Curious about FINOS programs and membership benefits? Want to learn more on how you can contribute to the organization that is bringing open source to financial services and fintech? And most importantly, want to know what's in it for you, whether you are large financial institution, a large or small fintech tech or data vendor or an individual? Check out this deck and start contributing today!
201808 - An introduction to FINOS, the Fintech Open Source FoundationFINOS
201808 - An introduction to FINOS, the Fintech Open Source Foundation.
The Value of Open Source in Financial Services, how FINOS can support your open source strategy, our Programs and Community, Value of Corporate membership
[WSO2Con EU 2018] Keynote - The API Driven WorldWSO2
Tyler Jewell, CEO of WSO2, discusses how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution..
Three Technologies Disrupting the Traditional Banking Industry by Ritchie Cap...Ritchie Capital Management
With the advent of internet connectivity, financial products are evolving to fit new systems. With technology advancing at breakneck speeds with better efficiency and scalability, how will traditional banking fare in comparison? In this presentation, Ritchie Capital Management includes 3 significant financial innovations that have paved the way.
apidays LIVE Paris 2021 - API4IPS - API essentials for Public Sector Innovati...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API4IPS - API essentials for public sector innovation
Legal and organisational essentials
December 2021
European Commission – Joint Research Centre
Katarzyna Pogorzelska, Legal and Policy Officer
Monica Posada-Sanchez, Project Manager of the API Study, Senior Researcher
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...WSO2
Business agility is your organisations ability embrace change. Its all about evolution of values, behaviours and capabilities to provide a better UX. Open architecture, Open API and Open Data provides an organization the agility, independence and promotes reuse. This slides elaborate on real-world patterns and industry experience that enabled a traditional organisation to become agile and think big.
[WSO2 Integration Summit New York 2019] "Opening" Fintech and Wall Street: My...WSO2
Financial institutions and fintech vendors are amongst the larger producers of software and employers of highly talented developers worldwide. Yet while Wall Street has been consistently increasingly consumption open source, this interactive-by-nature ecosystem has been largely missing out on the opportunities of open collaboration, participation and contribution open source projects.
But in the context of a massive generational and technological evolution, with cloud and decentralized technologies taking over the industry, the opportunity for an open fintech is huge for financial institution decision makers, for developers and generally for each one of us, downstream users of the financial services complex.
In this deck, Gab, Executive Director of the Fintech Open Source Foundation, discusses the state of open source in financial services, discussing trends, opportunities, concrete examples of collaboration and extending a call for contribution to the extended OSS community.
201808 - An introduction to FINOS, the Fintech Open Source FoundationFINOS
201808 - An introduction to FINOS, the Fintech Open Source Foundation.
The Value of Open Source in Financial Services, how FINOS can support your open source strategy, our Programs and Community, Value of Corporate membership
[WSO2Con EU 2018] Keynote - The API Driven WorldWSO2
Tyler Jewell, CEO of WSO2, discusses how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution..
Three Technologies Disrupting the Traditional Banking Industry by Ritchie Cap...Ritchie Capital Management
With the advent of internet connectivity, financial products are evolving to fit new systems. With technology advancing at breakneck speeds with better efficiency and scalability, how will traditional banking fare in comparison? In this presentation, Ritchie Capital Management includes 3 significant financial innovations that have paved the way.
apidays LIVE Paris 2021 - API4IPS - API essentials for Public Sector Innovati...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API4IPS - API essentials for public sector innovation
Legal and organisational essentials
December 2021
European Commission – Joint Research Centre
Katarzyna Pogorzelska, Legal and Policy Officer
Monica Posada-Sanchez, Project Manager of the API Study, Senior Researcher
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...WSO2
Business agility is your organisations ability embrace change. Its all about evolution of values, behaviours and capabilities to provide a better UX. Open architecture, Open API and Open Data provides an organization the agility, independence and promotes reuse. This slides elaborate on real-world patterns and industry experience that enabled a traditional organisation to become agile and think big.
[WSO2 Integration Summit New York 2019] "Opening" Fintech and Wall Street: My...WSO2
Financial institutions and fintech vendors are amongst the larger producers of software and employers of highly talented developers worldwide. Yet while Wall Street has been consistently increasingly consumption open source, this interactive-by-nature ecosystem has been largely missing out on the opportunities of open collaboration, participation and contribution open source projects.
But in the context of a massive generational and technological evolution, with cloud and decentralized technologies taking over the industry, the opportunity for an open fintech is huge for financial institution decision makers, for developers and generally for each one of us, downstream users of the financial services complex.
In this deck, Gab, Executive Director of the Fintech Open Source Foundation, discusses the state of open source in financial services, discussing trends, opportunities, concrete examples of collaboration and extending a call for contribution to the extended OSS community.
apidays LIVE London 2021 - Building Trust in API Ecosystems by David O'Neill,...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
Future of API Design
Building Trust in API Ecosystems
David O'Neill, Founder and CEO of APImetrics
apidays LIVE Australia 2021 - A cloud-native approach for open banking in act...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
A cloud-native approach for open banking in action
Rafael Marins, Principal Product Marketing Manager at Red Hat
This document brings together a set of latest data points and publicly available information relevant for Digital Customer Experience. We are very excited to share this content and believe that readers will benefit immensely from this periodic publication immensely.
