<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Videos

The Tidelift Subscription: Eliminating risk from bad open source packages
With the Tidelift Subscription, organizations can evaluate and monitor packages, eliminate bad ones, and improve overall security, productivity, and application quality.
The impact of bad open source packages on enterprise application development
Watch this demo to learn how eliminating bad open source packages can lead to lowering security risks, improving productivity, improving application quality, and increasing operational efficiency.
Life as a maintainer after the xz utils backdoor hack
The explosive details about the recent xz utils backdoor hack, in which a volunteer open source maintainer was manipulated over a period of years into giving commit access to their project, have sent shudders across all open source communities.
Tidelift VP of Public Sector Robert Wickham on open source and innovation with Fed Gov Today
At the Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference 2023, Tidelift VP of Public Sector, Robert Wickham, sat down with Francis Rose at Fed Gov Today to discuss open source and its role in the public sector space.
Open source management and policy compliance demo
Watch this quick demo to learn how Tidelift can help your organization generate software bills of materials (SBOMs) and implement open source usage and management standards consistently across development teams.
Introducing TACOS: Trusted Attestation and Compliance for Open Source
Hear Tidelift VP of Product, Lauren Hanford introduce the Trusted Attestation and Compliance for Open Source (TACOS) framework, a machine-readable framework that makes it easy to self-attest and report on the development practices of the upstream open source packages .
Digging into the NIST Secure Software Development Framework
Hear Tidelift VP of Product, Lauren Hanford break down the four areas of the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). 
U.S. National Cybersecurity Strategy: a liability shift
Hear Tidelift VP of Product, Lauren Hanford discuss the liability shift from producers to consumers, as stated in the U.S. National Cybersecurity Strategy
Reminder: open source software relies on volunteers
Hear Tidelift VP of Product, Lauren Hanford discuss the current state of the open source maintainer and how most maintain open source software projects without pay, and why this matters when looking at these new secure software development practices.  
Tidelift partners with open source software maintainers
Hear Tidelift VP of Product, Lauren Hanford explain how Tidelift partners with maintainers to meet these standards, such as NIST SSDF and OpenSSF scorecards.
Defense in depth: proactive and reactive strategies
Hear Tidelift CEO and co-founder, Donald Fischer, highlight the Tidelift Subscription's defense in depth approach, an approach that combines proactive and reactive strategies to manage application security.
Key benefits of the Tidelift Subscription
Hear Tidelift CEO and co-founder Donald Fischer highlight the key benefits of the Tidelift Subscription.
Tidelift: a software and people-powered approach
Hear Tidelift CEO and co-founder Donald Fischer share the software and people-powered approach of the Tidelift Subscription.
Who's going to do the work?
Why we should be asking the important question: when considering the evolving list of government and industry cybersecurity requirements, who is going to do the work?
Why do we need to address these issues now?
Hear Tidelift CEO and co-founder Donald Fischer gives his take on why we need to address open source software supply chain issues now. 
5 Minute Maintainer: Seth Michael Larson
Introducing Seth Michael Larson! Seth maintains urllib3 and a host of useful packages within the Python ecosystem. Watch to learn more about Seth and his journey in open source!
5 Minute Maintainer: Pierre Sassoulas
Introducing, Pierre Sassoulas! Pierre maintains pylint and a host of useful packages, but got his start in open source as a Wikipedia volunteer. Watch to learn more about Pierre and his journey in open source!
5 Minute Maintainer: Felix Böhm
In our first in the series, we’d like to introduce you to Felix Böhm. Felix maintains Cheerio and a host of other useful packages. Watch to learn more about how Felix got started!
Software + People: An optimistic (and practical) way forward for the open source software supply chain
Tidelift CEO Donald Fischer gives a talk entitled Software + People: An optimistic (and practical) way forward for the open source software supply chain at Tidelift's annual conference, Upstream.
How an annoying Python package led Alex Clark to create Pillow
Alex Clark explains how and why he created the Python package Pillow.
The Tidelift approach to securing open source dependencies
Want to learn more about securing your open source dependencies?
Meet Project Lombok maintainer Roel Spilker
Project Lombok maintainer Roel Spilker thinks the hardest part of being a maintainer is rejecting good feature ideas.
Project Lombok core maintainer Reinier Zwitserloot shares his open source journey
Reinier Zwitserloot’s journey into the world of open source is a familiar one: he discovered a problem he thought he could fix.
Material-UI core maintainer Olivier Tassinari shares his open source software journey
Olivier Tassinari is a core maintainer of Material-UI, a JavaScript library that helps you build React components
Why not-so-open licenses are not-so-good
An open license should give everyone the right to use, modify, and distribute software under an agreed upon set of terms.
What motivates open source maintainers?
The Tidelift founders discuss why open source maintainers do the work that they do.
What software development teams should know about open source licenses
Tidelift cofounder and licensing expert Luis Villa discusses what you should know about open source licenses.