How to Avoid 5 Common Pitfalls in Open Source Utilization. July 2013

Size: px
Start display at page:

Download "How to Avoid 5 Common Pitfalls in Open Source Utilization. July 2013"

Transcription

1 How to Avoid 5 Common Pitfalls in Open Source Utilization July 2013

2 Today s Presenters Phil Odence Black Duck Baruch Sadogursky JFrog 2

3 Agenda Open Source Trends Avoiding 5 Common Pitfalls JFrog Artifactory and Black Duck Suite Integration Q&A 3

4 The Global State of Open Source Software is Eating the World Marc Andreessen And Open Source is Driving the Software World Open Source Projects 1M Projects 100B LoC 10M personyears Source: Black Duck Software 4

5 Where software is hot, open source is hot Mobile continues to be hot, especially Android New Mobile OSS Projects Source: Black Duck Software 5

6 In key verticals as well 6

7 Community and Co-opetition is becoming the norm Financial Services Mobile Healthcare Automotive Aerospace Polarsys Infrastructure The Apache Foundation The Foundation 7

8 Evolving Drivers of Adoption 8 13

9 Development Today is Multi-Source FOSS Communities Internally Developed Code Outsourced Code Development Commercial 3 rd- Party Code Your Software Application THE ENTERPRISE TOOLS, PROCESSES, METHODS Open source is a necessary component of all organizations' supply chain strategies. It is essentially a way to manage cost and mitigate 3rd party dependencies. Brian Prentice, Gartner Group 9

10 Bottom Line: Faster, Better, Cheaper Cost Schedule Features Open source is a silver bullet that allows simultaneous improvement along all three dimensions of the software iron triangle of cost, schedule, features. Jeffrey Hammond 10

11 Just Avoid the Pitfalls Pitfall #1: Inconsistent, Decentralized Component Selection and Approval Pitfall #2: Unreliable Build and Integration Processes Pitfall #3: Lack of Visibility into Open Source Use Pitfall #4: Security Vulnerability Management Pitfall #5: OSS License Conflicts 11

12 5 Pitfalls of OSS Use Pitfall #1: Inconsistent, Decentralized Component Selection and Approval 12

13 Build Tools 13

14 Recipe 1. Take sources 14

15 Recipe 1. Take sources OK 15

16 Recipe 1. Take sources OK 2. Bring dependencies 16

17 Recipe 1. Take sources OK 2. Bring dependencies where from? which one? Who decides and why? 17

18 Recipe 1. Take sources OK 2. Bring dependencies where from? which one? Who decides and why? 3. Build binaries 18

19 Recipe 1. Take sources OK 2. Bring dependencies where from? which one? Who decides and why? 3. Build binaries OK 19

20 HERE COMES THE BINARY REPOSITORY 20

21 What is Binary Repository 21

22 Binary Repository as Modules Source 22

23 Binary Repository as Modules Source 23

24 Binary Repository as Modules Source 24

25 Binary Repository is the source of your dependences Where from stores the dependencies Which one can control and govern the selection of available binaries Who decides has a A&A security model and why has attachable flexible metadata on binaries 25

26 To sum up For your build, Artifactory is: 1. Intranet source for dependences Controlled Fast Available 2. Target for corporate deployments Private Secured Structured 26

27 To sum up For your build, Artifactory is: 1. Intranet source for dependences Controlled Fast Available 2. Target for corporate deployments Private Secured Structured 27

28 5 Pitfalls of OSS Use Pitfall #2 Pitfall #1: Inconsistent, Decentralized Component Selection and Approval Pitfall #2: Unreliable Build and Integration Processes 28

29 Continuous Integration Automation 29

30 CI servers check out code, run build tools 30

31 and show Chuck Norris Quotes. 31

32 32

33 Most Important 33

34 Why do I care? 34

35 Reason #1 TRACEABILITY 35

36 The Time Machine 36

37 Quest for Traceability 37

38 Quest for Traceability 38

39 Quest for Traceability 39

40 What s the problem? 40

41 41

42 Checkout branch/tag/revision 42

43 Checkout branch/tag/revision Build 43

44 Checkout branch/tag/revision Build Done 44

45 Checkout branch/tag/revision Build Done 45

46 Checkout branch/tag/revision Build Done 46

47 Checkout branch/tag/revision Build Done 47

48 Dependencies Lie 48

49 Look, ma, he forged it! 49

50 Evil Dependencies Resolution 50

51 Reason #2 PREVENTING THE SH*T FROM HITTING THE FAN 51

52 3 rd party licenses report Release is next week, generate me the subj. 52

53 No problem, right? 53

54 No problem, right? 54

55 No problem, right? 55

56 No problem, right? 56

57 No problem, right? 57

58 No problem, right? 58

59 3 rd party licenses report Oh, look, you can t use this license, go rewrite everything. 59