Banking is Now More Open: Open Banking UpdateMikeLeszcz
Update on Open Banking initiative by Chris Michael , Head of Technology, Open Banking. Chris presented this at the “OpenID/Open Banking Workshop: The Implications for the Banking Industry” in London on November 6, 2017.
apidays LIVE Paris 2021 - APIs and Privacy in the European Legal Context by M...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
APIs and Privacy in the European Legal Context : a study of 4000+ API Terms of Services
Monica Posada, Project Manager of the API Study, Senior Researcher at European Commission, Joint Research Center
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
The GDPR Developer Guide : Developping a Data protection culture for Developers
Jerome Gorin, Technologist at CNIL (French National Commission for Informatics and Freedoms)
[WSO2 Summit Brazil 2018] The API-driven WorldWSO2
Paul discusses how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years.
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...WSO2
Everything is famously code-integrated today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps, etc. With all this code around, security is more of a challenge than ever. A central pillar of security is identity access management (IAM): the technology that protects logins and controls access. In fact, this too, is becoming code to work with all the other code. Libraries for developers are essential, including ID controls in mobile and Web applications for initial sign on, single sign-on, federated sign-on, biometric authentication systems, and sensitive data access control. To maintain security across devices, IAM code must be wherever it’s needed, when it’s needed, and automated, just like any other code. And the better we do this, the more safeguarded we all are with our ubiquitous computers.
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
From Open Banking, to Embedded Finance and Insurance
Tech adoption in finance and banking: Clouds, APIs, DevOps, and emerging technologies
Christina Voskoglou, Director of Research at SlashData
Platform Ecosystem and Layered Molular ArchitectureHiroshi Takahashi
When the digital technology penetrates universally, it affects the product architecture and the organizing logic of the enterprise, and also changes the information system and the form used by the enterprise. Therefore, IoT, AI, Big Data etc which are currently talked about must also be considered in line with such flow. As a new architecture, the layered modular architecture consisting of four layers of devices, networks, services, and contents is a hot topic. This also affects how enterprises organize innovation and provide services. There is also a paper that examines the direction of such changes by platform theory. Interestingly, when analyzing the relationship between developers outside the organization and platformers, developers exclusively set periods to earn with their own applications for a certain period of time in order to increase the incentive of developers . It incorporates rights holding close to a kind of patent on the platform. There is approaching platform governance that is evolving rapidly.
201807 - Introduction, business value and how to get engaged in FINOS ProgramsFINOS
201807 - Introduction, business value and how to get engaged in FINOS Programs, including FDC3, Financial Objects, Finserv developer experience, Voice Technology, Hadouken, Plexus, Symphony, Open Source Readiness and the upcoming Data Technology program
apidays LIVE London 2021 - Building Trust in API Ecosystems by David O'Neill,...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
Future of API Design
Building Trust in API Ecosystems
David O'Neill, Founder and CEO of APImetrics
apidays LIVE Australia 2021 - A cloud-native approach for open banking in act...apidays
apidays LIVE Australia 2021 - Accelerating Digital
September 15 & 16, 2021
A cloud-native approach for open banking in action
Rafael Marins, Principal Product Marketing Manager at Red Hat
This document brings together a set of latest data points and publicly available information relevant for Digital Customer Experience. We are very excited to share this content and believe that readers will benefit immensely from this periodic publication immensely.
Banking is Now More Open: Open Banking UpdateMikeLeszcz
Update on Open Banking initiative by Chris Michael , Head of Technology, Open Banking. Chris presented this at the “OpenID/Open Banking Workshop: The Implications for the Banking Industry” in London on November 6, 2017.
apidays LIVE Paris 2021 - APIs and Privacy in the European Legal Context by M...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
APIs and Privacy in the European Legal Context : a study of 4000+ API Terms of Services
Monica Posada, Project Manager of the API Study, Senior Researcher at European Commission, Joint Research Center
apidays LIVE Paris 2021 - The GDPR Developer Guide by Jerome Gorin, CNIL apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
The GDPR Developer Guide : Developping a Data protection culture for Developers
Jerome Gorin, Technologist at CNIL (French National Commission for Informatics and Freedoms)
[WSO2 Summit Brazil 2018] The API-driven WorldWSO2
Paul discusses how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years.
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...WSO2
Everything is famously code-integrated today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps, etc. With all this code around, security is more of a challenge than ever. A central pillar of security is identity access management (IAM): the technology that protects logins and controls access. In fact, this too, is becoming code to work with all the other code. Libraries for developers are essential, including ID controls in mobile and Web applications for initial sign on, single sign-on, federated sign-on, biometric authentication systems, and sensitive data access control. To maintain security across devices, IAM code must be wherever it’s needed, when it’s needed, and automated, just like any other code. And the better we do this, the more safeguarded we all are with our ubiquitous computers.
