Open Source as an Element of Corporate Strategy

•Download as PPTX, PDF•

10 likes•6,107 views

Your company is using open source, even if you don’t know it. On average, enterprise organizations are utilizing 30% open source within their code bases, and industry leaders often report up to 80% of their software is open source. More importantly, they treat open source as a strategic asset, deliberately investing in open source as a brand differentiator and as a means of thwarting the competition, getting to market faster, and attracting the best talent. Does your company have an open source strategy? Now is the time to ask this question, because more than likely your competitors do. This 2014 All Things Open presentation by Samsung's Guy Martin and Black Duck Software's Shawn Briscoe, covers: - Key dimensions of a comprehensive open source strategy - Important business issues and intelligent decisioning - How to mitigate legal and operational risk - The value of aligning open source stakeholders towards the larger mission of corporate success - An understanding of the role community dynamics play in a successful initiative - Samsung – a real world case study

Technology

OPEN SOURCE AS AN ELEMENT OF
CORPORATE STRATEGY
Shawn Briscoe
Director Strategy SVCS
@black_duck_sw
© 2014 Black Duck Software, Inc. All Rights Reserved.
Guy Martin
Senior Strategist
@SamsungOSG

FRAMEWORK FOR OPEN SOURCE
INTERACTIONS
Flexible Framework for:
• Organizational/team-specific
needs
• Evolving adoption/use of OSS
• Interrelated focus areas
Four (4) Focus Areas:
• Strategy & Governance
• Consume
• Collaborate
• Create
2 © 2014 Black Duck Software, Inc. All Rights Reserved.

OPEN SOURCE IS A STRATEGIC ASSET
30%
80%
Average* Best in class
*Source: IDC 2012
3 © 2014 Black Duck Software, Inc. All Rights Reserved.

2014 SURVEY COLLABORATORS
5 © 2014 Black Duck Software, Inc. All Rights Reserved.

FACTORS FOR ENTERPRISE ADOPTION OF
OSS
6 © 2014 Black Duck Software, Inc. All Rights Reserved.

FACTORS FOR ENTERPRISE PARTICIPATION IN
OPEN SOURCE COMMUNITIES
7 © 2014 Black Duck Software, Inc. All Rights Reserved.

ELEMENTS OF AN ENTERPRISE OPEN SOURCE
STRATEGY
Product
Open Source
Culture Community
Strategy
Governance
8 © 2014 Black Duck Software, Inc. All Rights Reserved.

PRODUCT STRATEGY
Building
OSS
Your
Product
or Service
Building
for OSS
Open
Source
Building
with OSS
Your
Product
or Service
Open
Source Your
Product
or Service
Open
Source
9 © 2014 Black Duck Software, Inc. All Rights Reserved.
Building
on OSS
Your
Business
Open
Source

OSS LOGISTICS SOLUTIONS DELIVER ON
THE PROMISE OF OPEN SOURCE
Systematically streamline, safeguard, and
manage open source throughout your software
development value chain.
Choose Scan Approve Inventory Secure Deliver
10 © 2014 Black Duck Software, Inc. All Rights Reserved.

MITIGATE SECURITY RISKS
11 © 2014 Black Duck Software, Inc. All Rights Reserved.

CORPORATE CULTURE
INNER SOURCE
Collaboratio
n
Transparenc
y
Meritocracy
Contribution
Governance
Organization
al
Knowledge
Reuse
Metrics
12 © 2014 Black Duck Software, Inc. All Rights Reserved.

COMMUNITY STRATEGY
Operational
Efficiency
Technology
Influence
Talent
Identification
13 © 2014 Black Duck Software, Inc. All Rights Reserved.
Stewardship

CASE STUDY
Samsung Open Source
Group
14 © 2014 Black Duck Software, Inc. All Rights Reserved.

SAMSUNG OPEN SOURCE TIMELINE
Prolification +
Contributions
Exploring
Possibilities
Using embedded
Linux in select
products
Adoption
Adoption of Linux
and Open Source
SW as a viable
alternative
Tizen
Major
Contribution
2002 2005 2008 2012
15 © 2014 Black Duck Software, Inc. All Rights Reserved.
Open Source
Group
Created in SRA-SV
+ Open Source
Office in SRUK
2013

SAMSUNG OSG MISSION
Open
Source
Leadership
16 © 2014 Black Duck Software, Inc. All Rights Reserved.

WHY?
17 © 2014 Black Duck Software, Inc. All Rights Reserved.

HOW?
External &
Internal Visibility
Strategy
Components
Thought
Leadership
Grow Open
Source
Competence
18 © 2014 Black Duck Software, Inc. All Rights Reserved.
Upstream
Contributions
Educate/Mentor
Product
Teams

RESULTS TO DATE (2014)
• Contributions
• 25 dedicated OSS developers (16 maintainers)
• Linux Kernel, Multimedia, Graphics, Web, Virtualization
• > 6300 upstream contributions
• 2/3 bug fixes, remaining split between enhancements/new features
• 98% contribution acceptance rate
• 15% of contributions driven by business units
• Thought Leadership/Visibility
• > 60 conference presentations/papers
• 13 media mentions (including WSJ, Linux.com, etc.)
• 35 product developers graduated from
OSS Leadership Program
19 © 2014 Black Duck Software, Inc. All Rights Reserved.

Lessons Learned Along the
Road….
20 © 2014 Black Duck Software, Inc. All Rights Reserved.

RULE #1
No two communities are exactly the same!
21 © 2014 Black Duck Software, Inc. All Rights Reserved.

RULE #2
Communities don’t work for individual companies
22 © 2014 Black Duck Software, Inc. All Rights Reserved.

UNDERSTAND COMMUNITY GOVERNANCE
• Each community is different
• Contributions need to ‘fit’ with other code/patches
23 © 2014 Black Duck Software, Inc. All Rights Reserved.