60 3 rd party licenses report Oh, look, you can t use this license, go rewrite everything. The release is still next week. 60

61 We can do better! 61

62 Remember? Build Server: 62

63 It knows it all! 63

64 Wouldn t it be dreamy if there was a way to capture this truth? 64

65 Binary Repository and CI/CD 65

66 CI Server is the Single Source of Truth 66

67 Binary Repository is The Single Target of Truth 67

68 Save the Truth! 68

69 Make Strange Binary Love 69

70 Standard of Truth 70

71 5 Pitfalls of OSS Use Pitfall #3 Pitfall #1: Inconsistent, Decentralized Component Selection and Approval Pitfall #2: Unreliable Build and Integration Processes Pitfall #3: Lack of Visibility into Open Source Use 71

72 Pitfall #3: Lack of Visibility into Open Source How much OSS are we using? Are we leveraging enough? What components are important to my project? To my Organization? What components are being used? In which apps? Which versions? 72

73 Gaining Visibility into OSS Use Discover Code and Build Analysis Component approval process Catalog Tied into approval and analysis Track what s used in which applications Analyze Version proliferation analysis Popular projects and versions 73

74 Security Vulnerabilities Pitfall #1: Inconsistent, Decentralized Component Selection and Approval Pitfall #2: Unreliable Build and Integration Processes Pitfall #3: Lack of Visibility into Open Source Use Pitfall #4: Security Vulnerability Management 74

75 Lack of Visibility and Monitoring of Security Vulnerabilities Are there known security vulnerabilities in components that I want to use? Is anyone paying attention to vulnerability reports postdeployment? Are version updates available that resolve security vulnerabilities? 75

76 Monitoring the NVDB Examples (as of June 17, 2013) Apache Tomcat: ~ 110 PHP: ~340 Wordpress: ~320 Postgres: ~70 MySQL: ~190 76

77 Very well run companies get bit 77

78 Verify, Catalog and Monitor Verify no vulnerabilities at selection and approval 1 2 Catalog all components in use OSS Catalog 3 Monitor NVDB against cataloged components 78

79 5 Pitfalls of OSS Use Pitfall #5 Pitfall #1: Inconsistent, Decentralized Component Selection and Approval Pitfall #2: Unreliable Build and Integration Processes Pitfall #3: Lack of Visibility into Open Source Use Pitfall #4: Security Vulnerability Management Pitfall #5: OSS License Conflicts 79

80 What is a license? Permission by the owner of property to take some act that the owner has the ability to control due to their ownership of intellectual property rights By default, the author of the a software program owns copyrights No one can copy or use without permission a license 80

81 OSI License Definition (abbreviated) Must allow free redistribution Must make source code available Must allow derivative works Etc 10 points in total 81

82 GPL and Reciprocal Licenses GPL is reciprocal (viral or copyleft v permissive) Most popular open source license; nearly 50% marketshare Key elements Disclosure of source code if distributed Derivative works must use same license: Works that incorporate the software Linking debate Auto termination Can conflict with other license, particularly commercial licenses 82

83 No licenses means no permission 100% 90% 7% 80% 70% 60% 50% 40% 30% 20% 10% 0% 93% Non GitHub 77% 23% GitHub No Declared Declared 42% have Embedded Licenses These embedded licenses contain specific obligations that govern the use of the overall project. The lack of a declared license for an open source project can cause an enterprise to steer clear of it, limiting the projects organizations can use. The ability to access embedded license information and obligations up-front during the code selection process opens a sizeable opportunity for enterprises and could have significant impact on their bottom line. - Mark Driver, Vice President and Research Director, Gartner. 83

84 License Management Solutions License Policy Know what licenses apply to what use cases Informed Choices Educate developers and provide upfront insight into licenses and policy Approvals Streamlined, automated approval process Auditing Unapproved OSS still sneaks in, so auditing is required throughout the process 84

85 JFrog and Black Duck join forces to help you with those pitfalls Easy, efficient use of open source binary artifacts Developers: No hassle, more informed component use decisions Managers: Earlier visibility, more standardization Management and control of open source use 85

86 Black Duck and JFrog Automate Open Source Management Application development cycle Plan Code Build Test Release Open source governance lifecycle Acquire Approve Catalog Audit Monitor Description Version Vulnerabilities Cryptography License Maturity Black Duck KnowledgeBase 86

87 JFrog Artifactory Black Duck Integration 87

88 Open source is not a free lunch with processes and tools you can maximize OSS benefits while avoiding the pitfalls. 88

89 Questions? Phil Odence Black Duck Baruch Sadogursky JFrog

HOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS. 2015 Black Duck Software, Inc. All Rights Reserved.

HOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS. 2015 Black Duck Software, Inc. All Rights Reserved. HOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS 2015 Black Duck Software, Inc. All Rights Reserved. TODAY S PRESENTERS Baruch Sadogursky JFrog Dave Gruber Black Duck 2 2015 Black Duck Software,

More information

How To Improve Your Software

How To Improve Your Software Driving Quality, Security and Compliance in Third- Party Code Dave Gruber Director of Product Marketing, Black Duck Keri Sprinkle Sr Product Marketing Manager, Coverity Jon Jarboe Sr Technical Marketing

More information

How to Ensure IT Compliance Without Compromising Innovation. Nik Teshima, IBM Phil Odence, Black Duck

How to Ensure IT Compliance Without Compromising Innovation. Nik Teshima, IBM Phil Odence, Black Duck How to Ensure IT Compliance Without Compromising Innovation Nik Teshima, IBM Phil Odence, Black Duck Black Duck 2013 Speakers Phil Odence VP of Business Development Black Duck Software Nik Teshima Senior

More information

What Developers, Cars & Banks Have in Common: Best Practices for Open Source Governance

What Developers, Cars & Banks Have in Common: Best Practices for Open Source Governance What Developers, Cars & Banks Have in Common: Best Practices for Open Source Governance Shoken Kim Black Duck Software June 7, 2012 Linux Con Japan Compliance Mini-Track Overview Trends Strategic use of

More information

Phil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.

Phil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question

More information

XEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE

XEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE XEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE November 2014 2014 Black Duck Software, Inc. All Rights Reserved. SPEAKERS Phil Odence Vice President and General Manager Black Duck Software Robert

More information

Adapting IT Governance Frameworks to Ensure Control and Visibility of Open Source

Adapting IT Governance Frameworks to Ensure Control and Visibility of Open Source Adapting IT Governance Frameworks to Ensure Control and Visibility of Open Source Dave Lounsbury, CTO & Vice President, The Open Group Peter Vescuso, EVP of Marketing & Business Development, Black Duck

More information

Managing Open Source Code Best Practices

Managing Open Source Code Best Practices Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate

More information

Open Source Software and the impact on Mergers & Acquisitions

Open Source Software and the impact on Mergers & Acquisitions Open Source Software and the impact on Mergers & Acquisitions Black Duck 2013 Speakers Russell Hartz VP of Corporate Development SAP Oliver Vivell Senior Director of Corporate Development SAP Matthew Jacobs

More information

5 Steps for a Winning Open Source Compliance Program

5 Steps for a Winning Open Source Compliance Program 5 Steps for a Winning Open Source Compliance Program Kellan Ponikiewicz Peter Vescuso @black_duck_sw Black Duck 2013 Speakers Peter Vescuso EVP of Marketing Black Duck Software Kellan Ponikiewicz IP Counsel

More information

FOSSBazaar A Governance Initiative to manage Free and Open Source Software life cycle

FOSSBazaar A Governance Initiative to manage Free and Open Source Software life cycle FOSSBazaar A Governance Initiative to manage Free and Open Source Software life cycle Table of contents Executive summary......2 What is FOSS Governance 3 The importance of open source governance...3 Why

More information

IT Legacy Migration from Proprietary to Open Source Software. Bill Weinberg, Black Duck Software Jay Lyman, 451 Research

IT Legacy Migration from Proprietary to Open Source Software. Bill Weinberg, Black Duck Software Jay Lyman, 451 Research IT Legacy Migration from Proprietary to Open Source Software Bill Weinberg, Black Duck Software Jay Lyman, 451 Research Black Duck 2013 Speakers Jay Lyman Senior Analyst 451 Research Bill Weinberg Senior

More information

Driving Innovation with Open Source A View from the Automotive Industry. BearingPoint Black Duck Software

Driving Innovation with Open Source A View from the Automotive Industry. BearingPoint Black Duck Software Driving Innovation with Open Source A View from the Automotive Industry BearingPoint Black Duck Software Speakers Phil Odence VP of Business Development Black Duck Software Claus-Peter Wiedemann Senior

