With nearly 99% of all Open Source components going unnoticed and unmanaged in your codebase it is no longer a question of if you are using Open Source – chances are pretty high that you are. Now, the questions become: “What Open Source are we using? Where is it, and are we shipping it?” Having a clear Open Source use-policy and process in place allows you more visibility into your entire OSS portfolio, mitigating intellectual property compliance risks as well as detecting security vulnerabilities. We’ll discuss best practices for implementing a real-world solution, how to get buy-in across your developers and managers and how this affects your corporate bottom line.
Key Points Covered:
- Open Source typically comprises 50% of a commercial product
- The typical software team is only aware of < 10% of their OSS usage
- Untracked Open Source leads to security and licensing problems
- A well designed Open Source intake and management process reduces risk