UNDERSTAND COMMUNITY MOTIVATORS
• Successful communities are powered by motivated
people
• Motivation can be: status, money, peer recognition
24 © 2014 Black Duck Software, Inc. All Rights Reserved.

BE CAREFUL OF ‘CUSTOM’ LICENSES
• Communities do not work well with ‘custom licenses’
• Gaining contributors/momentum requires low barriers
to entry
http://opensource.org/licenses/index.html
25 © 2014 Black Duck Software, Inc. All Rights Reserved.

COMMUNITIES NEED NURTURING
• Posting code to public sites is not collaboration
• Community participation is a cycle – expect change
26 © 2014 Black Duck Software, Inc. All Rights Reserved.

BE HUMBLE, BUT BOLD
• Community leadership is earned, not granted
• Accept community feedback and rework code
• Bring technical expertise to the table
• Contributions need to be ongoing to maintain leadership status
Leadership != Control
Account != Leadership
Humble Bold
27 © 2014 Black Duck Software, Inc. All Rights Reserved.

THANK YOU!
28 © 2014 Black Duck Software, Inc. All Rights Reserved.

Harman designs, manufactures and markets premier audio, visual, infotainment and integrated control solutions for the automotive, consumer and professional markets. One of Harman’s biggest challenges when supplying its systems is ensuring it can prove its code complies with applicable license terms. The code must also be free of security and quality risks that could impact the integrity of the finished products. But what happens when the code is open source? While software developed in-house can be closely monitored, software that comes in through third parties is harder to track. How can Harman accurately report on operational and legal risks for components and projects it didn’t develop? Join this presentation from Alyssa Harvey Dawson, Vice President Legal, Global Intellectual Property at Harman, and Black Duck Software, covers: - Current open source trends - An in-depth review of popular licenses (including GPL) - Harman's take on open source compliance - The impact of security and technical risks beyond compliance

The New Development Organization: Embracing “Open” and “Sharing” to Deliver S...

Black Duck by Synopsys

The Head of Open Source Governance at Thomson Reuters joins Black Duck's CEO in this webinar sharing real-world insights into how to strategically bring open source methods within your development organization to improving speed and quality of development, while simultaneously impacting your business’ bottom line. View this presentation for examples of how Thomson Reuters enable new levels of collaboration inside and outside the company, with a pro-open source development strategy that helps them recruit and retain top developer talent, while also facilitating social creativity.

Black Duck Software’s 2014 Review

Black Duck by Synopsys

RVAsec Bill Weinberg Open Source Hygiene Presentation

Black Duck by Synopsys

Your Open Source Program Office

Gil Yehuda

Open Source Outlook: Expected Developments for 2016

Black Duck by Synopsys

2015 saw continued growth for open source software across many dimensions, a trend expected to continue in this coming year and a range of interesting developments that we reviewed in the last webinar. In this webinar, the panelists will discuss: - Open source and application security - Community-centered compliance as reflected in OpenChain and SPDX - The explosion of company involvement in collaborative projects - The direction of the VMware case and other topics we anticipate being hot this year Register now to join Black Duck, Mark Radcliffe and Karen Copenhaver on to discuss the hot topics generating buzz in the year to come.

2014 Future of Open Source Survey Results

Black Duck by Synopsys

2015 Future of Open Source Survey Results

Black Duck by Synopsys

With a record-breaking 1,300 respondents, the 2015 Future of Open Source Survey results highlight record levels of corporate participation in open source, as well as the greater impact OSS is having on technology and security. Yet, this year's results also reveal a reported lack of formal company policies and processes for consuming and managing open source and its associated legal, operational, and security risks. Learn more at www.blackducksoftware.com/future-of-open-source

All regulatory requirements (HIPAA, PCI, etc.) include a mandate for assessing vulnerabilities in systems that manage or store sensitive data. Organizations often opt to conduct vulnerability assessments on an annual, quarterly, or even monthly basis. But while vulnerability assessment tools can identify unpatched or misconfigured code bases, these tools overlook a large portion of an organization’s attack surface: known vulnerabilities in applications that are built in-house. These applications will not have public updates, nor will the thousands of open source components they utilize be included in public disclosures. This is concerning because over 6,000 vulnerabilities in open source projects have been reported since 2014. Register for this webinar to discover how to protect yourself.

Q1 2016 Open Source Security Report: Glibc and Beyond

Black Duck by Synopsys

The first quarter of 2016 was a big one for new open source security vulnerabilities. The Glibc vulnerability was by far the biggest. It impacts nearly 900K of the 1 million different open source projects. In this webinar, we’ll dive into Glibc and the Q1 data to help you: - Understand latest trends in open source security threats and what it means to your organization in 2016 - Simple steps to quickly find and protect yourself from newly reported threats - Prepare your organization to respond to new vulnerabilities in open source projects

Webinar–That is Not How This Works

Synopsys Software Integrity Group

During a recent webinar, Jonathan Knudsen presented: "That's Not How This Works: All Development Should Be Secure." Development teams are pressured to push new software out quickly. But with speed comes risk. Anyone can write software, but if you want to create software that is safe, secure, and robust, you need the right process. Webinar attendees will learn: • Why traditional approaches to software development usually end in tears and heartburn • How a structured approach to secure software development lowers risk for you and your customers • Why automation and security testing tools are key components in the implementation of a secure development life cycle For more information, please visit our website at www.synopsys.com/software-integrity.html

Open Source Vs Proprietary Software

Ann Yoders

Webinar–You've Got Your Open Source Audit Report–Now What?