More information

The Corporate Counsel s Guide to Open Source Software Policy Implementation

The Corporate Counsel s Guide to Open Source Software Policy Implementation The Corporate Counsel s Guide to Open Source Software Policy Implementation How to Protect the Enterprise from Risk while Helping Your Company More Efficiently Develop and Maintain Applications Black Duck

More information

Streamlining Open Source License Compliance with SPDX

Streamlining Open Source License Compliance with SPDX Streamlining Open Source License Compliance with SPDX Kirsten Newcomer Black Duck Software June 7, 2012 Linux Con Japan Compliance Mini Track Overview Software is everywhere How SPDX helps the supply chain

More information

Releasing High Quality Applications More Quickly with vrealize Code Stream

Releasing High Quality Applications More Quickly with vrealize Code Stream Releasing High Quality Applications More Quickly with vrealize Code Stream T E C H N I C A L W H I T E P A P E R A B S T R A C T : If your company relies on applications to enable new business opportunities

More information

OSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA

OSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA OSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA Phil Granof EVP & Chief Marketing Officer Black Duck

More information

Leveraging Open Source for a Winning Enterprise Mobile Strategy

Leveraging Open Source for a Winning Enterprise Mobile Strategy Leveraging Open Source for a Winning Enterprise Mobile Strategy Speakers Peter Vescuso EVP of Marketing & Business Development Black Duck Software @black_duck_sw Bryan House VP of Marketing Acquia @bryanhouse

More information

Managing Open Source Software Supply Chains

Managing Open Source Software Supply Chains Managing Open Source Software Supply Chains Agenda Introduction Identify the ten most common open source license obligations Explain what you need to do to comply with these obligations Discuss the key

More information

Open Source Drives Innovation in Financial Services

Open Source Drives Innovation in Financial Services Open Source Drives Innovation in Financial Services 2013 Black Duck, Know Your Code, Ohloh, SpikeSource, Spike and the Black Duck logo are registered trademarks of Black Duck Software, Inc. in the United

More information

Open Source Governance in Highly Regulated Companies

Open Source Governance in Highly Regulated Companies Open Source Governance in Highly Regulated Companies 2013 Black Duck, Know Your Code, Ohloh, SpikeSource, Spike and the Black Duck logo are registered trademarks of Black Duck Software, Inc. in the United

More information

CLOUD BUSINESS MODELS AND THE EVOLUTION OF OPEN SOURCE LICENSES

CLOUD BUSINESS MODELS AND THE EVOLUTION OF OPEN SOURCE LICENSES CLOUD BUSINESS MODELS AND THE EVOLUTION OF OPEN SOURCE LICENSES June 16, 2014 2014 Black Duck Software, Inc. All Rights Reserved. SPEAKERS Phil Odence Vice President of Corporate and Business Development

More information

The Benefits of Utilizing a Repository Manager

The Benefits of Utilizing a Repository Manager Sonatype Nexus TM Professional Whitepaper The Benefits of Utilizing a Repository Manager An Introduction to Sonatype Nexus TM Professional SONATYPE www.sonatype.com sales@sonatype.com +1 301-684-8080 12501

More information

How To Manage An Open Source Software

How To Manage An Open Source Software Executive Briefing: Four Steps to Creating an Effective Open Source Policy Greg Olson Sr. Director OSS Management Olliance Group Speaker Greg Olson Sr. Director, Open Source Management Over 30 years of

More information

ALM: Continuous Integration. José Almeida, Microsoft

ALM: Continuous Integration. José Almeida, Microsoft ALM: Continuous Integration José Almeida, Microsoft Agenda Issues Addressed Getting Started What is CI? CI Practices About Continuous Integration What is Continuous Integration? CI is the thread that ties

More information

Table of contents. Best practices in open source governance. Managing the selection and proliferation of open source software across your enterprise

Table of contents. Best practices in open source governance. Managing the selection and proliferation of open source software across your enterprise Best practices in open source governance Managing the selection and proliferation of open source software across your enterprise Table of contents The importance of open source governance... 2 Executive

More information

Scanning Open Source Software and Managing License Obligations on IBM SmartCloud. Because code travels

Scanning Open Source Software and Managing License Obligations on IBM SmartCloud. Because code travels Scanning Open Source Software and Managing License Obligations on IBM SmartCloud Because code travels 1 Webinar Agenda Protecode & IBM SmartCloud Company IBM Partnership Solutions Managing Code Obligations

More information

Open Source and the New Software Supply Chain. Mark Tolliver, CEO Palamida Inc.

