Today’s software is built like a Lego model. Instead of a singularly developed string of code, multiple building blocks of existing code are used to create a codebase. Some of those building blocks are developed in-house by the software vendor. Others are developed by third-party commercial software providers. And a lot of them come from open-source projects. When you’re a company that puts that codebase into your final product, you must take precautions to minimize the risks that each type of code presents to you and to your customers. This is what is meant by protecting your software supply chain. It’s also how you maximize the value of the code for you and your customers. Each type of code has its own set of benefits and risks that need to be understood and managed. This article addresses just one type of those building blocks: open source software (OSS).

Full Article Available Here