Software Supply Chain Security
...is nowadays a central element of any software solution. Understanding what is used to produce your software solution or product with digital elements, managing dependencies, learning about the security risks and identifying vulnerabilities being introduced by 3rd party components used to build the solution stack. This chapter will address all these aspects, tell more about the solution concepts and introduce, how TrustSource and the TrustSource solutions and tools were designed to support you solving all these challenges.
Frequently asked questions
- Q: Is it necessary to apply for an OSI-approved license to publish OSS?
- Q: Are the license terms of a product unrelated to the license terms of OSS?
- Q: Does the OSS disclaimer remain valid even if OSS is incorporated into the product?
- Q: Is it possible to use the sample code published in OSS books?
- Q: Can I use documents or diagrams on OSS for my product under the OSS license?
- Q: Can I use it within my company, even if commercial use is prohibited?
TrustSource Concepts
Manage vulnerabilities
Manage legal compliance
- Understanding the legal setup determining license suitability
- Managing Allow- and Deny-Lists
- Enforce Allow-listing
- Creating an open source policy
- Upload and distribute the policy to your organization
- Invite colleagues and organizational members