Synopsys Software Integrity Group

Companies’ use of open source software has surpassed the occasional and solidified itself as the mainstream. Effectively identifying and managing the compliance and security risks associated with open source software can be a difficult task. Whether a company is acquiring another company, preparing for acquisition or simply wanting to manage their use of open source, the universal first step is to figure out the composition of the code, often via an audit. But what do you do once you have the audit report? For more information, please visit our website at https://www.synopsys.com/open-source-audit

Deliver your App Anywhere … Publicly or Privately

DevOps.com

Developers are increasingly adopting a microservices approach for their apps in order to gain rapid iteration capabilities required for delivering new services faster. However, delivering the App still requires multiple steps such as allocation of virtual IPs, provisioning the front load balancer, configuring firewall rules, configuring a public domain, and DDOS. At present, each of these steps requires coordination across multiple teams with multiple iterations per team. The time efficiencies gained by adopting microservices and cloud-native technologies is negated due to the time taken to deliver the App. In this session, Pranav Dharwadkar, VP of products at Volterra, and Jakub Pavlik, director of engineering, will help you understand these challenges and introduce a distributed proxy architecture that can alleviate the challenges across different cloud environments. This webinar will include a live demo using a distributed proxy architecture to advertise an App publicly and privately. In this webinar, you will learn: The steps required to deliver an App using the current approaches How a distributed proxy architecture can be used to deliver the app publicly and privately The operational benefits of a distributed proxy architecture for delivering new services

Webinar–5 ways to risk rank your vulnerabilities

Synopsys Software Integrity Group

Vulnerabilities are an inevitable part of software development and management. Whether they’re in open source or custom code, new vulnerabilities will be discovered as a codebase ages. As stated in the 2019 Open Source Security and Risk Analysis report, 60% of the codebases audited in 2018 contained at least one known vulnerability. As the number of disclosures, patches, and updates grows, security professionals must decide which critical items to address immediately and which items to defer. For more information, please visit our website at www.synopsys.com/software.

Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks

Synopsys Software Integrity Group

Tim Mackey is a principal security strategist with the Synopsys Cybersecurity Research Center(CyRC). Within this role, he engages with various technical and business communities to understand how application security is evolving with ever-expanding attack surfaces and increasingly sophisticated threats. He specializes in container security, virtualization, cloud technologies, distributed systems engineering, mission critical engineering, performance monitoring, and large-scale data center operations. Tim takes the lessons learned from these activities and delivers talks globally at conferences like RSA, KubeCon and InfoSec. For more information, please visit www.synopsys.com/software.

Open Source 360 Survey Results

Tim Mackey

As presented via webinar. The Open Source 360 survey is in its 11th year and surveyed over 800 IT professionals about their use of open source components and technologies. In prior years, this survey was known as the Future Of Open Source. Key takeaways include: - Open Source usage is growing within global organizations - Organizations recognize risks of consumption exist - Tooling to keep pace with risks is limited - Contributions to project communities are key to success

What in the World is Going on at The Linux Foundation?

Black Duck by Synopsys

The Linux Foundation has over 500 corporate members involved in over 70 member-sponsored projects. In 2016, the Linux Foundation convened over 20,000 people from 85 countries and over 4000 companies at 150 events around the world. Over 800,000 students from 215 countries have enrolled in Linux Foundation training programs. Who is driving this growth? Why do companies invest valuable resources in collaborative development? What have we learned along the way?

Webinar–The State of Open Source in M&A Transactions

Synopsys Software Integrity Group

During a recent webinar, West Monroe discussed, "The State of Open Source in M&A Transactions." Based extensive experience in M&A, West Monroe Partners is on the front line when it comes to tech due diligence, and they’ve seen a few trends emerge when it comes to open source and M&A deals. Buyers and seller alike need to understand these trends to get the most value out of any transaction. For more information, please visit our website at www.synopsys.com/open-source-audit

Webinar–The 2019 Open Source Year in Review

Synopsys Software Integrity Group

This annual review will highlight the most significant legal developments related to open source software in 2019, including: •Evolution of open source: control, sustainability, and politics •Litigation update: Cambium and Artifex cases •Patents and the open source community •Impacts of government sanctions •The shift left for compliance and rise of bug bounty programs •And much, much more For more information, please visit https://www.synopsys.com/software-integrity/managed-services/open-source-software-audit.html

Optimizing Security Velocity in Your DevSecOps Pipeline at Scale

Denim Group

Businesses are driving development teams to build, test and deliver app innovations faster and faster, while attackers continue to grow in sophistication and complexity. To protect the business, dev and security teams are deploying multiple app/network/OSS security testing tools, internal & 3rd party manual assessments, and other processes which in turn drives an exponential spike in volume of issues to analyze, correlate, triage, route and repair. Facing this data deluge, DevSecOps teams are turning to automation of mobile app security testing and orchestration of vulnerability management for speed and scale. Join Brian Reed, Chief Mobility Officer of NowSecure and Dan Cornell, Co-Founder and CTO of Denim Group in this best practices session to learn how to drive efficiencies in team and pipeline performance at scale.

Webinar–What You Need To Know About Open Source Licensing

Synopsys Software Integrity Group

Virtually every organization uses open source software, and lots of it, to create efficiencies in software development. But left unmanaged, open source can introduce legal, IP, compliance, and other risks for the business. With over 2,500 different licenses in use, legal professionals and technical managers need to understand the license obligations associated with open source and how to mitigate risks. For more information, please visit our website at www.synopsys.com/open-source-audit

Webinar–Using Evidence-Based Security

Synopsys Software Integrity Group

Eclipse community survey 2014 v2

Ian Skerrett

The Growing Research that Open Source Owns the Future in Cloud

All Things Open

Presented by: Chris Ferris & Deb Bryant Presented at the All Things Open 2021 Raleigh, NC, USA Raleigh Convention Center Abstract: The latest research on open source shows the growing need and value of the skills as well as the advancement of open source in the enterprise stack. Join Deb Bryant, Senior Director, Open Source Project Office at Red Hat and Chris Ferris, CTO, Open Technologies at IBM to cover the latest global research on Open Source. Red Hat and IBM embarked on research in 2020 that have insights on the state of open source, its practitioners and its future. 65% of developers consider skills and knowledge related to underlying Open Source cloud technologies to be more beneficial to their careers, than skills related to any specific cloud. Join us to cover some of the critical questions and discoveries which showed strong support for your skills in key open source technologies. While the widespread use of free and open source software and migration to the cloud are the two most significant shifts characterizing computing in the last two decades, open source technology is still the root of that innovation. In the era of hybrid cloud, open source is maintaining and increasing its influence. Our research suggests that over the long term, recruiting skills in the most fundamental open source tools and libraries will likely provide major benefits to both professionals and their organizations.

