Developing software is a bit like playing LEGO: You assemble thousands of Open Source (OSS) components into a new product. Once assembled, the origin of the individual building blocks is difficult to trace – with consequences for compliance and security. Software development rarely starts from scratch. Development teams fall back on existing “legacy” code, work with third-party suppliers and rely

In this article Kendra Morton, Product Marketing Team Leader at Revenera, discusses how the software industries relies on open source software. She observes that most applications are a mix of proprietary code a mix of third-party and open source software. Morton describes of the acceleration production process and the rise of software complexity. Morton identifies some challenges like the increase

Revenera just released “The 2022 State of the Software Supply Chain Report”, which collects over 100 Revenera audit services projects and covers several topics around OSS such as Software Composition Analysis, License Compliance, Security Vulnerabilities, Open Source Licenses, the SBOM, the Supply Chain etc. The report is a response to the increase in OSS dependencies as well as the increase