How temenos manages open source use, the easy way combined

1. How Temenos Manages Open Source Use, the Easy Way Martin Bailey, Product Director – Enterprise Software, Temenos Group AG Rami Sass is CEO and Co-Founder of WhiteSource

2. Agenda and Logistics  Temenos  Effortless management of open source components  WhiteSource Demo  Q&A  Please type questions in the control bar  Full answers will be sent by email

3. Martin Bailey How Open Source Management Became Effortless IEEE Webinar

4. 4 Innovation led World’s leading banking software company World class delivery No.1 2000+ installations in 150+ countries 469m USD revenues in 2014 4,000+ employees in 72 international offices 135 go lives in 2014 Strength and depth: 1,000+ consultants, 100 concurrent projects Community of 2,000+ certified partner consultants Highest level of R&D in the industry to drive innovation Regular software upgrade strategy Passion for standards and openness Temenos – a global market leader

5. 5 Powerhouse in financial software 500 million US$115m 38 US$5 trillion of top 50 banks use Temenos In annual R&Din assets processed through Temenos software customers rely on Temenos for daily banking needs

6. 6 Nice to meet you Martin Bailey Product Director – Enterprise Software at Temenos • Leads team of product groups and architects • In charge of the technology that is the basis for all of Temenos’ solutions

7. 8 Looking for the Right Solution The manual option: error prone and time consuming Looked for an open source management solution that: • Provides an always up-to-date open source report • Offers full licenses, compliance, security alerts and version information • Enables continuous vetting of open source components as they are added • Easy to use • Saves time • Low cost of ownership

8. 9 Open source inventory and vetting Error prone WhiteSource automatically discovers all of open source components, including dependencies Time consuming Always up-to-date inventory on hand Report is a button click away Before After

9. 10 License Compliance No way of vetting open source components before they are used A policy was set in the WhiteSource system with a black list of forbidden licenses and a white list of permitted licenses If a forbidden license is discovered, development time is wasted Based on lists, open source components are vetted as they are added by developers (during the build) Before After

10. 11 Security Vulnerabilities and New Versions Occasional manual search for security vulnerabilities WhiteSource alerts on security vulnerabilities, fixes and new versions for all components used Before After

11. 12 The WhiteSource Implementation Install plugin < 1 hour Set up policy – 30 minutes -------------------------------------- < 90 minutes start to finish Reward: open source serenity Up-to-date accurate report, on hand at all times License compliance issues in check Open source vulnerabilities and new version alerts

12. Open Source License and Security Management Practice Safe Open Source

13. Open source is great...  If used right, open source components substantially boost developers productivity  Focus on core capabilities  Rely on true and tested code *Source: Gartner User Survey Analysis: Open-Source Software, Worldwide According to Gartner, 85% of commercial software vendors rely heavily on open source to boost productivity and remain competitive*

14. But, if Improperly Managed…  License Risks and Compliance Issues  Security Vulnerabilities, Quality risks and compliance Issues Eat into the value of open source, and bring substantial legal, technical, and business risks

15. License Risks and Compliance  Difficult to properly track all open source and comply with their licenses  Large gaps between reported and actual*  Difficult to identify all dependencies, which may have different license (64%)*  Difficult to enforce licensing policy* *WhiteSource data Open source is free, but comes with a license. Incompliance results in legal, security, and business risks.

16. Security Vulnerabilities  Defects and vulnerabilities exist in open source as in any software  70% of apps include vulnerabilities*  Defect rate in open source is similar to other applications*  Everyone tests their own code.  But, testing open source is “out of process” for most developers. When a fix vulnerability is detected, they will never know, nor update to fix it  24% of commercial software includes vulnerable open source libraries**  85% of projects have outdated open source libraries** Sources: *Coverity, Veracode, **WhiteSource If your product contains vulnerable open source libraries, your product is vulnerable. Period.

17. WhiteSource Makes It Whole Again Automated Agile Easy-to-use Affordable

18. License Risks And Compliance  Automatically detect and document open source inventory  Automatically identify all licenses, including dependencies  Automate enforcement of organizational license policy  Automate documentation during version release

19. Security and Quality  Proactive alerts on security vulnerabilities that affect you  Proactive alerts on fixes and new versions  Detect libraries that you no longer use

20. Automatic. Easy. Agile.  Integral part of your development lifecycle  Wide range of OOTB plugins to leading build tools  Send signatures of libraries (not the code!) to WhiteSource  Entire open source content is discovered and categorized  Open source policy can be enforced (including stop build)  Take developers out of the loop  Saves time. Lets developer focus on their work.  Increase precision and timeliness. Reduce errors.

21. One Word: Effortless

22. Demo

23. Thank You! Our website: www.whitesourcesoftware.com