Webinar–Delivering a Next Generation Vulnerability Feed

Synopsys Software Integrity Group

The Synopsys Cybersecurity Research Center (CyRC) has a dedicated team of security analysts who specialize in sourcing, curating, and analyzing open source software vulnerabilities. The team delivers a customer-focused vulnerability feed comprising open source vulnerability reports called BDSAs (Black Duck Security Advisories). These reports are timely, accurate, and packed with relevant actionable information. In this webinar, Siobhan Hunter, security research lead, reveals why the high-quality content of the BDSA feed is best in class, with examples of how our BDSA feed compares with the NVD and insights into how we discover and deliver valuable vulnerability information for our customers every day. For more information, please visit our website at https://www.synopsys.com/cyrc

Buyer and Seller Perspectives on Open Source in Tech Contracts

Black Duck by Synopsys

Black Duck and Tech Contracts Academy discussed the implications of open source software in tech contracts. The topic of open source has been at the forefront of the technology industry for many years, but as the use of open source in commercial applications explodes, so do concerns about addressing license and ownership issues in contract negotiations. David Tollen is the founder of Tech Contracts Academy (www.TechContracts.com) and of Sycamore Legal P.C., in San Francisco. He’s the author of The Tech Contracts Handbook: Cloud Computing Agreements, Software Licenses, and Other IT Contracts for Lawyers and Businesspeople. He will dive into these topics from the perspective of both buyers and sellers and aims to educate on Intellectual Property (IP) protection and other terms and how they should work during contract negotiations.

"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009

eLiberatica

This is a presentation held at eLiberatica 2009. http://www.eliberatica.ro/2009/ One of the biggest events of its kind in Eastern Europe, eLiberatica brings community leaders from around the world to discuss about the hottest topics in FLOSS movement, demonstrating the advantages of adopting, using and developing Open Source and Free Software solutions. The eLiberatica organizational committee together with our speakers and guests, have graciously allowed media representatives and all attendees to photograph, videotape and otherwise record their sessions, on the condition that the photos, videos and recordings are licensed under the Creative Commons Share-Alike 3.0 License.

Open Source Governance Models

Paula Hunter

What's hot

Black duck Software's pitchi7

PCI and Vulnerability Assessments - What’s Missing?

Black Duck by Synopsys

Q1 2016 Open Source Security Report: Glibc and Beyond

Black Duck by Synopsys

Webinar–That is Not How This Works

Synopsys Software Integrity Group

Open Source Vs Proprietary Software

Ann Yoders

Webinar–You've Got Your Open Source Audit Report–Now What?

Synopsys Software Integrity Group

Deliver your App Anywhere … Publicly or Privately

DevOps.com

Webinar–5 ways to risk rank your vulnerabilities

Synopsys Software Integrity Group

Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks

Synopsys Software Integrity Group

Open Source 360 Survey Results

Tim Mackey

What in the World is Going on at The Linux Foundation?

Black Duck by Synopsys

Webinar–The State of Open Source in M&A Transactions

Synopsys Software Integrity Group

Webinar–The 2019 Open Source Year in Review

Synopsys Software Integrity Group

Optimizing Security Velocity in Your DevSecOps Pipeline at Scale

Denim Group

Webinar–What You Need To Know About Open Source Licensing

Synopsys Software Integrity Group

Webinar–Using Evidence-Based Security

Synopsys Software Integrity Group

Eclipse community survey 2014 v2

Ian Skerrett

The Growing Research that Open Source Owns the Future in Cloud

All Things Open

Webinar–Delivering a Next Generation Vulnerability Feed

Synopsys Software Integrity Group

Buyer and Seller Perspectives on Open Source in Tech Contracts

Black Duck by Synopsys

What's hot (20)

Black duck Software's pitch

PCI and Vulnerability Assessments - What’s Missing?

Q1 2016 Open Source Security Report: Glibc and Beyond

Webinar–That is Not How This Works

Open Source Vs Proprietary Software

Webinar–You've Got Your Open Source Audit Report–Now What?

Deliver your App Anywhere … Publicly or Privately

Webinar–5 ways to risk rank your vulnerabilities

Webinar–Creating a Modern AppSec Toolchain to Quantify Service Risks

Open Source 360 Survey Results

What in the World is Going on at The Linux Foundation?

Webinar–The State of Open Source in M&A Transactions

Webinar–The 2019 Open Source Year in Review

Optimizing Security Velocity in Your DevSecOps Pipeline at Scale

Webinar–What You Need To Know About Open Source Licensing

Webinar–Using Evidence-Based Security

Eclipse community survey 2014 v2

The Growing Research that Open Source Owns the Future in Cloud

Webinar–Delivering a Next Generation Vulnerability Feed

Buyer and Seller Perspectives on Open Source in Tech Contracts

Viewers also liked

"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009

eLiberatica

Open Source Governance Models

Paula Hunter

Building an Open Source Application Strategy

Acquia

EMC World 2016 - cnaITL.01 Adopting An Open Source Strategy

{code}

Open source technologies increase the speed of product delivery in today's digital world. The benefits open source provides can be realized through greater flexibility, lower costs and leverage for integration and support through a large eco-system. In this session, you will gain an understanding of how to be build an open source strategy to complement the adoption of application frameworks (Spring), PaaS (CF), and Containers/Schedulers (Docker, Mesos, Kubernetes) that enable businesses to quickly drive product offerings to the market.