Open Source and the New Software Supply Chain. Mark Tolliver, CEO Palamida Inc. Open Source and the New Software Supply Chain Mark Tolliver, CEO Palamida Inc. Could You Sign This? Typical Software Project Metrics 2.9 GB 87,863 Files 8,535,345 LOC Copyright holders ~350 Archives 178

More information

nexb- Software Audit for Acquisition Due Diligence

nexb- Software Audit for Acquisition Due Diligence nexb- Software Audit for Acquisition Due Diligence www.nexb.com Agenda About nexb What nexb does Our experience Software Audit: M&A License Violation Risks & Recent Audit Issues Software Audit Process

More information

Driving Business Agility with the Use of Open Source Software

Driving Business Agility with the Use of Open Source Software Driving Business Agility with the Use of Open Source Software Speakers Peter Vescuso EVP of Marketing & Business Development Black Duck Software Melinda Ballou Program Director, Application Life-Cycle

More information

Centralized Secure Vault with Serena Dimensions CM

Centralized Secure Vault with Serena Dimensions CM Centralized Secure Vault with Serena Dimensions CM A single artifact repository for development, quality and operations SOLUTION BRIEF Why Security and Software engineering We re a bank not a startup,

More information

Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development. Tim Yeaton, President and CEO Black Duck Software

Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development. Tim Yeaton, President and CEO Black Duck Software Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development Tim Yeaton, President and CEO Black Duck Software Linux Collaboration Summit April 9, 2009 Agenda Current Market

More information

OPEN SOURCE SOFTWARE CUSTODIAN AS A SERVICE

OPEN SOURCE SOFTWARE CUSTODIAN AS A SERVICE OPEN SOURCE SOFTWARE CUSTODIAN AS A SERVICE Martin Callinan Martin.callinan@sourcecodecontrol.co Wednesday, June 15, 2016 Table of Contents Introduction... 2 Source Code Control... 2 What we do... 2 Service

More information

Serena Dimensions CM. Develop your enterprise applications collaboratively securely and efficiently SOLUTION BRIEF

Serena Dimensions CM. Develop your enterprise applications collaboratively securely and efficiently SOLUTION BRIEF Serena Dimensions CM Develop your enterprise applications collaboratively securely and efficiently SOLUTION BRIEF Move Fast Without Breaking Things With Dimensions CM 14, I am able to integrate continuously

More information

"Service Lifecycle Management strategies for CIOs"

Service Lifecycle Management strategies for CIOs "Service Lifecycle strategies for CIOs" Ralf Hart, Sales Manager CEE Europe FrontRange Solutions 10th December 2008 Agenda FrontRange Solutions The challenges the IT community faces What is the solution?

More information

Compliance and Security Solutions

Compliance and Security Solutions Content-aware Compliance and Security Solutions for Microsoft SharePoint SharePoint and the ECM Challenge The numbers tell the story. According to the consulting firm Doculabs, 80 percent of the information

More information

Enhance visibility into and control over software projects IBM Rational change and release management software

Enhance visibility into and control over software projects IBM Rational change and release management software Enhance visibility into and control over software projects IBM Rational change and release management software Accelerating the software delivery lifecycle Faster delivery of high-quality software Software

More information

Test Management Tools

Test Management Tools Test White Management Paper Tools Test Management Tools Table of Contents Executive Summary 3 Why Test Management Tools are required 4 What is QMetry? 5 QMetry Features 6 The Tools of QMetry 7 Conclusion

More information

Business Continuity in an Outsourced Environment: Enabling business outcomes and expanding sourcing options

Business Continuity in an Outsourced Environment: Enabling business outcomes and expanding sourcing options Business Continuity in an Outsourced Environment: Enabling business outcomes and expanding sourcing options Marnix Gillis IBM Distinguished Engineer 32 nd Regional Conference 2013 International Business

More information

CONTINUOUS INTEGRATION

CONTINUOUS INTEGRATION CONTINUOUS INTEGRATION REALISING ROI IN SOFTWARE DEVELOPMENT PROJECTS In the following pages we will discuss the policies and systems that together make up the process called Continuous Integration. This

More information

Leveraging Rational Team Concert's build capabilities for Continuous Integration

Leveraging Rational Team Concert's build capabilities for Continuous Integration Leveraging Rational Team Concert's build capabilities for Continuous Integration Krishna Kishore Senior Engineer, RTC IBM Krishna.kishore@in.ibm.com August 9-11, Bangalore August 11, Delhi Agenda What

