We believe in work-life harmony: doing good work, with urgency and pragmatism, and at a sustainable pace.
We value and celebrate diversity. The more inclusive we are, the better our work will be, so we're committed to building a team with a variety of backgrounds and perspectives.
We want to build a supportive and rewarding place that works for everyone.
.jpg)
For software development teams, ensuring they have the best available information about the open source they are using to improve security and reduce risk can be challenging and time-consuming. Organizations often have to make tough tradeoffs between moving fast (and risking bringing in components that have not been fully vetted) and staying safe (potentially adding bureaucracy that slows down development).
For open source maintainers, keeping their projects well maintained and secure isn’t free—far from it. These creators often don’t have the time or incentive to ensure their projects follow secure software development practices, which puts all of us at risk.
For software development teams, ensuring they have the best available information about the open source they are using to improve security and reduce risk can be challenging and time-consuming. Organizations often have to make tough tradeoffs between moving fast (and risking bringing in components that have not been fully vetted) and staying safe (potentially adding bureaucracy that slows down development).
For open source maintainers, keeping their projects well maintained and secure isn’t free—far from it. These creators often don’t have the time or incentive to ensure their projects follow secure software development practices, which puts all of us at risk.
First, software development teams should have access to the best possible information about the open source software they incorporate into their projects. They should be confident that components are secure, well integrated, and properly maintained.
Meanwhile, open source maintainers should be compensated for ensuring they develop using the standardized secure software development practices enterprises expect so they and their projects can thrive.
First, software development teams should have access to the best possible information about the open source software they incorporate into their projects. They should be confident that components are secure, well integrated, and properly maintained.
Meanwhile, open source maintainers should be compensated for ensuring they develop using the standardized secure software development practices enterprises expect so they and their projects can thrive.
.png)