OSS Governance

fOSSa - Free Open Source Software Academia Conference

This session will present the 2 new projects initiated by HP around Open Source Governance: ● FOSSBazaar is a community Web site gathering all type of information around Open Source Governance (Policy examples, Workflow models, White Papers, Blogs of experts, References to related projects, ...) ● FOSSology is a tool helping in the evaluation of Open Source licenses really used in projects by doing code analysis, and pattern matching searches in it and reporting what had been found. A video of the Fossology Project Lead, Bob Gobeille, will be made extra for the fOSSa event.

OPEN SOURCE SEMINAR PRESENTATION

Ritwick Halder

2016 Future of Open Source Survey Results

Black Duck by Synopsys

20080602 Microsoft and Open Source

David Chou

The Developer is the New CIO: How Vendors Adapt to the Changing Landscape

Lauren Cooney

451 Group: Future Of Web Content Management - Open Source CMS

Squiz

symfony: An Open-Source Framework for Professionals (PHP Day 2008)Fabien Potencier

112 - The Role of Mentoring and Project Characteristics for Onboarding in Ope...

ESEM 2014

Context: Onboarding is a process that helps newcomers become integrated members of their organisation. Successful onboarding programs can result in increased performance in conventional organisations, but there is little guidance on how to onboard new developers in Open Source Software (OSS) projects. Goal: In this study, we examine how mentoring and project characteristics influence the effectiveness and efficiency of the onboarding process. We study a collaboration program involving a total of nine Open Source Software projects and more than 120 students from dfferent universities around the world as part of Facebook’s Education Modernization Program. Method: We use quantitative measurements of source code repositories, issue tracking systems, and discussion fora to examine how newcomers become contributing members of their OSS projects. Results: We found that developers receiving deliberate onboarding support through mentoring were more active at an earlier stage than developers entering projects through conventional means. Also, we found that project size and lifetime influenced onboarding. Conclusion: Empirical decision support can contribute to a more effective onboarding process in OSS projects. Mentor support in critical stages can accelerate the process, but project maturity is also a significant factor that increases the effect of onboarding.

Open Source as IT and Business Strategy

Karim Baïna

The Hitchhikers' Guide to Free and Open Source Software Development (CompCon ...

Elena Williams

There is only one serious course about Free and Open Source Software Development delivered in Australia annually, the postgraduate level COMP8440 at ANU. Moreover the course is delivered by Andrew "Tridge" Tridgell who authored the seminal open source projects samba and the rsync algorithm. During this course he discusses his wealth of experience and trains then assesses students on contributing to the open source community. This talk will be conveying as much of this week-long course as is possible in the time available, as seen through the eyes of a graduating student who was always keen about open source yet who hadn't made their first pull-requests until during this course. Now, more than a year later, the presenter is actively involved in several open source projects and will be talking about some of the characteristics of the open source community today and describing in specific detail about how to become involved. The presenter will discuss the highs, the lows, the awkwardness and unique sense of connection and achievement that can only be fulfilled by contributing to open source. Elena Williams is a python/django web developer now working in Perth. She graduated from Master ITS program from CECS ANU in 2012. She's taught Django/Python, been involved with the Django, Python and Linux communities around Australia and organised the Python user group in Canberra whilst studying at ANU. She presented about open source participation at PyConAU 2012. She is also enthusiastic about teaching programming to non-programmers, kitesurfing, snowboarding, endurance navigation sports; is an active hacker/maker and was only called a Douglas Adams "tragic" by the Canberra Times once.

Transforming IT with an Open Source Strategy

InnoTech

Defining an Open Source Software Trustworthiness Model

Davide Taibi

This presentation show the results of my PhD thesis. Modern society depends on large-scale software systems of astonishing complexity. Because the consequences of their possible failure are so high, it is vital that software systems should exhibit a trustworthy behavior. Trustworthiness is a major issue when people and organizations are faced with the selection and the adoption of new software. Although some ad-hoc methods have been proposed (see for instance OpenBQR, OpenBRR and QSOS), there is not yet general agreement about the software characteristics contributing to its trustworthiness. Therefore, this work focuses on defining an adequate notion of trustworthiness of Open Source Software products and artifacts and identifying a number of factors that influence it to provide both developers and users with an instrument that guides them when deciding whether a given program (or library or other piece of software) is “good enough” and can be trusted in order to be used in an industrial or professional context. More details on www.taibi.it

Open source software development

Sagar Raravi

An Open Source Workshop

halehmahbod

Open Source as an Element of Corporate Strategy

Samsung Open Source Group

Guy Martin, Senior Strategist for Samsung's Open Source Group, and Shawn Briscoe, Director of Open Source Strategic Services at Black Duck Software, present on how to incorporate open source as an element of your corporate strategy, focusing on practical advice, as well as using Samsung's open source group as a case study for how to begin to shift your company's culture to be more accepting of not only consuming, but contributing to open source communities.

Open Source Software Needs You!

Charles Nutter

Have you ever used an open source project? Of course you have, but have you made any contributions yourself? Filed a bug report? Submitted a patch? Have you ever started your own OSS project, or taken a closed/private project public? What licenses should you use? How do you manage contributions? How do you encourage contributors and get work done? In this talk we'll go over the basics of OSS: how to get involved, how to start a project, how to manage contributions. We'll discuss project lifecycles, legal CYA tips, and how to keep projects moving. You'll see the inner workings of real OSS projects, and learn how to be a better OSS user and producer. Presented at Jfokus 2015

Viewers also liked (20)

"IBMs Open Source Strategy" by Adam Jollans @ eLiberatica 2009

Open Source Governance Models

Building an Open Source Application Strategy

EMC World 2016 - cnaITL.01 Adopting An Open Source Strategy

OSS Governance

OPEN SOURCE SEMINAR PRESENTATION

2016 Future of Open Source Survey Results

20080602 Microsoft and Open Source

The Developer is the New CIO: How Vendors Adapt to the Changing Landscape

451 Group: Future Of Web Content Management - Open Source CMS

symfony: An Open-Source Framework for Professionals (PHP Day 2008)

112 - The Role of Mentoring and Project Characteristics for Onboarding in Ope...

