A great article by Shahid Shah "...If you ask some regulatory affairs folks in medical device companies, they think OSS is too “dangerous” for use in safety critical systems. The most common excuse given by engineers is that the regulatory compliance folks will not allow OSS or that the FDA will disapprove. There is plenty of evidence to the contrary, however, because the FDA hasn’t really rejected devices due solely to the use of OSS. The lack of OSS use in medical devices and healthcare IT circles in most cases likely stems from a lack of experience with OSS at the senior executive and regulatory compliance ranks within companies. This is a summary of a quick 10 step process that R&D groups can use to properly experiment with and include OSS in safety-critical systems."
R&D Executive – Why Shellshock and Heartbleed Should Matter to You
So, you’ve heard of Shellshock, of course. And if you use Unix, you made sure someone installed the right p...
Forrester Now Tech: Software Composition Analysis, Q1 2019Download
Most Recent Articles
3 Crucial Tips for Smarter Container Security Scanning
Kubernetes Security Best Practices: From Hosting to Deployment
Top 5 New Open Source Vulnerabilities in January 2019
Software Vulnerability 101
Open Source Licenses Explained
SweetAlert2- WhiteSource’s Open Source Project of the Month for January 2019
This Is How SecOps Are Breaking Down Silos For Better, Faster Deployment
Top 10 New Open Source Security Vulnerabilities in 2018
What Is a CVE Vulnerability And How To Understand Its Details
Sometimes A Vulnerability Isn’t So Vulnerable
3 GitHub Security Updates You Should Know
The Best of WhiteSource 2018: Top 7 Reader’s Favorites Articles
How the Heartbleed Vulnerability Shaped OpenSSL as We Know It
Who’s been naughty or nice in the Open Source-verse over 2018?
Want Your R&D Team to Rock? 7 Tips to Help Your Developers Perform Like a Supergroup
The National Vulnerability Database Explained
Top 10 Open Source Licenses in 2018: Trends and Predictions
Top 5 New Open Source Vulnerabilities in November 2018
OWASP Dependency-Check: How Does It Work?
Apache Struts Vulnerabilities Pose ‘Stay or Go’ Question