BOSTON, February 2, 2021 — Tidelift, the premier provider of solutions for managing the open source software behind modern applications, today announced the general availability of Tidelift catalogs, an innovative way to ensure organizations can consistently manage the health and security of their open source software supply chain.
“As software supply chain security makes front page news in 2021, it is more important than ever that application development teams employ a comprehensive approach to managing the open source components that make up their applications,” said Donald Fischer, CEO and co-founder, Tidelift. “With the addition of catalogs to the Tidelift Subscription, organizations can be confident that they are using open source safely without slowing down development.”
With catalogs—included as part of the Tidelift Subscription—organizations now have a comprehensive approach to curating, tracking, and managing the open source components they are using for application development while setting and enforcing usage policies.
As part of this announcement, Tidelift also introduces the first set of Tidelift-managed catalogs, giving organizations a head start on building a paved path of approved components for development teams to use. Developers can pull from Tidelift-managed catalogs of known-good, proactively maintained components covering common language frameworks like JavaScript, Python, Java, Ruby, PHP, .NET and Rust, backed by Tidelift and its partnered maintainers. These catalogs are designed to be enterprise ready, with Tidelift and its partnered maintainers managing them to meet clearly defined security, maintenance, and licensing standards.
With catalogs in place, the Tidelift Subscription now provides benefits to stakeholders across the organization:
"Recent software supply chain security compromises remind the industry how important it is to know where your software components come from, and to be able to trust those components. Open source software is not immune to potential vulnerabilities, so it makes great sense to give your software development staff easy access to the components they need that meet enterprise standards,” said Al Gillen, Group VP, Software Development and Open Source, IDC. "Tidelift’s expansion of the Tidelift Subscription to include catalogs of known-good open source addresses this need by collecting in one location a full suite of key open source components that an organization relies on."
Learn more about Tidelift catalogs and the Tidelift Subscription.
Tidelift helps organizations effectively manage the open source behind modern applications. Through the Tidelift Subscription, the company delivers a comprehensive management solution, including the tools to create customizable catalogs of known-good, proactively maintained components backed by Tidelift and its open source maintainer partners. Tidelift enables organizations to accelerate development and reduce risk when building applications with open source, so they can create even more incredible software, even faster. https://tidelift.com/