More information

Android for the Enterprise and OEMs. Peter Vescuso Black Duck Software

Android for the Enterprise and OEMs. Peter Vescuso Black Duck Software Android for the Enterprise and OEMs Peter Vescuso Black Duck Software About Black Duck Software Build better software faster by automating and managing the acquisition and governance of open source OSS

More information

! Resident of Kauai, Hawaii

! Resident of Kauai, Hawaii SECURE SDLC Jim Manico @manicode! OWASP Volunteer! Global OWASP Board Member! Manager of several OWASP secure coding projects! Security Instructor, Author! 17 years of web-based, databasedriven software

More information

FOSS Management Study

FOSS Management Study FOSS Management Study Study 2012 FOSS Management Study BearingPoint GmbH Table of Contents 1 Preface... 3 Executive Summary... 5 Overview... 9 3.1 FOSS definition... 9 3.2 FOSS management... 10 Survey

More information

Making Every Project Business a Best-Run Business

Making Every Project Business a Best-Run Business SAP Functions in Detail SAP Business Suite SAP Commercial Project Management Making Every Project Business a Best-Run Business Table of Contents 3 Quick Facts 4 Facilitating Optimal Project Delivery for

More information

Development Testing for Agile Environments

Development Testing for Agile Environments Development Testing for Agile Environments November 2011 The Pressure Is On More than ever before, companies are being asked to do things faster. They need to get products to market faster to remain competitive

More information

GECKO Software. Introducing FACTORY SCHEMES. Adaptable software factory Patterns

GECKO Software. Introducing FACTORY SCHEMES. Adaptable software factory Patterns Introducing FACTORY SCHEMES Adaptable software factory Patterns FACTORY SCHEMES 3 Standard Edition Community & Enterprise Key Benefits and Features GECKO Software http://consulting.bygecko.com Email: Info@gecko.fr

More information

IGNITING RAPID INNOVATION AND GROWTH THROUGH COMMUNITY. 2014 Black Duck Software, Inc. All Rights Reserved.

IGNITING RAPID INNOVATION AND GROWTH THROUGH COMMUNITY. 2014 Black Duck Software, Inc. All Rights Reserved. IGNITING RAPID INNOVATION AND GROWTH THROUGH COMMUNITY 2014 Black Duck Software, Inc. All Rights Reserved. SPEAKERS Jonathan Bryce Executive Director OpenStack Foundation Mark Radcliffe Partner at DLA

More information

Building Robust Applications l Optimizing Performance l Transforming Business

Building Robust Applications l Optimizing Performance l Transforming Business Building Robust Applications l Optimizing Performance l Transforming Business About Us Prayag Software Solutions is an India-based IT services company. Backed by 8 years of industry insight, we leverage

More information

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE. OPTIMUS SBR CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE. Optimizing Results with Business Intelligence Governance This paper investigates the importance of establishing a robust Business Intelligence (BI)

More information

BMC Remedyforce Asset Management. Frequently Asked Questions

BMC Remedyforce Asset Management. Frequently Asked Questions BMC Remedyforce Frequently Asked Questions Table of Contents BMC Remedyforce 2 Overview 2 Frequently Asked Questions 2 Definitions 2 1. What is Configuration Management? 2 2. What is IT? 2 3. What is a

More information

Legal Issues for FOSS-based Supply Chain Management. Herve Guyomard, Black Duck Software

Legal Issues for FOSS-based Supply Chain Management. Herve Guyomard, Black Duck Software Legal Issues for FOSS-based Supply Chain Management Herve Guyomard, Black Duck Software Agenda Legal Case in Supply Chain Open Source in Mobile Mobile devices Supply Chain Management Summary Copyright

More information

DevOps Best Practices for Mobile Apps. Sanjeev Sharma IBM Software Group

DevOps Best Practices for Mobile Apps. Sanjeev Sharma IBM Software Group DevOps Best Practices for Mobile Apps Sanjeev Sharma IBM Software Group Me 18 year in the software industry 15+ years he has been a solution architect with IBM Areas of work: o DevOps o Enterprise Architecture

More information

Open Source Software Management

Open Source Software Management Open Source Software Management Safely Unlock the Potential of Open Source Software Claus-Peter Wiedemann Senior Manager, FOSS Services, BearingPoint Black Duck Korea Open Source Conference Seoul, June

More information

Continuous Integration The Full Monty Artifactory and Gradle. Yoav Landman & Frederic Simon

Continuous Integration The Full Monty Artifactory and Gradle. Yoav Landman & Frederic Simon Continuous Integration The Full Monty Artifactory and Gradle Yoav Landman & Frederic Simon About us Yoav Landman Creator of Artifactory, JFrog s CTO Frederic Simon JFrog s Chief Architect 10+ years experience

