According to Gartner reports, 95% of code bases contain undisclosed open source while 75% of audits contain unknown licenses.

Open source software (OSS) has been gaining traction in recent years due to the benefits it provides with the agility of software evolution, reducing the costs of software procurement and development and enhancing the speed of market penetration. It is used everywhere in most of the industries. However, open source software comes attached with significant operational and legal risks which need to be considered when adopting or acquiring solutions with significant OSS components. At worst, incorporating OSS code into your product can mean that the source code in that product must be available to everyone at no cost.

Additionally, with the usage of open source, security breaches are showing no signs of slowing down with thousands of security breaches in 2019 exposing billions of records. 33% of firms suffered a breach as a result of an external attack as per Forrester. There is lots of unmitigated risk upto 80% OSS with only 5% disclosures. Mergers and acquisitions are a critical consideration for OSS compliance. From a security perspective, comprehensive source code analysis informs a company about where it has deployed open source software. Unfortunately, many companies don’t pay sufficient attention to ongoing compliance risks (and possible data breaches) that come from security issues. However, with the steady increase in vulnerabilities found in unmanaged open source code, unsuspecting software buyers are unaware of the vulnerability risk they face.

What do we do ?

We at Lyra enable organizations to stay legally compliant by assessing, identifying, and resolving legal issues related to software license usage violations. Lyra’s services are designed to shield against potential Intellectual Property Rights (IPR) infringements.

With 12+ years of experience in open source audits and legal re-mediation, Lyra has been the trusted partner among M&A and fund-raising professionals. Our reputation enables us to quickly establish contractual and logistical arrangements.

We will help you get answers to questions like

• Does the license require the target's proprietary code to be released as Open Source
• Does the license create a problem with integrating the target's code with other code?
• Are there known security vulnerabilities in the open source?
• Is there a remediation process to fix security risks?

We make use of years of expertise in Software composition analysis (SCA) and address vulnerability management, license management and component management illustrating the impact of open source software on warranties, license agreements, and in mergers and acquisitions.

We can help your development, security and legal teams by

• Mitigating potential legal exposure by uncovering unknown or undeclared open source software (OSS) and third-party code.
• Identify what amount of open source software and its impact.
• Detecting license conflicts, security vulnerabilities and other risks that may impact software asset values.
• Identifying encryption technologies that may restrict the legal export of software.
• Understanding potential issues before they impact the M&A or fund-raising transaction.
• FOSS(Free Open Source Software) awareness and usage training
• Anonymous license negotiations on behalf of clients and participation/representation in transactional discussions.
• Alert problematic open source software and notify where it’s deployed, facilitating immediate patching.
• Review flagged issues, prioritize and create remediation plans for pre and post closing
• Reviewing Audit results with types of licenses you have
• Give an idea of which licenses are okay to use, green light licenses and which are not
• Legal Opinion services for open source compliance by assessing and identifying issues
• Implementing policies for OSS management mitigate risk and provide structure

How can you benefit?

• Simplify open source software (OSS) license compliance and vulnerability protection.
• Mitigate risk by saving unwanted costs in potential business and legal risks
• Have a standard OSS policy in place for your organization
• Track OSS usage and manage License Compliance security risk
• Establish a clear and precise legal structure for licenses
• Setting you on board to create a structure and a remediation checklist plan

Why Lyra?

Our processes are fine-tuned and our experts are trained to provide the responsiveness, speed, and discretion required to reduce business risk, meet deadlines, and provide you with the information and confidence you need to swiftly take action.

Trusted reputation:
Lyra has performed thousands of software audits with unquestioned discretion, and is trusted by dozens of serial acquirers and by sellers to de-risk their deals.Lyra has drafted OSS policies for Enterprise companies across the globe, mitigated risks saving millions in potential business and legal risks, more than 120 customers across the globe, Lyra is the ONLY company to provide both Legal and Tech advice in OSS space globally.

Hyper-responsiveness:
From first contact to delivery of final report (sometimes all within days), Lyra's Audit team moves at the speed of M&A or fund-raising due diligence transactions.

High quality of work:
Our highly experienced open source audit experts deliver high quality, high value audit reports.

Run an Open Source audit on your code to track down everything – the big and the small.

Talk to us today!