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
From Open Banking, to Embedded Finance and Insurance
Tech adoption in finance and banking: Clouds, APIs, DevOps, and emerging technologies
Christina Voskoglou, Director of Research at SlashData
Platform Ecosystem and Layered Molular ArchitectureHiroshi Takahashi
When the digital technology penetrates universally, it affects the product architecture and the organizing logic of the enterprise, and also changes the information system and the form used by the enterprise. Therefore, IoT, AI, Big Data etc which are currently talked about must also be considered in line with such flow. As a new architecture, the layered modular architecture consisting of four layers of devices, networks, services, and contents is a hot topic. This also affects how enterprises organize innovation and provide services. There is also a paper that examines the direction of such changes by platform theory. Interestingly, when analyzing the relationship between developers outside the organization and platformers, developers exclusively set periods to earn with their own applications for a certain period of time in order to increase the incentive of developers . It incorporates rights holding close to a kind of patent on the platform. There is approaching platform governance that is evolving rapidly.
201807 - Introduction, business value and how to get engaged in FINOS ProgramsFINOS
201807 - Introduction, business value and how to get engaged in FINOS Programs, including FDC3, Financial Objects, Finserv developer experience, Voice Technology, Hadouken, Plexus, Symphony, Open Source Readiness and the upcoming Data Technology program
Soluciones de Código Abierto - Perspectivas, Resultados y Soluciones de ValorWSO2
En la presente Webinar veremos como las soluciones de código abierto, registran un claro "crecimiento exponencial" en su uso corporativo y gubernamental en Latinoamérica y cómo estas entidades han depositado la confianza de su crecimiento en ellas. Veremos ejemplos de cómo la plataforma de código abierto de WSO2 nos permite desarrollar estas soluciones y responder a los desafíos presentes y futuros con claros ejemplos y demostraciones.
An introduction to Symphony Softwar Foundation, community, projects, open source and open standards focused initiatives for innovation in financial services and fintech.
For more information check out:
Website: http://symphony.foundation
Wiki: https://symphonyoss.atlassian.net/wiki/
Github: https://github.com/symphonyoss/
Has the time come to collaboratively develop the software the language industry needs? To be more creative than any single company by sharing ideas, effort and costs? Instead of being suspicious competitors, is the language industry ready to work together and share ideas?
Many companies in the industry express the need for tools, which
- truly support Open Standards
- can be extended, customized and integrated the way they need it
- are driven by the latest research
- are well supported
- are affordable
The OSELI initiative hopes to achieve traction.
Buddy, partnered with industry leaders such as Amazon, Docker, Github, Microsoft, and Google, is a winning development automation platform that serves a rapidly growing market valued to become $345 billion by 2022. Over 7,000 developers use Buddy every day across 120+ countries. Featured customers: INC. Magazine, CGI.com & ING Bank. Our vision is to become the backbone on which talented people can build world-altering apps & services. Our goal is to take the load off millions of developers by offloading everything that can be automated – giving them back the time for being creative.
Community Platform: Choosing the Right One Satya S
How will you go about selecting the best platform out there in the market? Are you selecting a product that has features which can really be utilized? Do you really require the host of features offered by the social networking tools? Get answers to all these questions and much more.
Open Collaboration in a Digital World | Find your place in the futureDeborah Bryant
Presented at the invitation of the 2020 Global Technology Summit in December of 2020, Red Hat Senior Director Deborah Bryant provides a view of open source software's (OSS) impact ;the COVID 19 pandemic's acceleration OSS use and adoption; shifts in the OSS ecosystem; trends in OSS formalizing OSS strategy and its role in digital transformation;
Open Source and its role in a new IT ecosystemBruno von Rotz
Bob Gett presents Optaros' view on how Open Source influences the overall IT eco system and how it's a key ingredient of many of the new business models we currenlty see developing
OSSF 2018 - Overcoming Compliance Barriers to Open Source Collaboration Infra...FINOS
In this talk Jamie Jones, GitHub’s Principal Architect, Diane Mueller is Director, Community Development at Red Hat, and Maurizio Pillitu, FINOS DevOps Director, present what are the most common barriers and technical frictions that prevent financial institutions to fully embrace open source. The FinsServ Developer Experience is a new FINOS Program that aims to consolidate a safe, accessible and shared workflow for developers in the financial world, who are welcome to join the talk and share their experiences. The program leads will be on stage to present charters, updates and to call for the participation of developers and software vendors wanting to plug their build automation tools and data APIs inside the FINOS Developer Experience.
Similar to 2019-03 - An introduction to FINOS (20)
OSSF 2018 - Peter Crocker of Cumulus Networks - TCO and technical advantages ...FINOS
Technology leaders (CTO, VP Infrastructure, etc.) at most organisations are always looking for better and more efficient ways to address business needs. Performance is one of the critical attributes leaders consider while making data center infrastructure decisions, but with limited budgets, cost efficiency becomes an important criteria as well. This talk will discuss both CapEx and OpEx advantages of open networking, combined with technical benefits that lead to easier automation, scaling and troubleshooting.
OSSF 2018 - Steve Helvie of the Open Compute Network - Rethinking Infrastruct...FINOS
This talk focuses on how Financial Services companies prepare for the next big technology step change while running a heterogeneous infrastructure environment (edge, fog, colo, primary data centre, etc).
Financial Services companies are looking for best practices gleamed from hyper-scale companies like Facebook, Microsoft and Google who run highly efficient private and public clouds. The sharing of open hardware and data centre designs is a core strategy for these companies and the basis for the Open Compute Project (OCP).
