Enable continuous delivery with open source compliance. Break the legal and security compliance jail with microservices and serverless architecture for development and operations.
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
Open Source Compliance for DevOps - OSCON 2017
1. Set the developers free
Break the compliance jail for Open Source with DevOps
OSCON 2017 #OSCON
Bianca Jiang
Software Architect
IBM
https://www.linkedin.com/in/biancajiang/
@biancajiang
Steve Gerdt
Open Source Program Director
IBM
2. • 99% of Global 2000 enterprises included OSS in mission-
critical applications
• At Least 95% of IT Organizations Leverage Nontrivial
Elements of Open-Source Software
• By 2018, 70% of new applications will run on open source
databases
However,
• 50 percent of companies have no formal policy for selecting
and approving open source code.
• 47 percent of companies don’t have formal processes in place
to track open source code
• More than one-third of companies have no process for
identifying, tracking or remediating known open source
vulnerabilities.
3. “The risks associated with license compliance and
intellectual property (IP) protection cannot be
ignored--enterprises must govern their OSS usage.”
- Gartner
4. “The risks associated with license compliance and
intellectual property (IP) protection cannot be
ignored--enterprises must govern their OSS usage.”
- Gartner
Security breaches represent a risk most developers
can't afford to take.
- Mozilla
5. Tiered Governance
• Tiered review levels:
• usage cases
• licenses
• business needs
• risk acceptance
• Can evolve: new risks criteria, new
exemption criteria, etc.
• Education