Learn how an open source program office (OSPO) - a bureau of open source experts within your organization dedicated to overseeing how your company uses, creates and contributes to free software - could helps secure your software supply chain.
It’s nearly impossible these days to build software without using open source code. But all that free software carries additional security risks.
Organizations grapple with how best to secure their open source software supply chain. But there’s another problem: Many companies don’t even know how many open source applications they have — or what’s in them.
The worst-case scenarios include debacles like 2021’s Log4j security vulnerability, or what happened with SolarWinds’ proprietary Orion network monitoring product, which was infected with malware in 2020.