The Open Compute Project (OCP) was started by Facebook in 2011 with the idea of delivering the most efficient designs for scalable computing through an open source hardware community. We believe that openly sharing ideas, specifications, and other intellectual property is the key to maximizing innovation and reducing complexity in technology components. Goldman Sachs (a current board member of OCP) is one example of a company who is leveraging these designs.
OCP designs are more efficient at the ingredient level (server, storage, networking) compared to traditional gear yielding energy savings of 15% + and reduced service costs of ≈ 50%. Also, OCP data centres achieve PUE's better than 1.1 (definition). In fact, IDC forecast that by 2020 OCP Servers are expected to represent 50% of the global market.
In this session we would discuss the key strategies Financial Services companies need to consider now to simplify the migration and data centre transformation from conventional gear to OCP and open source. We would provide specific examples of how other Financial Services companies and large enterprises have made this transition. Additional goals would include:
• Research findings – share results comparing OCP with legacy infrastructure from large enterprises who have tested OCP gear in their local facilities.
• Facebook and Microsoft – help the audience understand which OCP designs from hyper-scale companies can be used for each environment (colo, edge, etc.)
OSSF 2018 - Stefan Just of Codescoop - OSCAR - a new approach to Software Com...FINOS
The scale of modern software systems is growing beyond the capability of individuals and teams to keep track of them. This is caused by new software development and deployment technologies, DevOps automation, increasingly powerful hardware and massive use of open source. Traditional proprietary Software Composition Analysis (SCA) products, which were developed to help mitigate Open Source licensing and vulnerability risks, and ensure software is within company policy and industry compliant, have struggled to keep up with this new scale and its modern methods like continuous integration, continuous package updates and agile releases. Because proprietary solutions are unable to keep up, companies are working to build their own internal systems to plug the gaps, which takes away from their core business needs.
The Eclipse Foundation recently announced a new project, OSCAR, to solve the problem of scaling SCA to modern needs with an Open Source approach. OSCAR, which stands for Open Software Composition Analysis Reinvented, aims to integrate the new building blocks into a complete installable SCA solution and act as an industry forum to coordinate coherent further development.
Different from other “community driven” OSS projects, OSCAR is built around an industry consortium of supporters, which fund and contribute to the project, in an Eclipse Working Group (OpenSCA). Foundation of a Steering Committee, decision meetings on first milestone goals to build as well as first contributions are underway. The talk will explain why SCA is vital for any organization who works with Open Source, the OSCAR’s “hybrid” approach, and give an outlook on what to expect from OSCAR
OSSF 2018 - Nick Kolba of OpenFin - FDC3 and the Legacy of Web IntentsFINOS
Why Web Intents is the model: All financial applications are moving to web, The stated goal of web intents is what we want in finance, De-centralized. Why web intents failed: politics, Too broad , UX issues that can’t be solved without aggregator platforms. Why FDC3 won’t: timing, Industry specific focus, A different kind of User Agent (Desktop Agent / OpenFin Approach).
OSSF 2018 - Matt Barrett of Adaptive - Open sourcing a bank's software: exact...FINOS
Banks have been users of open source software for a long time, but now they are thinking seriously about giving back. A lot of internal resistance needs to be overcome, and lots of individuals within a large investment bank truly believe their piece of custom built software provides a competitive advantage. At Adaptive, we have seen a lot of very similar internal projects at various institutions, and have formed a view about what truly constitutes competitive advantage. What is good for the organisation may not be good for a given development manager.
Further to the issues around over jealously guarding specific development efforts is the problem that what is open sourced is often far too coupled to a bank's non-open sourced tech stack. Causing more subtle difficulties in working with another bank's open sourced technology stack is that it is often implicitly coupled to their culture, processes or business model. Picking what to open source is a huge part of the challenge.
In this talk, I will give Adaptive's view on what is competitive advantage, what to open source so that it is picked up by the wider community, and actual benefits are seen.
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open SourceFINOS
This training session will cover some of the topics from the OpenChain curriculum, including:
introduction to intellectual property law as related to open source
introduction to open source licenses
overview of using open source software in products and open source license compliance
considerations for open source contributions and projects
The goal of this session is to provide basic foundation knowledge of open source software upon which to start building policy, process and practices within your organization.
OSSF 2018 - Jeff Luszcz of Flexera - Day 2 - Open Source Culture, Standards, ...FINOS
The draw for financial services' use of open source in today's competitive environment is certainly built on the need to manage costs, but equally as important, to innovate and help solve business challenges. Implementing open source policies, processes and tools the right way could mean the difference between being a leader in the industry and costly mistakes that impact your reputation and bottom-line. In this session, Jeff Luszcz, Vice President of Product Management at Flexera, takes a deep dive into some of the common--and not so common--concerns and best practices surrounding using open source. Jeff will discuss the needs of the different open source culture types including compliance and security, how to manage commercial suppliers and compliance artifacts (third party notices, 'About' boxes, source bundles, etc.), and industry standards such as OpenChain and SPDX.
Jeff will address lessons learned from deploying software composition analysis (SCA) scanning tools across the enterprise, the importance of developing processes that enhance the value of engineers and developers versus making their jobs harder, and how legal, engineering, and security work together to develop remediation policies that make sense. Jeff will also discuss how to work best with Open Source projects in order to give back to the community. Join Jeff for this talk if you are involved in open source use, compliance and security and want an in-depth look at both the expected and unexpected issues you could face in your open source efforts.
