<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Webinars
How to reduce your organization's reliance on
How to reduce your organization's reliance on "bad" open source packages
Watch this webinar when Lauren will go over the ways to reduce your organizations reliance on “bad” open source packages and will review what “bad” open source package really means.
Watch now
Life as a maintainer after the xz utils backdoor hack
Life as a maintainer after the xz utils backdoor hack
The explosive details about the recent xz utils backdoor hack, in which a volunteer open source maintainer was manipulated over a period of years into giving commit access to their project, have sent shudders across all open source communities.
Watch now
How healthcare organizations should navigate government regulatory activity impacting open source
How healthcare organizations should navigate government regulatory activity impacting open source
In 2024, cybersecurity risk impacts patient outcomes, doctor burnout, and care success at nearly every healthcare organization.
Watch now
2024 recommendations to proactively reduce open source risk
2024 recommendations to proactively reduce open source risk
An overview of IDC research and current recommendations for application development and security leaders to improve open source resilience and reduce risk
Watch now
Predictions: What’s in the crystal ball for open source software security in 2024?
Predictions: What’s in the crystal ball for open source software security in 2024?
As we head into 2024, one of our time-honored traditions at Tidelift is gathering together a group of smart folks to make some predictions about open source software security for the year ahead.
Watch now
10 critical things to know before depending on an open source project
10 critical things to know before depending on an open source project
When pulling new open source dependencies into your application, you need to ensure you are making smart decisions that don’t open up your organization to risk. So how should you go about doing the research?
Watch now
Defense in depth: How to use Tidelift alongside your SCA tool
Defense in depth: How to use Tidelift alongside your SCA tool
Many of our customers are using Tidelift and one or more SCA tools together as part of what we call a “defense in depth” strategy, where SCA handles reactively detecting security vulnerabilities and Tidelift handles proactively improving the health and security of your open source software supply chain.
Watch now
How to comply with mandatory government cybersecurity requirements impacting open source
How to comply with mandatory government cybersecurity requirements impacting open source
Does your organization sell software to the U.S. government? Then you are probably already aware that the government has become much more active in setting policy to improve cybersecurity in response to high-profile vulnerabilities like SolarWinds and Log4Shell..
Watch now
Tidelift + Medcrypt: Using SBOM data to comply with government cybersecurity regulations
Tidelift + Medcrypt: Using SBOM data to comply with government cybersecurity regulations
Tidelift VP of product, Lauren Hanford, sat down with Medcrypt’s VP of product, Om Mahida, to review government product security requirements, in particular discussing software bills of materials (SBOMs).
Watch now
AWS + Tidelift panel: Best practices for inclusive development part 2
AWS + Tidelift panel: Best practices for inclusive development part 2
Continuing the conversation from 2022, we will dive deeper into discussing best practices and small changes for leaders to implement in order to drive change and thought leadership around ID&E across their engineering teams.
Watch now
Top findings from the 2023 Tidelift state of the open source maintainer report
Top findings from the 2023 Tidelift state of the open source maintainer report
We just released our new state of the open source maintainer report with 11 big headlines from our new survey of over 300 open source maintainers. Some findings will confirm what you already know to be, some may startle you.
Watch now
How the NIST Secure Software Development Framework impacts open source software
How the NIST Secure Software Development Framework impacts open source software
Lauren Hanford, Tidelift VP of product, and Kanish Sharma discuss the NIST Secure Software Development Framework and share ways organizations can actually follow its guidance, specifically highlighting considerations for the open source software on which all modern software is built.
Watch now
News debrief: What the new U.S. cybersecurity strategy means for the open source software
News debrief: What the new U.S. cybersecurity strategy means for the open source software
Breaking news: On March 2, the U.S. government issued the long anticipated 2023 National Cybersecurity Strategy. How does this impact open source software?
Watch now
How to navigate impending open source software security requirements
How to navigate impending open source software security requirements
Open source security is a top, unavoidable priority in 2023. Thanks to the front page press surrounding critical vulnerabilities like Log4Shell and SolarWinds, governments around the globe are taking action. 
Watch now
Predictions: What does open source software supply chain security look like in 2023?
Predictions: What does open source software supply chain security look like in 2023?
Join Tidelift co-founders Donald Fischer and Luis Villa and Red Monk analysts Stephen O’Grady and Rachel Stephens as they dove into their 2023 open source software supply chain security predictions.
Watch now
How the maintainers of urllib3 keep the project secure and healthy (and why you should care)
How the maintainers of urllib3 keep the project secure and healthy (and why you should care)
Tidelift VP of Product Lauren Hanford sits down to chat with Seth Larson about all the systems and processes Seth and the team has put into place to keep urllib3 happy and healthy for all those millions of Python dependencies.
Watch now
Fireside chat: Why this CISO thinks SBOMs aren't the silver bullet
Fireside chat: Why this CISO thinks SBOMs aren't the silver bullet
Tidelift CEO and co-founder Donald Fischer sits down with Andy Ellis, former Chief Security Officer at Akamai turned startup advisor and investor and talk about the true consequences of SBOMs.
