Resources

In a continuing effort to bolster and secure the nation’s software supply chain, the Biden administration issued the 2023 National Cybersecurity Strategy. This plan focus’ on enhancing the country’s defenses against emerging threats, such as ransomware and supply chain attacks. Listen to this podcast to better understand what's outlined in the report and what it may mean to you as a software provider. 

In this podcast Revenera experts break down the details of the two high severity OpenSSL vulnerabilities. Understand your next steps and what you should be doing to identify and remediate these issues.

Better manage your software supply chain with SBOM Insights from Revenera. SBOM Insights ingests data from a wide range of sources—both inside and outside your organization—and then unifies all SBOMs into a single actionable view.

When open source components are used, that code is authored by someone who licenses the use of the code to others. Licenses vary and so do the legal obligations of the user. Listen to this podcast to learn about attribution obligations.

The Spring4Shell vulnerability can be exploited when an attacker sends a specially crafted query to a web server running the Spring Core framework. Listen to this podcast to learn what it is and steps to take.

Expert in open source audit analysis explains the difference between Static linking and Dynamic linking, how users can avoid conflict with LGPL licensed code, and a clear explanation on the basics of GPL linking exceptions.

Experts talk about key learnings from the Log4Shell vulnerability, SBOM initiatives, ongoing diligence, and the importance of being proactive in understanding what’s in your code.

Where are we now with Log4j? What’s been the fallout? In this podcast we'll talk about what we learned from it to apply to processes going forward to better prepare for the next Log4Shell-type vulnerability down the road.

Watch this podcast for everything you need to know about the critical Apache Log4j security vulnerability, including what it is, potential impact, and important steps you should take now.

Revenera experts discuss key considerations focusing on supply chain security including actionable steps when looking to implement or consider supply chain security and license compliance.

Revenera experts discuss key considerations focusing on supply chain security including application security and the importance of the Software Bill of Materials.

Practical advice to managing a security issue when one comes up and how to get ahead of future security problems.

Once an organization has taken on a security initiative, what is the benefit to integrating security with a Software Composition Analysis solution? Learn more.

The responsibility for security and license compliance in your software falls to security, developer and legal teams. What happens when an issue comes up that requires fast remediation?

Cyber threats are more real today than ever before. The industry is responding with new regulations. Get the right advice for a successful cyber program.

Manage license compliance and security vulnerabilities in your software components with Revenera Software Composition Analysis.