OSSF 2018 - Jeff Luszcz of Flexera - Common Open Source Intake Issues and How...FINOS
In this talk Jeff Luszcz, Vice President of Product Management at Flexera, explores the lessons learned over years of experience with Open Source consumption, the most common compliance and security issues, reasons for software component rejection, and tips and tricks for improving your compliance efforts. It is becoming common for open source compliance reviews to be performed both when a component is being first selected, or later on after the component has already been integrated into a system. This presentation will detail the most common reasons why an open source software component would be rejected for use or would be removed from an existing system due to compliance or security reasons. This talk will include a checklist of the most common compliance review failures as well as the differences in expectations between the creators of open source packages and their users. Common remediation tasks, go-no tests and documentation expectations will be discussed. The talk is for anyone involved with ensuring open source license compliance.
OSSF 2018 - Jared Broad of QuantConnect - Motivations and Business Goals for ...FINOS
Many firms first look to open source to lower the costs of their non-competitive technology, like back-office systems. This talk will show how open-sourcing software that is critical to an organization's competitive edge can create value by exploiting the network effects of collaborative development. Jared Broad, CEO of QuantConnect, will explore why his company open-sourced LEAN, its radically open source algorithmic trading platform, and how QuantConnect has attracted over 60,000 engineers with its professional-grade backtesting and live-trading system used by banks and funds globally.
OSSF 2018 - Jamie Jones of GitHub - Pull what where? Contributing to Open Sou...FINOS
Pull Requests? Upstream Remotes? Compact Discs? Understanding how to publish code developed inside your organization into the Open Source world can leave you with more questions than answers. In this talk, we will cover key strategies, as well as the workflows and tools that make it possible, for moving past merely consuming open source on GitHub to becoming contributors. Whether you are an IT Manager or Head of Open Source, you will walk away with tips to on how to contribute while staying compliant with legal, technical and security approvals within your organization.
OSSF 2018 - Greg Olson of Open Source Sense - Building Mission- and Business-...FINOS
Today, open source dominates IT and communications infrastructure from the cloud to corporate data centers and the emerging edge. But open source with its rapid pace of development, frequent releases, and prolific patch set defies traditional practices and conditions for building mission- and business-critical software: stability, auditability and standards-compliance.
This talk will examine how companies address this "impedance mismatch" in consuming, integrating and deploying open source in applications that demand predictability and sustainability. In particular, the presentation will cover
(re)defining mission- and business-critical in the context of open source
technology-centric and process-based approaches to OSS-derived product life-cycles
forking and minimizing technical debt
building community visibility to support derived product roadmaps
OSSF 2018 - Dawn Foster of Pivotal - Open Source Collaboration: Finding the R...FINOS
Collaboration within open source projects is becoming increasingly important for most companies, but it can be difficult to strike the right balance between the needs of the company and the open source project. Dawn Foster works on open source software strategy at Pivotal and has 20+ years of experience leading open source software initiatives at companies like Puppet Labs, Intel, and Jive Software. Her talk will focus on how companies can develop a successful strategy for participation and collaboration in open source projects, including how to be a good corporate citizen.
OSSF 2018 - David Kappos of Cravath, Swaine & Moore - Accounting for Patents ...FINOS
Innovation in the past decade has been been propelled by collaborative yet market-driven approaches to intellectual property rights. The standard setting process is a prime example of such a collaborative effort by incorporating the best intellectual property of a given field into a standard and insuring such standard essential patents (SEPs) are then licensed to adapters on fair, reasonable and non-discriminatory (FRAND) terms. This construct has resulted in groundbreaking technology in sectors ranging from telecommunications to autonomous vehicles. However, some have argued that SEPs are incompatible with open source licenses. Examining the historical record of open source development, the open source definition and relevant case law shows that open source and SEPs can and do work together to protect intellectual property rights and spur innovation.
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101FINOS
Open source components have become a key building block for application development in today’s market where companies are under constant pressure to deploy products as fast as possible. The recent increase in open source usage, however, has introduced many new security challenges. Over the past few years, we have seen a variety of open source vulnerabilities wreak havoc across the web (Heartbleed, Shellshock, and POODLE) which woke organizations up to the risks that come along with the convenience of using open source components.
Join our session to:
Learn how open source security vulnerabilities are found
Learn how to address any open source security concerns within your organization
Understand the difference between securing your open source components and your proprietary code
Learn how to automatically detect vulnerable open source components and prioritize security alerts
OSSF 2018 - Daniel Izquierdo of Bitergia / InnerSource Commons - Starting wit...FINOS
Inner source applies the lessons learned from open source way of developing software within organizations. This helps to scale organizations development strategy, break silos of developers, encourage internal collaboration, and be faster to market.
If we think about why open source has been so successful, we have to consider attributes such as transparency, communication, collaboration, innovation or meritocracy. And this can be applied internally within the walls of each organization creating an 'internal open source' or the so called inner source.
As more and more developers are becoming used to platforms such GitLab, GitHub, or Bitbucket, those are willing to use similar infrastructure and modern tools internally at their organizations. Thus, inner source is another way to modernize development teams, but at the same time, a way to be close to how open source is developed from a cultural point of view, process, and tooling.
