Telecom Cloud and its Open Source Risks

According to federal cyber authorities, some new and emerging technologies that are taking over the telecoms space are presenting inherent security risks to users and providers. These open-source options provide companies with simpler tools whilst using vulnerable code that can leave spaces for third parties and hackers to breach systems. Open source interfaces and components
Tagged under: ,

Avoid Surprises: Don’t Let Open Source Issues Impact a Transaction

Open source software (OSS) is becoming increasingly popular and widely used by companies of all sizes, but a challenge for businesses. One of the biggest challenges is ensuring the software is used in compliance with the licenses of each component. This is particularly important for companies involved in mergers and acquisitions, as they need to
Tagged under: ,

Software Security Checkpoints in the SDLC

How Widespread Are Software Security Checkpoints in the SDLC? According to the 13th and latest edition of the annual Synopsys Building Security In Maturity Model (BSIMM) report, 90% of the member organisations surveyed have established software security checkpoints in their software development lifecycle (SDLC), suggesting this is an important step in their software security initiatives.
Tagged under: ,

The Balance Between Open Source Software and Monetisation

Can OSS Be Commercially Viable? It is commonly assumed that OSS and monetisation do not readily go hand in hand. After all, OSS is commonly referred to as “free software”. However, it is a slight misconception that “free” means “free of charge” in this context. It actually refers to the freedom of open source users
Tagged under:

Why it’s important to not ignore Log4j

Open-source software is becoming more popular, which is beneficial for many reasons, but with this comes an inevitable rise in the number of open-source vulnerabilities and misconceptions. In this blog, we will explore why you shouldn’t ignore Log4j or leave high-severity vulnerabilities in application codes. Vulnerability analysis A recent statistic claimed that “96% of Log4j
Tagged under:

The risks of neglecting open source developers

Nowadays, it is rare to find a business which does not use open source software. OpenUK’s 2022 “State of Open” report found that although 89% of businesses were relying on OSS, many of them had no idea of its details, despite this software being essential for the running of the business.  A responsible business should
Tagged under:

How government can rebuild trust in open source software

Open source software (OSS) provides developers with many benefits, allowing them to streamline common features and tasks within the software, leaving more time for the development of project-specific elements which are unique to the software they are building.  Unfortunately, the popularity of OSS means that it is a target for cyber criminals. Lacking the rigorous
Tagged under:

Know your ingredients! How SBOMs protect code

What is an SBOM? When making a good meal or buying food in the supermarket, we always pay attention to the ingredients used. You wouldn’t use meat of unknown origin in your chilli or make an omelette with eggs if you thought they might be out of date. If your friend is allergic to peanuts,
Tagged under:

How to start an Open Source Program Office (OSPO)

What is an OSPO? In the modern world, tech companies are becoming more reliant on open source software (OSS) when building their solutions. The open source libraries from which developers take OSS components are governed by licences. Complying with the licence is the responsibility of the organisation using the library, and failure to do this
Tagged under:

Using open source software responsibly

Why is responsible OSS usage important? Nowadays, it is difficult to find a software development project that doesn’t rely on OSS to a greater or lesser extent. That includes, but is not limited to, any web client, node.js, Java or .NET software, and UI widgets. Open source software is a living, breathing ecosystem and, like
Tagged under: