ITASCA, Ill., Aug. 30, 2023 (GLOBE NEWSWIRE) -- Revenera, producer of leading solutions that help technology companies build better products, accelerate time to value and monetize what matters, today announced conformance with OpenChain's ISO/IEC DIS 18974 open source security assurance program. This builds on Revenera’s previous adoption of OpenChain ISO/IEC 5230, the international standard for open source license compliance, highlighting Revenera’s ongoing commitment to open source process management.
Hosted by the Linux Foundation, the OpenChain Project maintains the international standards OpenChain ISO/IEC 5230 for open source license compliance and OpenChain ISO/IEC DIS 18974 for open source security assurance programs. OpenChain allows companies of all sizes and all sectors to adopt the key requirements of a quality open source compliance program.
The use of open source software (OSS) must be secure. The urgency to implement safeguards for OSS is growing, as made clear by the recent attention on cybersecurity, including the July 2023 release of the U.S. National Cybersecurity Strategy Implementation Plan (NCSIP), including requirements for software bills of materials (SBOMs). Revenera, a leading provider of software composition analysis (SCA) solutions and a lead proponent of security in the software supply chain, is leading by example by being among the first organizations to comply with the new international standard for open source security assurance.
“Revenera’s adoption of the OpenChain international standard for open source security assurance, following our adoption of the standard for open source license compliance, demonstrates our dedication to being a leader in using safe, secure open source software. Revenera is one of only a handful of organizations that are OpenChain ISO/IEC DIS 18974 conformant; we are honored to be on the forefront and hope that other organizations will also pursue this standard to help secure their software supply chain,” said Alex Rybak, Senior Director of Product Management at Revenera. “As someone responsible for Revenera's open source program office (OSPO), having both OpenChain certifications helps us define, administer, and continuously improve our program to conform to evolving industry best practices.”
“The OpenChain process management standards are designed to help businesses use open source more effectively and efficiently,” says Shane Coughlan, OpenChain General Manager. “Revenera has proven to be an enthusiastic participant in the OpenChain community of conformance and also an active contributor to knowledge-sharing in our field. The future of collaborative technology like open source depends on this type of positive, sustainable engagement, and I look forward to our continued partnership as the supply chain evolves.”
Resources
Follow Revenera
About Revenera
Revenera helps product executives build better products, accelerate time to value and monetize what matters. Revenera's leading solutions help software and technology companies drive top line revenue with modern software monetization, understand usage and compliance with software usage analytics, empower the use of open source with software composition analysis and deliver an excellent user experience—for embedded, on-premises, cloud and SaaS products. To learn more, visit www.revenera.com.
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/44e2bf25-5c99-4880-86fd-945096df0620