18

PowerPoint Presentation · FOSS. Libre. FSF. OSI

  • Upload
    others

  • View
    5

  • Download
    0

Embed Size (px)

Citation preview

Page 1: PowerPoint Presentation · FOSS. Libre. FSF. OSI
Page 2: PowerPoint Presentation · FOSS. Libre. FSF. OSI

$> whoami

Max GnippingDirector of Services @ FOSSID [email protected]

Page 3: PowerPoint Presentation · FOSS. Libre. FSF. OSI

What is Open Source Software?

Use

Modify

Distribute

Free SoftwareOpen Source

Sour

ce A

vaila

ble

Free

war

eSh

arew

are

FOSS

LibreFSF

OSI

Page 4: PowerPoint Presentation · FOSS. Libre. FSF. OSI

<50 -10k+employees55%

The range of the company sizes in the survey*

Frequently use Open Source code in commercial products*

Use Open Source at least internally*

93%

Who uses Open Source?

*Open Source Program Survey by TODO Group https://github.com/todogroup/survey

Page 5: PowerPoint Presentation · FOSS. Libre. FSF. OSI

It is already highly likely a part of your business

You are already exposed to both risks and opportunities

Not using Open Source is not really an option any more

Why should you care?

Page 6: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Code less, integrate more

Is your inhouse solution more secure?

Make your mark on the world

New possibilities

Page 7: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: Productivity gain

1.25-125 LoC/dayThe range of developer productivity*

*Software Estimation: Demystifying the Black Art by Steve McConnell 2006

Page 8: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: Quality

2000+ issues fixed/59 CVECURL development status

Page 9: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: Development

20 000The amount of Microsoft developers using & contributing to Open Source

Page 10: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Effective license compliance can be challenging

Vulnerability monitoring and remediation is continuous

Recursive dependencies introduces a lot of complexity

New problems

Page 11: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: License variation

>1400The amount of significantly different Open Source licenses found by FOSSID

Page 12: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: Vulnerabilities

17 311Vulnerabilities reported in NVD in 2019

Page 13: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Case study: Complexity

left-pad11 LoC broke the internet in 2016 because of Kiks zealous lawyers

Page 14: PowerPoint Presentation · FOSS. Libre. FSF. OSI

How do others manage their Open Source?

Page 15: PowerPoint Presentation · FOSS. Libre. FSF. OSI

The Open Source Program Office

Page 16: PowerPoint Presentation · FOSS. Libre. FSF. OSI

The nine key steps to end-to-end compliance

Identify

Audit

Resolve

Review

Approve

Inventory

Document

Verify

Distribute

Page 17: PowerPoint Presentation · FOSS. Libre. FSF. OSI

Additional resources

https://www.openchainproject.org/

https://www.linuxfoundation.org/resources/open-source-guides

https://www.linuxfoundation.org/compliance-and-security/2018/12/open-source-compliance-in-the-enterprise/

http://todogroup.org/

Page 18: PowerPoint Presentation · FOSS. Libre. FSF. OSI

www.fossid.com