A Break Down of the National Cybersecurity Strategy
In a continuing effort to bolster and secure the nation’s software supply chain, the Biden administration issued the 2023 National Cybersecurity Strategy. This plan focus’ on enhancing the country’s defenses against emerging threats, such as ransomware and supply chain attacks. Listen to this podcast to better understand what's outlined in the report and what it may mean to you as a software provider.
All About the Open SSL Vulnerabilities
In this podcast Revenera experts break down the details of the two high severity OpenSSL vulnerabilities. Understand your next steps and what you should be doing to identify and remediate these issues.
Manage Your Software Supply Chain
Better manage your software supply chain with SBOM Insights from Revenera. SBOM Insights ingests data from a wide range of sources—both inside and outside your organization—and then unifies all SBOMs into a single actionable view.
Legal Attribution for OSS Authors
When open source components are used, that code is authored by someone who licenses the use of the code to others. Licenses vary and so do the legal obligations of the user. Listen to this podcast to learn about attribution obligations.
Understanding the Exploitability of Spring4Shell
The Spring4Shell vulnerability can be exploited when an attacker sends a specially crafted query to a web server running the Spring Core framework. Listen to this podcast to learn what it is and steps to take.
Understanding GPL Linking Exceptions
Expert in open source audit analysis explains the difference between Static linking and Dynamic linking, how users can avoid conflict with LGPL licensed code, and a clear explanation on the basics of GPL linking exceptions.
Log4j weary? How to move forward.
Experts talk about key learnings from the Log4Shell vulnerability, SBOM initiatives, ongoing diligence, and the importance of being proactive in understanding what’s in your code.
Has the Dust Settled on Log4j?
Where are we now with Log4j? What’s been the fallout? In this podcast we'll talk about what we learned from it to apply to processes going forward to better prepare for the next Log4Shell-type vulnerability down the road.
The Apache Log4j Security Vulnerability
Watch this podcast for everything you need to know about the critical Apache Log4j security vulnerability, including what it is, potential impact, and important steps you should take now.
The Software Supply Chain: Episode 2
Revenera experts discuss key considerations focusing on supply chain security including actionable steps when looking to implement or consider supply chain security and license compliance.
The Software Supply Chain: Episode 1
Revenera experts discuss key considerations focusing on supply chain security including application security and the importance of the Software Bill of Materials.
Managing a Security Incident in an Application
Practical advice to managing a security issue when one comes up and how to get ahead of future security problems.