Tag / Software Supply Chain

  • Introduction Proper Open Source compliance gives you the ability to honor the obligations of open source licenses while protecting your own Intellectual Property (IP), as well as that of 3rd party software providers, from unintended disclosure. Companies that use open source software in their products should establish such a program to ensure compliance with all open source licenses. Basic elements of a compliance program include: policies, processes, guidelines, training, and automated source code audits. Compliance activities must be carefully planned and monitored to assure that objectives are met in a timely manner. There are three fundamental steps that comprise the core of a Free & Open Source Software (FOSS) compliance process: Identifying any open source software contained in an externally distributed product Reviewing and approving the intended use of FOSS Satisfying FOSS license obligations In this blog post, I’ll discuss a 7-step system you can use to improve and strengthen […]

    Read More