Navigating Open-Source-Compliance in 2024: The Critical Role of Scanning Depth and SBOMs In the evolving landscape of cybersecurity and software compliance, the importance of open source compliance cannot be overstated. New regulatory requirements like the Cyber Resilience Act (CRA), the Network and Information Security Directive (NIS2), and the Digital Operational Resilience Act (DORA) have introduced stricter obligations for organizations, especially

Imagine you could search through every single component of your software like a map – identify risks at a glance, track down hidden dependencies and effortlessly expose vulnerabilities. This is exactly what a software bill of materials (SBOM) makes possible! This article explains why this “list of ingredients” is indispensable for modern software projects today, especially as open source now

Ms. Wittman is a lawyer in Munich and a partner at Bitsea. To enhance digital operational resilience, the European Commission has introduced the Digital Operational Resilience Act (Regulation (EU) 2022/2554 – “DORA”) as part of its Digital Finance Package 2020. Currently, regulations on digital resilience are scattered across various sector-specific EU laws and guidelines (e.g., MiF II, CRD, PSD2, Guidelines

What is the NIS2 Directive? The NIS2 Directive, or the Directive on Security of Network and Information Systems, is a European Union (EU) directive that aims to enhance the overall cybersecurity and resilience of network and information systems across various critical sectors. NIS stands for Network and Information Systems. The directive was initially adopted in 2016 and became effective in

Open source in focus: Dora, vulnerabilities and the security of the software supply chain In a world where open source is ubiquitous, experienced developers no longer rely on reinventing the wheel. Their secret weapon? Open source. The reasons for using it are to improve productivity, shorten development time and reduce development costs. But now the Digital Operational Resilience Act (DORA),

What is DORA? DORA stands for Digital Operational Resilience Act. DORA is EU regulation aiming at financial institutions which defines EU-wide uniform requirements to guarantee a consistent level of maturity in cybersecurity and operational resilience for all their operations within the EU. DORA is structured around four fundamental principles: IT and Cybersecurity Risk Management: Financial institutions would be required to

Open source software (OSS) is driving the automobile industry into the future. Automakers are looking to the advancement of integrated technology to power not just engines, but market share as well. Autonomous vehicles, sensor technology, speed monitoring, fuel efficiency tracking, diverse mobility, and social and In-Vehicle Infotainment (IVI) applications are just a few of the most recent advancements that inevitably

Bitkom has just published the brand new Bitkom Open Source Monitor 2023. Bitkom is the digital association in Germany; its members include more than 1,000 medium-sized companies, over 500 start-ups and almost all global players. The Open Source Monitor 2023 provides insightful answers to questions about the status quo, possible uses and challenges of open source software in Germany. You

Developing software is a bit like playing LEGO: You assemble thousands of Open Source (OSS) components into a new product. Once assembled, the origin of the individual building blocks is difficult to trace – with consequences for compliance and security. Software development rarely starts from scratch. Development teams fall back on existing “legacy” code, work with third-party suppliers and rely

In this article Kendra Morton, Product Marketing Team Leader at Revenera, discusses how the software industries relies on open source software. She observes that most applications are a mix of proprietary code a mix of third-party and open source software. Morton describes of the acceleration production process and the rise of software complexity. Morton identifies some challenges like the increase

Introduction Open Source Software (OSS) is everywhere and has become indispensable for modern software development. Open Source is driven by communities: the projects, which make their source code freely available, are either kept alive by individual developers, or supported by a broad community, or managed by individual companies as a business model. Even in case of a larger project community,

Bitkom just released the brand new Bitkom Open Source Monitor 2021. Bitkom is Germany’s digital association, members come from more than 1,000 SMEs, over 500 startups and virtually all global players. The study is the result of a survey of more than 1,100 companies. Following the first edition two years ago, it shows what role open source software plays in

Open source software (OSS) is everywhere and has become indispensable for modern software development. In addition to its enormous distribution, open source software is characterized by the special way in which it is created. Much of it is developed through the collaboration of experts, sometimes from all over the world, and made available on the Internet. Companies hope that this

Open Source (OSS) is everywhere. Nowadays, hardly any project can be carried out economically if existing software packages are not reused. This is advantageous for software development: The usage of Open Source increases the speed of development, reduces costs, and very often is of higher quality then similar code written in-house due to extensive collaboration of many people. Open Source