Inner source can be considered then as a pre-step to publicly release a project. Ideally, only a press-button-action is the difference between having that project as inner source within the organization, or as open source, available to everyone.
Daniel will discuss best practices for innersourcing based on his participation in InnerSource Commons, a community of practitioners built for developing and sharing knowledge and patterns for successful innersourcing.
OSSF 2018 - Danese Cooper of NearForm - Getting the most out of Open Source i...FINOS
Leading Fintech companies are bullish on Open Source, but most of them still don't know how to get involved in ways that harmonize with the Regulatory climate of the Financial Services industry. In this talk you'll learn how to maintain Security within transparently developed software assets and how to teach your internal developers to collaborate safely and sanely? You'll hear about the best pathways to building an Open Source program at your Fintech company without costly mistakes that can reflect badly on your brand. Lastly you'll learn about a community of practice that is perfectly suited to the needs of Fintech companies looking to get started in Open Source.
OSSF 2018 - Colin Charles of GrokOpen - Community vs. enterprise how not to ...FINOS
The Developer (GrokOpen - Colin Charles)
Your popular OSS project gets corporate-backing & widespread community adoption. You create an enterprise supported version as it's easier to sell an "enterprise spin-off with support" that is better than the currently "stable" community edition. It flourishes as the money starts rolling in. Is one version better than the other? The community gets annoyed but you need resources to keep the releases coming and the code maintained. Just because it’s open source doesn’t mean it’s free. Forking happens. Rewind.
What works? What doesn’t work? How do you manage the split personality nature well to keep management as well as the community happy. Learn from other successful models as well as the many failed experiments.
OSSF 2018 - Andrew Katz of Moorcrofts - OpenChain: a Tested Framework for Ope...FINOS
OpenChain is a scalable, flexible compliance programme, developed by the Linux Foundation. Based on well-understood compliance programmes such as ISO 27001, it maps existing supply-chain procurement and production practices from other sectors into software development. It provides a great foundation for businesses of all sizes to adopt appropriate practices and procedures in place to control development and supply chain risks, with particular emphasis on open source licence compliance. Already adopted by companies like Qualcomm, Siemens, Toyota and ARM, it’s rapidly becoming a procurement standard for open source and open-source-derived software. The speaker, Andrew Katz, has helped companies of all sizes to adopt open chain procurement practices, and presents case studies on the process and benefits.
OSSF 2018 - Amanda Brock of The Open Invention Network - Open Source AuditsFINOS
Open Source Audits: Good open source software and license management is an essential part of any fintech compliance programme. Where do open source audits fit into this programme? This session will delve into why, when and how audits should be undertaken and consider the consequences, remediation and go forward from an audit. With a practical approach, the session should enable you to understand who should be involved in an audit, and what their roles and activities will be and the outputs that may be achieved.
OSSF 2018 - Alessandro Petroni of Red Hat - Supporting Innovation and Stabili...FINOS
Open source is driving innovation by allowing contributors to adapt, extend and change software quickly to respond to market needs. Financial services are striving to reduce cost of support and operations through a modern platform that services customers and associates.
As financial services use new technology to extend market reach, technology operations are challenged to support solutions which sometimes are difficult to manage at scale. Ops and Security know that open source is not free lunch as it has to engineered, integrated into the bank operations and processes to ensure regulatory compliance.
Balancing developers’ freedom of choice vs day-two supportability cannot be ignored.
Attend this session to learn about unifying the needs for innovation and stability through an open source platform. The selection of fundamental capabilities such as cloud readiness, scale, auditability, transparency, ease of integration, product lifecycle standards can benefit both FinTech and FinServ. Open source means also tapping into a large talent pool of professionals that want to work with visibility and collaboratively.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
11. WHAT DOES FINOS TODAY?
Transparent Governance
Established collaboration methodology
Container for IP clean, secure OSS
Established Policies and legal framework
High productivity developer platform
Collaboration infrastructure and tooling
Consumer and contributor growth
Product management and marketing
Events and Community awareness
14. Join our bi-weekly Working Group calls
at finos.org/osr or email
aaron@finos.org, everyone is welcome!
Ad Hoc
Tracked
Managed
Standardized
Consume Contribute Lead
Strategic
Awareness
Policy
Technology
OSS Readiness
Assessment
Business Value of OSS
Whitepaper
Open Source
Engagement
Strategies
Reference FOSS
policy for FinServ
OSS Executive
Councils
How to set up OSS
Program Office
Surveillance solutions
for open source
engagement
OSS events & basic
trainings
Compliant OSS
engagement
infrastructure
FinServ OSS program
office knowledge
sharing
Continuous IP
compliance / security
validation tools
Compliant
infrastructure for
FINOS projects
Open source license
guidance
Open source project
governance guidance
Programs Community
Self-Promotion tools
Legend
Ongoing
Released
Future
15. JOIN OUR COMMUNITY!1
(H1 2018)
(H2 2018)
License Compliance Guide (target GA early March)
State of OSS in Financial Services, survey & whitepaper w/Aite (H1)
Goldman Sachs shares their GS-OSS process (03/27) - join here!
OSS Readiness Assessment Survey (complete for Members in H1)
OSS Readiness Member specific recommendations (H1)
Implementation of OSS readiness recommendations (H2)
2 Focused Roundtables US / EMEA (H1)
16.
