Governance & Risk Management

Handling Open-Source Content Licensing: Wrong Answers Only

Mend Security's Jeanette Sherman on the Need to Identify Code, License Types
Jeanette Sherman, senior product marketing manager, Mend Security

When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code.Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.

She explains why you need to identify not just direct dependencies but also transitive dependencies.

In this interview, Sherman also discusses:

  • Why failure to ensure visibility over open-source software use can be costly;
  • How the problem encompasses both your existing code base and new code in development;
  • How automating software competence enables you to pick which license types you want to allow, decline or examine more.

Sherman


About the Author

Tony Morbin

Tony Morbin

Executive News Editor, EU

Morbin is a veteran cybersecurity and tech journalist, editor, publisher and presenter working exclusively in cybersecurity for the past decade – at ISMG, SC Magazine and IT Sec Guru. He previously covered computing, finance, risk, electronic payments, telecoms, broadband and computing, including at the Financial Times. Morbin spent seven years as an editor in the Middle East and worked on ventures covering Hong Kong and Ukraine.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing securityintelligence.inforisktoday.com, you agree to our use of cookies.