Reflecting on IT and trust after log4j

Existing open source project — housekeeping tips

Reviewing software or components for new projects

  • Scope — check if this package solves the problem you are tackling with. Isn’t the component too broad for your need? Can you contribute to the component if needed?
  • Credibility — to verify it you may check how long it has existed, how many contributors there are, and whether the repository is active or has been abandoned for years. How is the repository handling issues? How fast responding?
  • Quality & trust — some questions you may ask yourself would be about the code quality — does the code look safe to use? Are there any known vulnerabilities? Does the repository have tests or CI pipelines that are publicly available?
  • Scope is important for any project, so check if this software solves the problem you are trying to solve/prevent.
  • Quality — unlike in the open-source applications, you cannot view the proprietary software’s code. But you can see how it works and how you can interact with the tech support team. How about going for trial install and having it running for at least a week? Look for stability issues or other performance hiccups, is the UI interaction smooth, can you find what you are looking for? Contact support, see how they can handle your questions, are they responding fast, helping in configuration or testing?
  • Open-source components — check what open-source components the software is using. It should be listed in the about section of the software. It may not be a critical point of your decision process but it may be worthy to make a list. Make sure to add them to the list if you decide to purchase the product.

Final thoughts



AdRem Software makes award-winning commercial and freeware network monitoring & management software trusted by thousands of admins worldwide