360is offers risk report service for open source software

Many organisations use open source software as part of their application and product development. 

 However it is often the last area that is managed as a company races to develop and deploy new code.

360is has developed a service which audits the OSS in use within a company or more usually an individual project and provides a report of the risk in using that code from a security vulnerability, license compliance and operational risk viewpoint. The main value of the service, apart from avoiding exposure to risk is the expert advice 360is can provide on what the findings actually mean to the company and how to remediate the risks found. 360is can also provide guidance and advice to the development team and apply additional services for the on-going management of OSS code to ensure only allowed safe software is used.

It is far easier to remove bad code at the beginning of a development cycle rather than in a deployed application or product!

The term "Technical Debt" relates to the potential losses and cost to a company for issues that  lie undetected or declared in its products or services, very often as a result of the code deployed laying dormant, awaiting the discovery of a security flaw or licence infringement.