Open Source as IT and Business Strategy

The Hitchhikers' Guide to Free and Open Source Software Development (CompCon ...

Transforming IT with an Open Source Strategy

Defining an Open Source Software Trustworthiness Model

Open source software development

An Open Source Workshop

Open Source as an Element of Corporate Strategy

Open Source Software Needs You!

Similar to Open Source as an Element of Corporate Strategy

Inner-Source: The Lesson of Linux for Enterprises

Samsung Open Source Group

Why is Open Source Important to Samsung and What Are We Doing About It?

Samsung Open Source Group

Success Factors of FOSS AdoptionAlexei Fedotov

OSS Playbook

VMware Tanzu

Speakers: Stephen O’Grady, Principal Analyst and Co-Founder, RedMonk Roman Shaposhnik, Director, Open Source, Pivotal Moderator: Domain Drewitz, Director, Product Marketing, Pivotal Big Data Suite Abstract: Is your company looking to transform digitally? More enterprise executives are realizing that an active open source software strategy is critical to transforming their business in the software-driven economy. While developers may rejoice, other parts of the organization may struggle with what this means for their processes and role requirements. Join RedMonk analyst, Stephen O’Grady, and Pivotal’s Director of Open Source, Roman Shaposhnik, to learn: - Why open source is critical to digital transformation - What best practices to follow to avoid pitfalls - Where you should start to make changes and gain quick wins By the end of this webinar you should have a high-level checklist for 2016 to make open source software support your digital transformation vision.

Scaling Agile with the Lessons of Lean Product Development Flow

TechWell

While first generation agile methods have a solid track record at the team level, many agile transformations get stuck trying to expand throughout the organization. With a set of principles that can help improve software development quality and productivity, lean thinking provides a method for escaping the trap of local optimization. While agile teams can use lean principles to improve their practices, larger organizations can embrace lean to solve problems that commonly plague company-wide agile endeavors. Alan Shalloway explores the lean principles of mapping value streams, creating visibility, managing work levels, and more. Together, these lean principles and practices can help your organization dramatically reduce the amount of waste in the work that teams perform. He introduces kanban, an agile method that is a strong implementation of lean principles. Alan closes with agile adoption case studies that illustrate how lean thinking can extend Scrum practices.

National Government Webinar: Reap the Rewards of IT Consolidation

SolarWinds

We’ve seen a trend towards reducing the number of tools used to monitor and manage agency infrastructure. Network devices and systems have standardised, eliminating the need for proprietary or customised monitoring solutions. SolarWinds can help streamline your IT monitoring and management tools, so that you can take advantage of tremendous cost savings, as well as the many other benefits IT consolidation has to offer.

Construction Software & Technology Applications: What fits your biz?

Bridgit

Presented at: Vancouver Regional Construction Association Construction Learning Forum by Lauren Hasegawa, Co-Founder of Bridgit Construction Technology Applications: What fits your biz? 1. Mobile SaaS vs. stand-alone apps 2. Selecting the right software solution 3. Ready to roll out? Bridgit is a cloud-based mobile and web construction software that lets general contractors, engineering consultants, architects, owners, and subcontractors collaborate to manage all project deficiencies in real-time.

Apachecon 2014 Keynote: The Apache Way in the Cloud with Cloud Foundry

James Watters

Social Intranets for Smarter Enterprise Collaboration

rivetlogic

Why DevOps Matters To The CIO

benjaminwootton

Open Source as an Element of Corporate Strategy: A Case Study at Samsung

All Things Open

Samsung & The Path to Open Source Leadership

Samsung Open Source Group

Samsung and the Path to Open Source LeadershipRyo Jin

Samsung and the path to open source leadershipStar Channel - Nea Tileorasi

Leverage Progress Technologies for Telerik Developers

Abhishek Kant

Succeed or Fail @NikonEurope: Matching Social Strategy with Execution Renate ...

Philips

Top 7 Benefits of Using a Shared Services Model for Agile and ALM Success CollabNet

Managing Your Application Security Program with the ThreadFix Ecosystem

Denim Group

ThreadFix is an open source application vulnerability management system that helps automate many common application security tasks and integrate security and development tools. This tutorial will walk through the capabilities of the ecosystem of ThreadFix applications, showing how ThreadFix can be used to: •Manage a risk-ranked application portfolio •Consolidate, normalize and de-duplicate the results of DAST, SAST and other application security testing activities and track these results over time to produce trending and mean-time-to-fix reporting •Convert application vulnerabilities into software defects in developer issue tracking systems •Pre-seed DAST scanners such as OWASP ZAP with application attack surface data to allow for better scan coverage •Instrument developer Continuous Integration (CI) systems such as Jenkins to automatically collect security test data •Map the results of DAST and SAST scanning into developer IDEs The presentation walks through these scenarios and demonstrates how ThreadFix, along with other open source tools, can be used to address common problems faced by teams implementing software security programs. It will also provide insight into the ThreadFix development roadmap and upcoming enhancements.

20140327-S602-MobileRussell Lewis

The Cisco Intranet Case Study by Todd West

Prescient Digital Media

Similar to Open Source as an Element of Corporate Strategy (20)

Inner-Source: The Lesson of Linux for Enterprises

Why is Open Source Important to Samsung and What Are We Doing About It?

Success Factors of FOSS Adoption

OSS Playbook

Scaling Agile with the Lessons of Lean Product Development Flow

National Government Webinar: Reap the Rewards of IT Consolidation

Construction Software & Technology Applications: What fits your biz?

Apachecon 2014 Keynote: The Apache Way in the Cloud with Cloud Foundry

Social Intranets for Smarter Enterprise Collaboration

Why DevOps Matters To The CIO

Open Source as an Element of Corporate Strategy: A Case Study at Samsung

Samsung & The Path to Open Source Leadership

Samsung and the Path to Open Source Leadership

Samsung and the path to open source leadership

Leverage Progress Technologies for Telerik Developers

Succeed or Fail @NikonEurope: Matching Social Strategy with Execution Renate ...

