Flexera and KPMG Expand Alliance to Keep Open Source Software Clean and Safe
Flexera, KPMG Alliance Keeps Open Source Software Safe
KPMG Adopts FlexNet Code Insight to Identify Open Source License Compliance and Security Risks
Flexera, the company that’s reimagining how software is bought, sold, managed and secured, and KPMG LLP, the U.S. audit, tax and advisory firm, today announced an expanded strategic alliance to help development, legal and security teams with open source license and security management.
FlexNet Code Insight, Flexera’s next-generation open source security and compliance platform, is now the technology behind KPMG’s software composition analysis offering, which helps clients detect open source license compliance risk and security vulnerabilities.
“With the proliferation of open source software (OSS) in today’s development environment, we share Flexera’s commitment to serving and protecting organizations from open source licensing and security risk,” said Paul Baguley, Major Projects and Contract Advisory Services Principal at KPMG LLP. “We’re excited to expand our alliance to include Flexera’s leading technology in software composition analysis.”
“Flexera’s extremely proud to support KPMG’s new software composition analysis offering – aligning process, governance and technology. We couldn’t have asked for a better opportunity to expand our strategic alliance,” said Jeff Luszcz, Vice President of Product Management at Flexera. “Adding FlexNet Code Insight to KPMG’s analysis gives companies an easy path to open source management. Now, organizations can take a smart and automated approach to open source scanning and monitoring and stay ahead of vulnerabilities and license compliance issues.”
New KPMG Service Uncovers OSS Risks
KPMG’s new software composition analysis, featuring Flexera’s FlexNet Code Insight, helps suppliers and buyers of software and Internet of Things solutions uncover OSS risks through regular monitoring that reviews software developed, used and distributed by an organization. The service results in a detailed Software Bill of Materials (BOM) that defines the organization’s OSS footprint, vulnerabilities that need to be patched and licensing risks that require action. Fast, high-level scans can be performed to identify critical problems, and deeper scans and analysis are available on high-risk code. The analysis also helps companies navigating technical due diligence because of a pending merger or acquisition.
“Organizations need assurances that there are no significant open source compliance or security issues lurking in the software code of the company they’re acquiring,” added Luszcz. “KPMG and Flexera can provide the automated tools and experience in comprehensive OSS assessment that few M&A teams currently have. Ultimately, companies can avoid unexpected disclosures that have the potential to impact final acquisition valuation and remediation costs.”
To learn more, attend a webinar, Preparing for the Technology M&A: Important Considerations and Best Practices for the Buy Side, on Tuesday, September 18 at 11:00 a.m. CT.
Follow Flexera on…
Flexera is reimagining the way software is bought, sold, managed and secured. We view the software industry as a supply chain, and make the business of buying and selling software and technology asset data more profitable, secure, and effective. Our Monetization and Security solutions help software sellers transform their business models, grow recurring revenues and minimize open source risk. Our Vulnerability and Software Asset Management (SAM) solutions strip waste and unpredictability out of procuring software, helping companies buy only the software and cloud services they need, manage what they have, and reduce compliance and security risk. Powering these solutions and the entire software supply chain, Flexera has built the world’s largest and most comprehensive repository of market intelligence on technology assets. In business for 30+ years, our 1200+ employees are passionate about helping our 80,000+ customers generate millions in ROI every year. Visit us at www.flexera.com.
About KPMG LLP
KPMG LLP is the independent U.S. member firm of KPMG International Cooperative (“KPMG International”). KPMG International’s independent member firms have 197,000 professionals working in 154 countries. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities. Learn more at www.kpmg.com/us or follow us @KPMGUS_News.