More information

Product Strategy Update OTM SIG Conference

Product Strategy Update OTM SIG Conference Product Strategy Update OTM SIG Conference Derek H. Gittoes Vice President, Product Strategy August 11, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Program Agenda 1 2 3 4 Current

More information

NeXUS REPOSITORY managers

NeXUS REPOSITORY managers PRODUCT OVERVIEW NeXUS REPOSITORY managers Nexus OSS, Nexus Pro and Nexus Pro+ Nexus repository managers help organizations build better software, faster. Like a supply chain, applications are built by

More information

RUN THE RIGHT RACE. Keep pace with quickening release cycles. Discover automation with the human touch. CHOOSE A TEST TO RUN BELOW

RUN THE RIGHT RACE. Keep pace with quickening release cycles. Discover automation with the human touch. CHOOSE A TEST TO RUN BELOW RUN THE RIGHT RACE Keep pace with quickening release cycles. Discover automation with the human touch. CHOOSE A TEST TO RUN BELOW 26032015 FUNCTIONAL TESTING With Borland everyone from business analysts

More information

Improving your Drupal Development workflow with Continuous Integration

Improving your Drupal Development workflow with Continuous Integration Improving your Drupal Development workflow with Continuous Integration Peter Drake Sahana Murthy DREAM IT. DRUPAL IT. 1 Meet Us!!!! Peter Drake Cloud Software Engineer @Acquia Drupal Developer & sometimes

More information

IBM Enterprise Content Management Product Strategy

IBM Enterprise Content Management Product Strategy White Paper July 2007 IBM Information Management software IBM Enterprise Content Management Product Strategy 2 IBM Innovation Enterprise Content Management (ECM) IBM Investment in ECM IBM ECM Vision Contents

More information

McAfee Threat Intelligence Exchange 1.0.1 Software

McAfee Threat Intelligence Exchange 1.0.1 Software Release Notes McAfee Threat Intelligence Exchange 1.0.1 Software Contents About this release Installation instructions New features Resolved issues Known issues Product documentation About this release

More information

Discover 2014 Update Big Data changes everything. Roy Ritthaler Vice President, IT Operations Management

Discover 2014 Update Big Data changes everything. Roy Ritthaler Vice President, IT Operations Management Discover 2014 Update Big Data changes everything Roy Ritthaler Vice President, IT Operations Management 2014 By 2020 Every 60 seconds 98,000+ tweets 695,000 status updates 11million instant messages 698,445

More information

Taking control of the virtual image lifecycle process

Taking control of the virtual image lifecycle process IBM Software Thought Leadership White Paper March 2012 Taking control of the virtual image lifecycle process Putting virtual images to work for you 2 Taking control of the virtual image lifecycle process

More information

Automating Security Testing. Mark Fallon Senior Release Manager Oracle

Automating Security Testing. Mark Fallon Senior Release Manager Oracle Automating Security Testing Mark Fallon Senior Release Manager Oracle Some Ground Rules There are no silver bullets You can not test security into a product Testing however, can help discover a large percentage

More information

Orchestrated. Release Management. Gain insight and control, eliminate ineffective handoffs, and automate application deployments

Orchestrated. Release Management. Gain insight and control, eliminate ineffective handoffs, and automate application deployments Orchestrated Release Management Gain insight and control, eliminate ineffective handoffs, and automate application deployments Solution Brief Challenges Release management processes have been characterized

More information

EverSuite. Enterprise Content Management Solutions. Capture. Manage. Store. Preserve. Publish

EverSuite. Enterprise Content Management Solutions. Capture. Manage. Store. Preserve. Publish EverSuite Capture Manage Store Preserve Publish Enterprise Content Management Solutions The growth of unstructured content and processes has created many new challenges for organizations from employee

More information

IBM Rational ClearCase, Version 8.0

IBM Rational ClearCase, Version 8.0 IBM Rational ClearCase, Version 8.0 Improve software and systems delivery with automated software configuration management solutions Highlights Improve software delivery and software development life cycle

More information

An Introduction to Open Source Software and Licensing

An Introduction to Open Source Software and Licensing An Introduction to Open Source Software and Licensing @black_duck_sw Karen Copenhaver Mark Radcliffe Peter Vescuso Black Duck 2013 Speakers Peter Vescuso EVP of Marketing, Black Duck Software Karen Copenhaver

More information

C O L L A B N E T W H I T E P A P E R

C O L L A B N E T W H I T E P A P E R C O L L A B N E T W H I T E P A P E R www.collab.net COLLABNET WHITE PAPER Offshore development is a competitive imperative, yet there are many inherent risks. Web-based software development environments