Top 7 Benefits of Using a Shared Services Model for Agile and ALM Success

Managing Your Application Security Program with the ThreadFix Ecosystem

20140327-S602-Mobile

The Cisco Intranet Case Study by Todd West

More from Black Duck by Synopsys

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...

Black Duck by Synopsys

Anthony Decicco, shareholder, GTC Law Group presented at FLIGHT West 2018. His session description included: A buyer and investor focused discussion of key open source software-related issues and deal points. Understanding the key legal and technical risks, as well as strategies for mitigating them, will help you to focus due diligence, speed and smooth negotiations and get better deal terms, increasing overall value and avoiding post-transaction surprises. For more information, please visit us at www.blackducksoftware.com

FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...

Black Duck by Synopsys

Basma Shahadat, Lead Research Engineer presented at Black Duck Flight West 2018. Security checking in the early stages of the SDLC is critical. This session will demonstrate how Proofpoint is taking proactive steps to reduce risk by integrating Black Duck into Proofpoint’s continuous integration pipeline to detect open source vulnerabilities during the product build. For more information, please visit us at https://www.blackducksoftware.com/

FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub

Black Duck by Synopsys

FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...

Black Duck by Synopsys

FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...

Black Duck by Synopsys

Open-Source- Sicherheits- und Risikoanalyse 2018

Black Duck by Synopsys

FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...

Black Duck by Synopsys

At Flight Amsterdam, Fenna Douwenga, Associate, Bird & Bird provided practical tips on open source licenses, intellectual property rights, and trade secrets. During the presentation Fenna reviewed, everlasting conflict between patents, copyright and open source and how it can be overcome. Additionally, the new European Trade Secrets Directive was discussed and how some of the requirements therein may for instance conflict with the GNU General Public license. Furthermore, a quick outline of the influence of Brexit on licenses closed under UK law was given and how potential problems can be prevented.

FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide

Black Duck by Synopsys

FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal

Black Duck by Synopsys

Flight Amsterdam presentation by Anthony Decicco, Shareholder, GTC Law Group Open source software is increasingly centric to transactions, whether licensing, mergers, acquisitions, financing, insurance, offerings or loans, and the deal landscape is changing with the prevalence of representation and warranty insurance, heightened focus on security vulnerabilities and increasing litigation. As such, it is important to understand and re-visit key open source software-related issues and deal points to accelerate your deal, avoid unnecessary due diligence and realize the most value from your open source software-related compliance efforts.

FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...

Black Duck by Synopsys

FLIGHT Amsterdam Presentation - From Protex to Hub

Black Duck by Synopsys

Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...

Black Duck by Synopsys

The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April. You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week. Don’t delay, subscribe today! Now on to this week’s open source security and cybersecurity news.

Open Source Insight:GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...

Black Duck by Synopsys

Open Source Rookies and Community

Black Duck by Synopsys

Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...

Black Duck by Synopsys

We look at the three reasons you must attend the FLIGHT Amsterdam conference; how to build outstanding projects in the open source community; and why isn’t every app being security tested? Plus, in-depth into the TRITON attack; why 2018 is the year of open source; how open source is driving both IoT and AI and a webinar on the 2018 Open Source Rookies of the Year. Open Source Insight is your weekly news resource for open source security and cybersecurity news!

Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...

Black Duck by Synopsys

It’s an acronym-filled issue of Open Source Insight, as we look at the question of SCA (software composition analysis) and how it fits into the DevOps environment. The DHS (Department of Homeland Security) has concerning security gaps, according to its OIG (Office of Inspector General). Can the CVE (Common Vulnerabilities and Exposures) gap be closed? The GDPR (General Data Protection Regulation) is bearing down on us like a freight train, and it’s past time to include open source security into your GDPR plans. Plus, an intro to the Open Hub community, looking at security for blockchain apps, and best practices for open source security in container environments are all featured in this week’s cybersecurity and open source security news.

Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...

Black Duck by Synopsys

Welcome to the March 2nd edition of Open Source Insight from Black Duck by Synopsys! We look at places you’d never expect to find GDPR data, as well as answers to your most-frequently-asked GDPR questions. Synopsys Principal Scientist Sammy Migues explores why enterprises must have a software security program while Black Duck Technology Evangelist, Tim Mackey, takes a look at building application security into the heart of DevOps. Plus, a report that may give you nightmares on the malicious possibilities of AI. All the cybersecurity and open source security news fit to print lies ahead for your reading pleasure…

Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...

Black Duck by Synopsys

This week’s Open Source Insight features a powerful visualization tool displaying the world’s biggest data breaches at name brands such as Ebay, Equifax, Anthem, and Target. The White House and British Foreign Office have condemned a cyber-attack launched by the Russian military on Ukraine and hint at reprisals. Black Duck brings open source vulnerability detection to Kubernetes, and Synopsys will host Elevate, an evening thought leadership event at Embedded World 2018 featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions. Read on for all the open source security and cybersecurity news you need to know this week.

Open Source Insight: Happy Birthday Open Source and Application Security for ...

Black Duck by Synopsys

Opinions differ on exactly when, but open source turned twenty this year. Most security breaches in 2017 were preventable (you hear that, Equifax?), and it’s time to take a look back to prevent similar breaches in 2018. iPhone source code gets leaked (for a short time). And keeping medical devices, voting machines, automobiles, and critical infrastructure safe in a world of increasing application risk. Read on for open source security and cybersecurity in Open Source Insight for February 9th, 2018.

Open Source Insight: Security Breaches and Cryptocurrency Dominating News

Black Duck by Synopsys

This week in Open Source Insight we examine blockchain security and the cryptocurrency boom. Plus, take an in depth look at open source software in tech contracts with a legal expert from Tech Contracts Academy, Adobe Flash Player continues to be a security concern, the Open Source Initiative turns 20, and step by step instructions for migrating to Docker on Black Duck Hub. Cybersecurity and security breach news also dominates this week, as Synopsys examines security breaches in 2017 and how they were preventable.

