As the implementation deadline for the revised Network and Information Systems Directive (NIS2) approaches, companies across the EU need to take action to ensure compliance with the directive. NIS2, which came into force on January 16, 2023, replaces the original NIS1 Directive and aims to harmonize and improve cybersecurity across member states. With its broader scope, risk-based approach and focus

Open Source Software (OSS) is everywhere and has become indispensable for modern software development. A typical software product today often contains more than 90% open source. The use of OSS has continued to skyrocket in recent years for a variety of reasons. Alarmed by spectacular cyberattacks on the software supply chain, the USA has issued regulations such as the “Executive

The more ubiquitous open source software becomes, the greater potential it has to bring hidden risk to organizations because of open source dependencies and their security vulnerabilities, as well as improper licensing. Those risks are the subject a new IDC report, “Addressing the Hidden Costs of Embedding Open Source Software.” The vulnerabilities presented by open source dependencies are real, but

In yet another resounding vote of confidence for open source software, several of the world’s technology giants recently announced that they were joining together to explore tools and best practices to better secure it, with Microsoft’s CTO, saying in a blog that “open-source software is core to nearly every company’s technology strategy.” As open source software becomes “core to every

Over the past decade I have observed how the sentiment around Open Source Disclosure has changed from why should I tell what open source I use to how should I do it and even how do I do it better than my competitors? During my recent vacation (before the world had collapsed into the pandemic paralysis) I have rented a

Software providers, developers, companies, and enthusiasts are realizing the importance of Software Composition Analysis (SCA) in the realm of modern application development. Net, no one wants be tomorrow’s headline. To understand the role of SCA, a broad perspective is important. SCA offers advantages and added value for organizations that want to develop secure and better products. This is the only