If you rely on 3rd-party content but you don’t know that it’s in your code, then how can you be sure that there are no undiscovered vulnerabilities? How can you be aware that you’re adequately addressing the IP requirements of the 3rd-party in your code?
What's in your code?
From an OSS and IP management perspective the answer becomes less clear once we take a few minutes to actually inspect and audit the source code. Let's have a look at what a closer inspection reveals.
Thank you to all who attended and a special thanks to Heather Meeker for allowing us to be a part of the book release! A beautiful night in San Francisco with great company, good conversations and plenty of networking!
The recent article by Sean Michael Kerner "Why All Linux (Security) Bugs Aren't Shallow" on www.esecurityplanet.com highlights some of the recent vulnerabilities and security breaches in Open Source Software.
Palamida software products do not use the component OpenSSL, the subject of the recent vulnerability announcement (OpenSSL 1.0.1 before 1.0.1g, CVE 2014-0160), and therefore are not impacted.