security vulnerabilities, as well as improper licensing. Those risks are the subject a new IDC report, “Addressing the Hidden Costs of Embedding Open Source Software.” The vulnerabilities presented by open source dependencies are real, but

There are a few factors driving the increased use of open source—digital transformation, competitive pressures, and innovation, to name a few. All valid. What I want to talk about, however, is the role dependencies play in the elevated volumes of open source playing out in all companies in all industries everywhere. In most cases, developers can freely choose whatever open