<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

59% of maintainers have quit or considered quitting. Scary, huh? đź‘»

The Tidelift Subscription

A better way to manage the health and security of the open source software supply chain

The Tidelift Subscription helps streamline application development by removing obstacles that slow down developers while identifying and removing open source-related risk. See how it works.

Product Features

Understand open source usage

Stay safe and obtain a unified view of the open source you use by generating a bill of materials along with the associated metadata for each open source component.

open source usage

Measure open source risk

Measure project health and open source risk

Get an ongoing assessment of your projects’ health and track how your organization is decreasing risk over time.

Get recommendations from Tidelift and partner maintainers

Continuously improve open source health with proactive, actionable security, licensing, and maintenance recommendations for all of the open source packages you use.

opensourceresearch

standards-policies

Define and enforce organizational standards and policies

Drive alignment across stakeholders with an inclusive approach for defining and enforcing open source standards and policies within your organization.

Build a paved path of approved open source components

Eliminate the burden on individual developers of assessing open source component issues by giving them access to a paved path of pre-vetted, approved components.

approved-components

workflow%20integration

Integrate with development workflows

Seamlessly integrate with developers’ existing processes through the command line interface (CLI) and CI/CD pipeline integrations.

Managed Open Source Survey

The 2020 Tidelift managed open source survey

We highlight nine of the most interesting revelations that help us understand how to make open source work even better for development teams and the organizations they work within.

white stars - top large

What is included in the Tidelift Subscription?

Open source management tools

Generate SBOMs of all the packages used in your applications with rich insights such as:

  • Release and license information
  • Dependency chain and provenance information
  • Usage type (runtime or dev) and approval status

Learn about security vulnerabilities or licensing issues in the SBOM

Easily monitor, review and address new dependency information

software bill of materials
Tidelift catalogs

Tidelift catalog

Eliminate the burden on individual developers of assessing open source component issues by giving them access to a paved path of pre-vetted, approved components.

Custom catalog

Seamlessly integrate with developers’ existing processes through the command line interface (CLI) and CI/CD pipeline integrations.

track dependencies with custom catalogs
Tracy Bannon from MITRE talks OSS supply chain security and how to help your overburdened dev team

Tracy Bannon from MITRE talks OSS supply chain security and how to help your overburdened dev team

For years, experts have been telling the government to take stock of the software supply chain by generating software bills of materials and defining standards and policies for use.

The 2021 Tidelift open source maintainer survey

The 2021 Tidelift open source maintainer survey

In early 2021, Tidelift fielded its first-ever comprehensive survey of open source maintainers.

A demo of the Tidelift Subscription

A demo of the Tidelift Subscription

Watch an on-demand demo of the Tidelift Subscription.