<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Videos

New video story: How Distributive uses Tidelift to maximize open source security and resilience

Within days of using the Tidelift application, the Distributive team found a potential vulnerability that npm-audit hadn’t, and quickly and safely fixed those issues with Tidelift’s CLI tool.

Introducing TACOS: Trusted Attestation and Compliance for Open Source

Hear Tidelift VP of Product, Lauren Hanford introduce the Trusted Attestation and Compliance for Open Source (TACOS) framework, a machine-readable framework that makes it easy to self-attest and report on the development practices of the upstream open source packages .

Digging into the NIST Secure Software Development Framework

Hear Tidelift VP of Product, Lauren Hanford break down the four areas of the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). 

U.S. National Cybersecurity Strategy: a liability shift

Hear Tidelift VP of Product, Lauren Hanford discuss the liability shift from producers to consumers, as stated in the U.S. National Cybersecurity Strategy

Reminder: open source software relies on volunteers

Hear Tidelift VP of Product, Lauren Hanford discuss the current state of the open source maintainer and how most maintain open source software projects without pay, and why this matters when looking at these new secure software development practices.  

Tidelift partners with open source software maintainers

Hear Tidelift VP of Product, Lauren Hanford explain how Tidelift partners with maintainers to meet these standards, such as NIST SSDF and OpenSSF scorecards.

Defense in depth: proactive and reactive strategies

Hear Tidelift CEO and co-founder, Donald Fischer, highlight the Tidelift Subscription's defense in depth approach, an approach that combines proactive and reactive strategies to manage application security.

Key benefits of the Tidelift Subscription

Hear Tidelift CEO and co-founder Donald Fischer highlight the key benefits of the Tidelift Subscription.

Tidelift: a software and people-powered approach

Hear Tidelift CEO and co-founder Donald Fischer share the software and people-powered approach of the Tidelift Subscription.

Who's going to do the work?

Why we should be asking the important question: when considering the evolving list of government and industry cybersecurity requirements, who is going to do the work?

Why do we need to address these issues now?

Hear Tidelift CEO and co-founder Donald Fischer gives his take on why we need to address open source software supply chain issues now. 

5 Minute Maintainer: Seth Michael Larson

Introducing Seth Michael Larson! Seth maintains urllib3 and a host of useful packages within the Python ecosystem. Watch to learn more about Seth and his journey in open source!

5 Minute Maintainer: Pierre Sassoulas

Introducing, Pierre Sassoulas! Pierre maintains pylint and a host of useful packages, but got his start in open source as a Wikipedia volunteer. Watch to learn more about Pierre and his journey in open source!

5 Minute Maintainer: Felix Böhm

In our first in the series, we’d like to introduce you to Felix Böhm. Felix maintains Cheerio and a host of other useful packages. Watch to learn more about how Felix got started!

An overview of the Tidelift Subscription

Watch an on-demand overview of the Tidelift Subscription.

Software + People: An optimistic (and practical) way forward for the open source software supply chain

Tidelift CEO Donald Fischer gives a talk entitled Software + People: An optimistic (and practical) way forward for the open source software supply chain at Tidelift's annual conference, Upstream.

How to generate an SBOM with Tidelift

Tidelift solutions architect Sean Wiley shows how to demonstrate a software bill of materials (SBOM) with Tidelift.

How an annoying Python package led Alex Clark to create Pillow

Alex Clark explains how and why he created the Python package Pillow.

The Tidelift approach to securing open source dependencies

Want to learn more about securing your open source dependencies?

Meet Project Lombok maintainer Roel Spilker

Project Lombok maintainer Roel Spilker thinks the hardest part of being a maintainer is rejecting good feature ideas.

Project Lombok core maintainer Reinier Zwitserloot shares his open source journey

Reinier Zwitserloot’s journey into the world of open source is a familiar one: he discovered a problem he thought he could fix.

Material-UI core maintainer Olivier Tassinari shares his open source software journey

Olivier Tassinari is a core maintainer of Material-UI, a JavaScript library that helps you build React components

Why not-so-open licenses are not-so-good

An open license should give everyone the right to use, modify, and distribute software under an agreed upon set of terms.

What motivates open source maintainers?

The Tidelift founders discuss why open source maintainers do the work that they do.

What software development teams should know about open source licenses

Tidelift cofounder and licensing expert Luis Villa discusses what you should know about open source licenses.