17. fully hosted developer platform
to all our software contributors
communication and software development tools
18. JOIN OUR COMMUNITY!1
Reference architecture and sandbox for organizational OSS-ready surveilled development workflow
Secure standardized person to person, person to machine, machine to machine text and voice communication
Traders desktop UI, interoperability and app stores
Decentralized technologies ecosystem growth on financial services use cases (2019)
Developer access to standardized Open Data Flows (future)
19. cohesive open
industry-wide business problem
solely
everyone
transparent
governance
trust efficiency
growth
Board of Directors
PROGRAM A
PROJECTS
WORKING
GROUPS
PROGRAM A PMC
PROJECTS
WORKING
GROUPS
PROGRAM B
PROGRAM B PMC
20. RetailCapital Markets / Investment Banking
Front Office
Grow liquidity and reduce risk
Mid / Back Office
Gain workflow efficiency
(e.g. IHSM + Symphony MTM Bot)
Technology Organization
Talent attraction / retention, Lower TCO, No Vendor Lock-in
23. INDUSTRY
NETWORK
Engage with industry
leaders
Collaborate with technology and business leaders with extensive expertise
and the vision to drive the future of Open Source in Financial Services.
Head of
Innovation
CIO Global
Markets
Director of Data
Science
Head of
Strategy &
Solutions
Head of
Platform
Director Cloud
Infrastructure
Head of Client
Technology
MEMBER
SUCCESS
Focus on achieving
member goals
Benefit from our member-only initiative dedicated to maximizing
member value from all stages of engagement with FINOS.
OSS strategy
High-value
opportunities
Policy advice
Readiness
assessment
Member OSS
metrics
Training
sessions and
workshops
Bespoke
member
reports
Exert significant influence over the strategic direction of
FINOS programs and future focus areas.
STRATEGIC
DIRECTION
Steer Programs and
focus areas Open Data
Distributed
Ledgers
Common
financial
objects
Signals and
Hashtags
Voice enabled
technology
Bots, bots and
more bots
Application
interop
31. desktop applications
plug-and-play
Overview
▪
▪
Focus Areas Working Groups/Projects
API
App Directory
Context Data
Intents
Use Cases
Participants
Active participants include
Adaptive, Citadel, Factset,
Tick42, Green Key, IHS Markit,
JP Morgan, OpenFin, Refinitiv,
Scott Logic, Wellington
Business Value
▪
▪
Join the Program
fdc3+subscribe@finos.org
wiki.finos.org/fdc3
github.com/fdc3
32. high-productivity end-to-end development
tooling
▪
▪
▪
Working Groups / Projects
Developer Experience
Open Developer Platform
Foundation Dev Toolchain
GitHub Chatops Bot
Participants
GitHub, Red Hat, Morgan
Stanley, FINOS
▪
▪
Join the Program
fdx+subscribe@finos.org
wiki.finos.org/fdx
github.com/finos-fdx
finos.org/odp
33. Drive adoption of new and existing Financial
Objects Standards
▪
▪
▪
▪
Working Groups
Financial Objects
▪
▪
Participants
Citibank, FactSet, Goldman
Sachs, HSBC, JP Morgan,
Portware, Refinitiv, UBS
Join the Program
fo+subscribe@finos.org
wiki.finos.org/fo
github.com/finos-fo
34. ▪
▪
▪
▪
▪
Working Groups / Projects
Technical Steering
Committee
Symphony Integration,
Application Templates,
Layout Service, Notifications
Service, Desktop Services,
Core
Participants
OpenFin, Red Hat, Citadel,
Eikos Partners
▪
▪
▪
Join the Program
hadouken+subscribe@finos.org
wiki.finos.org/had
github.com/hadoukenIO
35. fully enable
corporate open source
engagement
▪
▪
▪
Working Groups / Projects
Open Source Readiness
FINOS Policy for Financial
Services
Participants
Active participants include
FINOS, Deutsche Bank,
GitHub, HSBC, Morgan
Stanley, Redhat, UBS▪
▪
Join the Program
osr+subscribe@finos.org
wiki.finos.org/osr
github.com/finos-osr
36. open standard for
desktop application interoperability
▪
▪
▪
▪
▪
Projects
Plexus interop
Participants
Deutsche Bank, Refinitiv,
Glue42
▪
▪
▪
Join the Program
plexus+subscribe@finos.org
wiki.finos.org/plx
github.com/finos-plexus
37. collaborative
ecosystem
Symphony
messaging and collaboration
▪
▪
Working Groups / Projects
61 projects across API
Clients; Bots, Apps and
Integrations; Utilities;
Containers; Core Platform
Participants
60+ contributors including
individuals from Symphony,
Goldman Sachs, IHS Markit,
FinTech Studios, Glue42,
ScottLogic, Brevan Howard,
FactSet, Blackrock, Daitan▪
▪
Join the Program
symphony+subscribe@finos.org
wiki.finos.org/sym
github.com/symphonyOSS
38. voice
technologies, voice metadata, voice
APIs
▪
▪
▪
▪
▪
▪
▪
▪
Working Groups / Projects
Call Metadata
Standardization
Greenkey SDK
Greenkey Discovery SDK
Greenkey ASR toolkit
Participants
GreenKey, Cloud9
Technologies
▪
▪
▪
▪
Join the Program
voice+subscribe@finos.org
wiki.finos.org/voice
github.com/finos-voice
39. open
collaboration for technology and tools
data across
the full lifecycle
▪
▪
Working Groups / Projects
Kdb+ working group
Kdb+ project
Security Reference Data
working group
Participants
AQR, Citibank, JP Morgan,
Morgan Stanley, Nomura,
UBS
▪
▪
▪
Join the Program
data-tech+subscribe@finos.org
wiki.finos.org/dt
github.com/finos-data-tech
40. Robust and flexible data visualization
tools
open collaboration on technology and
tooling
▪
▪
Working Groups / Projects
TBD WG
Perspective project
Participants
JP Morgan
▪
▪
Join the Program
dav+subscribe@finos.org
wiki.finos.org/dav
41. facilitate
coordination of decentralized applications
▪
▪
Working Groups / Projects
TBD
Participants
Clovyr, IHS Markit
▪
▪ Join the Program
deg+subscribe@finos.org
wiki.finos.org/deg
43. ▪ Technical Infrastructure.
