Articles / Presentations

Best Practices and Pitfalls for Using Open Source Components in Fintech (Synk webinar)

Open source in FSI: more leverage, less risk (warning Pandemic Haircut!!!)

“Just Enough Open Source: A kick start on security, license compliance, and business model – Open Source 101 Conference March 30 2021

Open Source Licensing: Types, Strategies and Compliance (All Things Open 2020)

The last 15 years of OSS compliance, current trends and the future (open Core Summit 2020)

Openchain: 15 Years in Open Source Compliance

ITProPortal: How to measure readiness for OSS vulnerabilities

The State of Open Source Software (OSS): 2016 Year in Review

2015 Year in Review The State of Open Source Software (OSS)

financialit: OSS Compliance in Banking and Finance

OSSF 2018 – Jeff Luszcz of Flexera – Common Open Source Intake Issues and How to Resolve Them

OSSF 2018 – Jeff Luszcz of Flexera – Day 2 – Open Source Culture, Standards, Risks, and Remediation: A Deep Dive

Automotive World: Understanding Open Source Software and automotive safety certifications

ITProPortal: OSS and third-party security risk: Lessons for IoT businesses

Linuxfest Northwest 2016: Securing Zombie code in your software

Linuxfest Northwest 2016: You’re Using Open Source, but are you respecting it?

Americas Business: Software CEO’s Unfamiliarity with Open Source and Third-party Use Places Banking and Financial Sector Businesses at Risk

Global Banking and Finance Review Magazine: Software CEO’s Unfamiliarity with Open Source and Third-party Use Places Banking and Financial Sector Businesses at Risk

DZone: Think Open-Source Software Is Free? Think Again…
Take control of the OSS in your product infrastructure and learn how to be a responsible user of open source software.

Network Security Newsletter: Apache Struts 2: how technical and development gaps caused the Equifax Breach

Five steps to managing Open Source Software vulnerability and license management

Open Source Adoption in Enterprises – The Risks, and How to Mitigate

Open Source Strategy Forum: Managing the Software Supply Chain Policies that Promote Innovation While Optimizing Security and Compliance

DZone: Open Source Lessons for IoT Companies

ITProPortal: Hackers “strut” in again at Equifax… What stopped the patch?

IDG Connect: The business rationale for an open source software internal audit

CLE Credit from The Knowledge Group: Open Source Software & the Technical Due Diligence Process

Creating An Environment for “Continuous Compliance” within Open Source Software (withh Martin Callinan)

Software Testing News: Why should we care about cutting and pasting open source code?

There’s A New Struts 2 Vulnerability, Take Heed

Dzone: Helping Make Open Source Secure, Compliant, and Sustainable With Jeff Luszcz of Flexera [Audio]

2018-06 Open Source Software – Implications for Internal Audit—Open-Source-Software—Implications-for-Internal-Audit.aspx

DZone: A Conversation With Jeff Luszcz

Webinar: Don’t Let Hackers Breach Your Data – Lessons learned from Apache Struts2, Heartbleed and Wannacry

Ignoring Open Source Components is Making Security Software Insecure