Open Source Risk & Compliance Management
In this section you will find backgrounds and general information on management of risks associated with the usage of open source components. Due to the legal risk associated with the usage and application open source compliance this topic is the main focus. Besides the conceptual and methodological background this section will guide you to links on the how-to documentations explaining how to achieve a given task or goals within TrustSource. If you already are familiar with the tasks associated while managing open source risks or compliance, please select any of the sections FAQ, how to (step-by-step explanations) or features explained.
Frequently asked questions
- Q: Is it necessary to apply for an OSI-approved license to publish OSS?
- Q: Are the license terms of a product unrelated to the license terms of OSS?
- Q: Does the OSS disclaimer remain valid even if OSS is incorporated into the product?
- Q: Is it possible to use the sample code published in OSS books?
- Q: Can I use documents or diagrams on OSS for my product under the OSS license?
- Q: Can I use it within my company, even if commercial use is prohibited?
TrustSource Concepts
Manage vulnerabilities
Manage legal compliance
- Understanding the legal setup determining license suitability
- Managing Allow- and Deny-Lists
- Enforce Allow-listing
- Creating an open source policy
- Upload and distribute the policy to your organization
- Invite colleagues and organizational members