Supply chain security is rapidly emerging as a material risk for enterprise software buyers. Yet, despite best efforts from regulators to hold software publishers accountable, enterprise buyers ...

For a period of weeks during the middle of 2023, a threat actor known as “Storm-0558” which is widely associated with the government of the People’s Republic of China, successfully compromised the ...

Open source software makes inroads vs. proprietary software despite warnings of Microsoft, others. Open source software initially was a head-scratcher: “How can you make money selling something for ...

When the U.S. Government licenses commercial software, it generally does so under the same terms as any other commercial software licensee, unless the terms of that license are inconsistent with ...

In early December, the Department of Defense Intellectual Property Cadre hosted its inaugural “DoD IP Forum,” where government and industry leaders convened to debate the growing role of commercial ...

While prominent risks lay in third-party commercial software, open-source software modules and code repositories still accounted for the vast majority of supply chain risks in 2024. RL identified ...

After a series of entries about security threats from employees, I’d like to turn to something completely different: security issues relating to open source software. For those of you unfamiliar with ...