Register now
The importance of a sound open source software supply chain management strategy
The importance of a sound open source software supply chain management strategy
Tidelift host Kanish Sharma and guest speaker Jim Mercer, IDC research vice president, dived into these challenges and discussed the best approach to addressing them.
Watch now
AWS + Tidelift panel: Best practices for inclusive development
AWS + Tidelift panel: Best practices for inclusive development
Inclusive is one of our core values at Tidelift. So we were delighted and inspired when our friends at AWS were interested in collaborating with us on a panel discussion about inclusive practices in open source software development.
Watch now
Why software composition analysis tools aren't enough
Why software composition analysis tools aren't enough
Historically, software composition analysis (SCA) tools were one primary way to get better visibility into open source security, maintenance, and licensing risk. But, by themselves, they are not enough.
Watch now
Log4Shell, open source maintenance, and why SBOMs are critical now
Log4Shell, open source maintenance, and why SBOMs are critical now
Join Tidelift CEO and co-founder Donald Fisher and guest speaker Forrester Principal Analyst Sandy Carielli as they discuss some of the key lessons organizations can learn from Log4Shell along with some critical recommendations organizations can use to prepare for handling similar issues down the road.
Watch now
From Heartbleed to Log4Shell: How are things better? How are they the same?
From Heartbleed to Log4Shell: How are things better? How are they the same?
Tidelift solutions architect lead Mark Galpin shares insights into theLog4Shell vulnerability and discusses how things have changed since Heartbleed.
Watch now
Tidelift briefing: What you need to know about the Log4Shell vulnerability
Tidelift briefing: What you need to know about the Log4Shell vulnerability
Mark Galpin breaks down the current Log4Shell situation and shares tips for remediating the issue. You won't want to miss this.
Watch now
Tracy Bannon from MITRE talks OSS supply chain security and how to help your overburdened dev team
Tracy Bannon from MITRE talks OSS supply chain security and how to help your overburdened dev team
For years, experts have been telling the government to take stock of the software supply chain by generating software bills of materials and defining standards and policies for use.
Watch now
Tidelift December product update and live demo
Tidelift December product update and live demo
Tidelift product marketing lead Kanish Sharma and solutions architect Jimmy Caldwell demo the latest updates to the Tidelift Subscription.
Watch now
Briefing: Thinking upstream about White House cybersecurity executive order 14028
Briefing: Thinking upstream about White House cybersecurity executive order 14028
Tidelift CEO and co-founder Donald Fischer shares his perspective on how the cybersecurity executive order impacts software supply chain security.
Watch now
Supporting the Python community by “shifting left”
Supporting the Python community by “shifting left”
What are some ways corporate users of open source software can contribute upstream and partner with ecosystems who provide the software?
Watch now
Open source software supply chain management and security in the wake of SolarWinds
Open source software supply chain management and security in the wake of SolarWinds
Tidelift CEO Donald Fischer will brief application development teams on the state of software supply chain security.
Watch now
Open source licenses AMA part 2
Open source licenses AMA part 2
Tidelift's resident open source license guru Luis Villa answers some pressing questions
Watch now
Take control of your open source software supply chain with Tidelift catalogs
Take control of your open source software supply chain with Tidelift catalogs
Watch on-demand as we demonstrate how you can use the Tidelift Subscription as the heart of an effective open source supply chain management strategy.
Watch now
Accelerate app development by optimizing your organization’s open source strategy
Accelerate app development by optimizing your organization’s open source strategy
In this webinar, Tidelift CEO and co-founder Donald Fischer is joined by guest speaker Chris Condo, Forrester’s Principal Analyst.
Watch now
Open source licenses AMA
Open source licenses AMA
Tidelift's resident open source license guru Luis Villa is joined by guest speaker Kate Downing to answer some pressing questions.
Watch now
Best practices for managing your open source artifacts
Best practices for managing your open source artifacts
We share the latest best practices orgs can use to manage their open source dependencies.
Watch now
The future of open source software support
The future of open source software support
IDC analyst Al Gillen explains the history of open source support models and his thoughts about the future of open source support.
Watch now
Everything you never wanted to know about open source licenses and were too bored to ask
Everything you never wanted to know about open source licenses and were too bored to ask
Tidelift's resident open source license guru Luis Villa shares the basics of how open source licenses work.
Watch now
Choosing open source packages well
Choosing open source packages well
Tidelift co-founder Jeremy Katz deep dives into the steps you can take to choose the right open source packages for your organization.
Watch now
How to level up your open source project with Tidelift
How to level up your open source project with Tidelift
Are you an open source maintainer interested in leveling up your open source project through Tidelift?
Watch now
Top findings from the 2024 Tidelift state of the open source maintainer report
Top findings from the 2024 Tidelift state of the open source maintainer report
We recently released this year’s state of the open source maintainer report, with 12 big headlines about the data we collected from over 400 open source maintainers. Some findings align with what we know already, but there are some new and surprising stats!
Watch now