Case studies

Open source security through the lens of Tidelift

Cisco’s internal development teams, using Corona enhanced with open source metadata provided by Tidelift, can now access insightful package metadata and gain additional insights into vulnerabilities.

Maintainer case study: How a lone maintainer of over 450 JavaScript packages keeps them well maintained and secure

Maintainer Jordan Harband used income from Tidelift and its customers to consistently maintain over 450 JavaScript packages during good times and bad

Maintainer case study: How Java maintainer Gary Gregory found more time to secure and maintain his open source projects

Maintainer Gary Gregory of Apache Commons used income from Tidelift and its customers to carve out time to create a more robust security review process.

ROI case study: The value of a proactive approach to open source application security

Hear from a Tidelift customer who worked with Tidelift and its maintainer partners to save time and money while strengthening the resilience of the open source powering their applications.

Case story: Leading healthcare organization reduces open source risk and streamlines management costs with Tidelift

For healthcare and healthtech organizations, balancing cybersecurity and technology innovation is a complex challenge. Here's how one organization reduced open source risk with the Tidelift Subscription.

Maintainer case study: How Mongoose, an npm project with 2 million weekly downloads, improved security and increased its OpenSSF scorecard score

Maintainer Valeri Karpov of Mongoose used income from Tidelift and its customers to implement additional secure development practices and significantly improve the project’s OpenSSF scorecards score.

Case story: EMPLOYERS® insurance works with Tidelift to improve technical hygiene and remediate Log4Shell vulnerability

When news of the critical vulnerability in popular Java logging tool Log4j broke, the team at EMPLOYERS® was ready.

Maintainer case study: Eliminating the risk of RCE vulnerabilities in jacksondatabind

Maintainer Tatu Saloranta used income from Tidelift and its customers to completely rearchitect jackson-databind and eliminate the risk of RCE vulnerabilities.

Maintainer case study: How a popular Python project established a documented and streamlined security process

Maintainer Jeffrey A. Clark used income from Tidelift and its customers to significantly improve security practices used to maintain Pillow, a popular Python Image Library package downloaded 3 million times a day.

Maintainer case study: How a Python project with 450 million monthly downloads improved its security practices

Maintainer Seth Michael Larson was able to substantially improve urllib3 security practices thanks to income from Tidelift and its customers.

Maintainer case study: How maintainer Jordan Harband saved the popular minimist JavaScript package from deletion

Maintainer Jordan Harband saved minimist from deletion when its maintainer decided to delete their projects from GitHub.

Maintainer case study: Maintainer steps in to prevent popular Javascript project SockJS from being abandoned

When SockJS maintainer Bryce Kahle took a new job that didn’t involve JavaScript, Asif Saif Uddin stepped in as maintainer, ensuring the project wasn’t abandoned.

Case study: urllib3

Secure development practices and Python supply chain impact

How one org saved $1.1M and reduced OSS risk 💸