▪ Migration.
▪ Governance.
▪ Legal and Licensing.
▪ Ready Made and Growing Community.
▪ Product Management and Product Marketing Support.
44. Target (Expected) Operations At Risk Intervention/Action Required
Diversity &
Viability
● Program PMC is composed of individuals from 3+ organizations, ideally of 2+
org types, and including 1 bank
● Women represent 50%+ of active participants
● Program leadership is actively seeking new participants and contributions
across different channel, forums, and organizations
● Contributed projects are “seconded” - additional organizations other than
the contributor commit to contributing to the code base
● Program PMC is composed of individuals from just two organizations
● Less than 35% of the program’s active participants are women
● Less than 50% of the program’s active participants are members of
traditionally underrepresented demographic groups
● Program PMC is composed of individuals all from the same organization
● PMC membership itself is in transition, incomplete, or in doubt
● Less than 25% of the program’s active participants are members of
traditionally underrepresented* demographic groups
● One or more project or working groups are missing a lead / chair, and have
been for > 1 month
Roadmap &
Resources
● Programs and projects work to a public roadmap; programs consider the
releases from all component workgroups and projects and how they fit
together
● Programs are actively supported with appropriate resources needed as they
move through project lifecycle, e.g. from incubating to operating
● Program has committed resources from participating firms who
themselves have permission to work on the program as part of their “day
job”
● No requirement exists for developers to create a separate “work” /corporate
github ID
● 2019 Roadmap exists but is not published on the wiki and/or is
incomplete (e.g., does consider work activities of all projects and work
groups)
● Roadmap milestones were missed in the previous quarter
● Projects are staying in incubating status for >6 months
● Participants in the program largely do so “on the side”, fitting time for
FINOS and other OSS work amongst their official job duties on which
their performance review and incentive comp plan depends
● No 2019 roadmap exists
● No roadmap was used in the last quarter of 2018
● Projects are staying in incubating status for >12 months
● Participants in the program do so from home, on home networks using
their personal computer; OSS work is not an official or even officially
permitted part of most participants’ “day jobs”
● No plausible path to a production ready, publicly available, product/release
can be identified amongst the program’s projects and working groups
Hygiene &
Operations
● Meeting agenda developed and shared via the mailing list >24 hours in
advance
● Minutes are kept including all action items, resolutions and attendees and
where/if a policy exists the policy is followed; minutes are distributed within
a week of the meeting
● PMC meets at least once a month
● Questions/Inquiries to the general list are answered intermittently
● Minutes are kept for most but not all meetings and/or minutes are
sometimes incomplete
● PMC meets at least once a quarter
● PMC members, especially PMC leads, have difficulty using collaboration
infrastructure (e.g., Google Groups)
● Questions/Inquiries to the general list often go unanswered
● Communication is ad hoc, infrequently using program mailing lists, and is
largely dependent on 1:1 phone calls and emails (and thus opaque to the
larger community)
● PMC and/or general meetings are not happening
Quality &
Security
● Code is well written, demonstrably proven to be secure, and follows best
practices
● Code in program projects is written consistent with foundation legal and
licensing requirements
● Projects build test cases as they code, integrating test cases into the build
process
● Use of CI/CD tooling is common but not consistent across all code
producing projects
● Code of programs projects’ is uses differing coding standards, idioms,
and design patters
● Testing of program’s projects’ codebases is intermittent and haphazard
● Coding standards are idiosyncratic
● One or more projects introduce a dependency that has a non-compliant
license
● Use of CI/CD tools is not consistent and dependent solely in personal
preferences of individual developers
● License inspection of code is not occurring or haphazard
Growth &
Adoption
● There is QoQ growth in active participants
● The program has projects or working groups that have released code or
other work products that are being used in production, and that usage is
growing
● How the program’s projects’ released code and work products create/will
create business value can be quantified and easily explained in layperson
terms
● Active participation is flat
● The potential/expected business value to be derived from projects is
generally understood through not known for sure, and yet to be
quantified
● Active participants are declining QoQ
● The connection between what projects and working groups are working on
and how that work could create value for financial services users/consumers
of project/WG work products is not understood
* Traditionally underrepresented groups in both financial services and technology; including women and people of color