The explosion of software, especially open source software (OSS), into consumer and commercial products means it’s time forengineering and the general counsel to have a serious talk about OSS. Unfortunately, it’s a talk many in-house lawyers are ill-prepared to have in two significant ways. First, they don’t have the requisite background legal knowledge about OSS. Second, they don’t grasp the size and reach of the OSS world, and the opportunity OSS holds for almost every business, either technology-enabled or technology-producing. Read this paper to learn how to master the OSS talk!
From the development team and enterprise IT managers to the procurement officer and legal counsels, everyone in the software supply chain needs to know what’s in your code. Using a standard format in order to "speak the same language" in regard to your software composition will allow issues between technical and non-technical decision makers to be quickly resolved in order to pave the way for faster time-to-market.
An automated means to identify encryption functions that will guide you through the compliance process should be an integral piece of your encryption export program. This whitepaper provides best practices relative to creating and maintaining an effective export compliance plan.
Open source provides an abundance of options for easily acquiring software. However, if left unmanaged, it has the potential to lead to operational risks and inflated maintenance costs. An enterprise can maximize the power of open source and avoid the chaos of undisciplined third party code use by relying on best practices for component management.
The Android mobile operating system is an excellent example of the power of open source software. Android’s ascent is attributable not only to demand for feature-rich mobile devices, but also to the flexibility and developer-friendly openness of the project. Learn about the opportunities and challenges of developing for Android, take a look at its history, and review licensing and IP issues.
For ISVs and enterprise IT organizations, the strategic use of open source components can substantially and rapidly improve the development process and boost developer productivity. This whitepaper demonstrates how an organization can save $4 to $5 million over five years with the implementation of strategic open source procedures.
Most large companies are managing hundreds of millions of lines of code – the majority of which was purpose-built to solve a specific application problem. Most of that code is locked up in multiple source control management (SCM) systems, and yet there are a limited number of tools that provide developers with the ability to easily search for and review code assets.
Agile software development is an increasingly popular development process for producing software in a flexible and iterative manner. While open source has enormous potential to be used in new projects, it must be managed according to corporate policies and procedures. Without an automated process to manage license and component approval, it is impossible to efficiently take advantage of open source in agile development.
Implementing an effective software management program enables developers to leverage software assets from multiple sources. Organizations seeking to incorporate rich, broad, open source approaches and techniques within a traditional development context can gain benefits that include better collaboration and improved business alignment. This whitepaper, authored by IDC, identifies software management strategies that nurture community culture.
There are numerous operational and security challenges every development manager must take into account when creating software in a multi-source development environment. Download this whitepaper to learn about best practices and remediation tools that will enable you to maximize the power of open source.
Software developers are faced with supporting, rationalizing and consolidating applications and platforms at a time when IT needs to increase innovation and agility. This whitepaper helps you develop strategies, policies and processes for an effective open source management program.
Open source can empower developers, increase innovation and yield cost savings. However, the need for governance has increased dramatically. Without the proper controls in place to ensure compliance and reduce exposure, organizations can suffer from technical, operational, regulatory, security and legal risks. It's more important than ever to ensure developers use approved and supported code.
The new auto ecosystem is a result of industry shifts lead by the consumerization of automotive technology. Cost structures, value chains and the basis of competition have all been transformed by new technology platforms. This whitepaper outlines the compelling reasons behind the formation of the GENIVI® Alliance as well as the challenges, and opportunities, of developing in-vehicle infotainment (IVI) systems with open source software.
The GNU Affero General Public License version 3.0 (AGPLv3) is a modified version of GPLv3 that is designed to address the challenges associated with the collaboration philosophy of the free software community posed by the rapidly increasing prevalence of software as a service (SaaS).
Development teams that use open source code must comply with the terms of the associated licenses. Download this whitepaper to learn how to establish controls at critical points within the project lifecycle in order to actively manage intellectual property.
String search can help determine code origins by identifying strings (ordered sequences of symbols) associated with open source or third party code. However, string search often results in high numbers of false negatives as well as false positives. Learn how to intepret search results and code analysis based on fuzzy matching against a comprehensive code database.
Typically, it costs between $13 to $19 to develop a single line of software source code. Development organizations are increasingly turning to open source to reduce budgets. Yet the management, security and compliance challenges can introduce business risks. Managing these risks with manual processes can incur significant costs – about $7,800 annually per software component. The cost of an automated governance and compliance program is a small fraction (1/10th to 1/4th) of the cost.
Black Duck recently interviewed Eric Newcomer, an industry veteran with more than 30 years of experience that includes position ranging from Chief Architect of Investment Banking IT at Credit Suisse to Chief Technical Officer at IONA Technologies. Eric shares his thoughts about the use of open source in the financial services industry, including the challenges and benefits of working in a mixed-IP world.
Rather than writing original code, developers routinely ‘assemble’ software using pre-existing and third party components. This new development model is a paradigm shift that offers great promise but also introduces new challenges. Organizations that recognize and mitigate these challenges will realize significant competitive advantages, particularly during due diligence for technology M&A activities or funding events.
The SPDX Working Group has a straightforward charter: create a set of data exchange standards to enable companies and organizations to share license and component information (metadata) for software packages and related content with the aim of facilitating license and other policy compliance.
Export controls require navigating the most complex maze in the Export Administration Regulations (EAR). Ben Flowe leverages his experience leading the export/import compliance team at Berliner, Corcoran & Rowe, LLP to explain how to approach classification of products with encryption functions. Ben provides best practices to create your own remediation plan.
Financial services firms are facing tremendous pressure to quickly deploy high-quality mobile applications, and open source components are already proven in the mobile world. Learn about the four distinct areas of mobile applications, how to adopt OSS technologies and methods, making the case for open source components, overcoming challenges to OSS deployment and how to tap into the broader OSS community.