More from Black Duck by Synopsys (20)

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...

FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...

FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub

FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...

FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...

Open-Source- Sicherheits- und Risikoanalyse 2018

FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...

FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide

FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal

FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...

FLIGHT Amsterdam Presentation - From Protex to Hub

Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...

Open Source Insight:GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...

Open Source Rookies and Community

Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...

Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...

Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...

Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...

Open Source Insight: Happy Birthday Open Source and Application Security for ...

Open Source Insight: Security Breaches and Cryptocurrency Dominating News

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

The Future of Platform Engineering

Jemma Hussein Allen

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Knowledge engineering: from people to machines and back

Elena Simperl

Recently uploaded (20)

Essentials of Automations: Optimizing FME Workflows with Parameters

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Key Trends Shaping the Future of Infrastructure.pdf

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Epistemic Interaction - tuning interfaces to provide information for AI support

Assuring Contact Center Experiences for Your Customers With ThousandEyes

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Generating a custom Ruby SDK for your web service or Rails API using Smithy

How world-class product teams are winning in the AI era by CEO and Founder, P...

Accelerate your Kubernetes clusters with Varnish Caching

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

The Future of Platform Engineering

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

FIDO Alliance Osaka Seminar: Overview.pdf

GraphRAG is All You need? LLM & Knowledge Graph

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Knowledge engineering: from people to machines and back

Open Source as an Element of Corporate Strategy

2. FRAMEWORK FOR OPEN SOURCE INTERACTIONS Flexible Framework for: • Organizational/team-specific needs • Evolving adoption/use of OSS • Interrelated focus areas Four (4) Focus Areas: • Strategy & Governance • Consume • Collaborate • Create 2 © 2014 Black Duck Software, Inc. All Rights Reserved.

4. 2014 the future of OPEN SOURCE +

9. PRODUCT STRATEGY Building OSS Your Product or Service Building for OSS Open Source Building with OSS Your Product or Service Open Source Your Product or Service Open Source 9 © 2014 Black Duck Software, Inc. All Rights Reserved. Building on OSS Your Business Open Source

10. OSS LOGISTICS SOLUTIONS DELIVER ON THE PROMISE OF OPEN SOURCE Systematically streamline, safeguard, and manage open source throughout your software development value chain. Choose Scan Approve Inventory Secure Deliver 10 © 2014 Black Duck Software, Inc. All Rights Reserved.

15. SAMSUNG OPEN SOURCE TIMELINE Prolification + Contributions Exploring Possibilities Using embedded Linux in select products Adoption Adoption of Linux and Open Source SW as a viable alternative Tizen Major Contribution 2002 2005 2008 2012 15 © 2014 Black Duck Software, Inc. All Rights Reserved. Open Source Group Created in SRA-SV + Open Source Office in SRUK 2013

18. HOW? External & Internal Visibility Strategy Components Thought Leadership Grow Open Source Competence 18 © 2014 Black Duck Software, Inc. All Rights Reserved. Upstream Contributions Educate/Mentor Product Teams

19. RESULTS TO DATE (2014) • Contributions • 25 dedicated OSS developers (16 maintainers) • Linux Kernel, Multimedia, Graphics, Web, Virtualization • > 6300 upstream contributions • 2/3 bug fixes, remaining split between enhancements/new features • 98% contribution acceptance rate • 15% of contributions driven by business units • Thought Leadership/Visibility • > 60 conference presentations/papers • 13 media mentions (including WSJ, Linux.com, etc.) • 35 product developers graduated from OSS Leadership Program 19 © 2014 Black Duck Software, Inc. All Rights Reserved.

24. UNDERSTAND COMMUNITY MOTIVATORS • Successful communities are powered by motivated people • Motivation can be: status, money, peer recognition 24 © 2014 Black Duck Software, Inc. All Rights Reserved.

25. BE CAREFUL OF ‘CUSTOM’ LICENSES • Communities do not work well with ‘custom licenses’ • Gaining contributors/momentum requires low barriers to entry http://opensource.org/licenses/index.html 25 © 2014 Black Duck Software, Inc. All Rights Reserved.

27. BE HUMBLE, BUT BOLD • Community leadership is earned, not granted • Accept community feedback and rework code • Bring technical expertise to the table • Contributions need to be ongoing to maintain leadership status Leadership != Control Account != Leadership Humble Bold 27 © 2014 Black Duck Software, Inc. All Rights Reserved.

Editor's Notes

Ability to access source code, add features and fix code rose sharply from #8 to #4 in 2014 as a factor leading to increased enterprise adoption Ease of deployment rose from #6 to #3 80% of respondants say they chose OSS for competitive features or technical capabilities 67% of respondents say they chose OSS for TCO – its an attractive model for product development 72% say they chose open source for security
#1 benefit is to help reduce costs #2 answer on “why to engage with communities?” was attract and retain top talent
What is the product use case? What is your target market? How competitive is your market? What is your industry doing with open source? Open source license obligations are generally triggered by distribution, so it is important to consider whether the software will be distributed and how. Examples: Red Hat Everyone & Everything ?Wordpress Apps & Android Apps & Things that run on Linux
We manage code from the point of origin to the point of consumption across the software value chain.
Operational Efficiency (support, maintenance, supercommunities) Technology Influence Talent Identification Stewardship (brand equity, cultural)
SRA Open Source Group can help navigate licenses and legal obligations - helping choose proper license based on our compliance experience.

Open Source as an Element of Corporate Strategy

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Open Source as an Element of Corporate Strategy

Similar to Open Source as an Element of Corporate Strategy (20)

More from Black Duck by Synopsys

More from Black Duck by Synopsys (20)

Recently uploaded

Recently uploaded (20)

Open Source as an Element of Corporate Strategy

Editor's Notes