More information

Dynamic Service Desk. Unified IT Management. Solution Overview

Dynamic Service Desk. Unified IT Management. Solution Overview I T S E R V I C E + I T A S S E T M A N A G E M E N T INFRASTRUCTURE MANAGEMENT Dynamic Service Desk Unified IT Management Achieving business and IT alignment requires having insight into hardware and

More information

Mobile Device Inventory the first step in enterprise mobile management

Mobile Device Inventory the first step in enterprise mobile management Mobile Device Inventory the first step in enterprise mobile management EXECUTIVE SUMMARY As phones and tablets overtake PCs as the most-often used means of connecting to company data and apps, organizations

More information

HP Service Manager software

HP Service Manager software HP Service Manager software The HP next generation IT Service Management solution is the industry leading consolidated IT service desk. Brochure HP Service Manager: Setting the standard for IT Service

More information

How To Use Open Source Software In Defence

How To Use Open Source Software In Defence Open Source Software in the Defence Industry Anthony Harrison Thales anthony.harrison@uk.thalesgroup.com Abstract: There are an increasing number of defence programmes incorporating open source software

More information

OPEN SOURCE SOFTWARE COMPLIANCE AND SECURITY. 2014 Black Duck Software, Inc. All Rights Reserved.

OPEN SOURCE SOFTWARE COMPLIANCE AND SECURITY. 2014 Black Duck Software, Inc. All Rights Reserved. OPEN SOURCE SOFTWARE COMPLIANCE AND SECURITY 2014 Black Duck Sftware, Inc. All Rights Reserved. SPEAKER SLIDE Phil Odence Vice President & General Manager Danielle Sheer General Cunsel Carbnite 2 2014

More information

Social in the Enterprise

Social in the Enterprise Social in the Enterprise TEPEE AGENDA - Social in the Enterprise Definition Value Proposition Implementation Change Management Governance TEPEE 2 Definition Social Media Defined the use of web-based and

More information

Continuous Application Delivery From concept to reality. Carsten Lentz Sr. Solution strategist carsten.lentz@ca.com

Continuous Application Delivery From concept to reality. Carsten Lentz Sr. Solution strategist carsten.lentz@ca.com Continuous Application Delivery From concept to reality Carsten Lentz Sr. Solution strategist carsten.lentz@ca.com Agenda - Introduction to customer case A Danish insurance company started the journey,

More information

Best Overall Use of Technology. Jaspersoft

Best Overall Use of Technology. Jaspersoft Best Overall Use of Technology Jaspersoft Kerstin Klein Manager, Engineering Processes/ Infrastructure, Jaspersoft From requirements to release QA centric development From Requirement to Release QA-Centric

More information

Open Source in Android Apps:

Open Source in Android Apps: Open Source in Android Apps: Tips for Becoming a Good Open Source Citizen AnDevCon Kim Weins, SVP Marketing, OpenLogic What You ll Learn! How much open source is used in mobile apps?! What level of compliance

More information

Jenkins and Chef Infrastructure CI and Application Deployment

Jenkins and Chef Infrastructure CI and Application Deployment Jenkins and Chef Infrastructure CI and Application Deployment Dan Stine Copyright Clearance Center www.copyright.com June 18, 2014 #jenkinsconf About Me! Software Architect! Library & Framework Developer!

More information

Continuous Integration. CSC 440: Software Engineering Slide #1

Continuous Integration. CSC 440: Software Engineering Slide #1 Continuous Integration CSC 440: Software Engineering Slide #1 Topics 1. Continuous integration 2. Configuration management 3. Types of version control 1. None 2. Lock-Modify-Unlock 3. Copy-Modify-Merge

More information

Software change and release management White paper June 2008. Extending open source tools for more effective software delivery.

Software change and release management White paper June 2008. Extending open source tools for more effective software delivery. Software change and release management White paper June 2008 Extending open source tools for more Page 2 Contents 2 Integrating and complementing open source tools 2 Trends in business shape software development

More information

OpenMake Dynamic DevOps Suite 7.5 Road Map. Feature review for Mojo, Meister, CloudBuilder and Deploy+

OpenMake Dynamic DevOps Suite 7.5 Road Map. Feature review for Mojo, Meister, CloudBuilder and Deploy+ OpenMake Dynamic DevOps Suite 7.5 Road Map Feature review for Mojo, Meister, CloudBuilder and Deploy+ Release Date: August 2012 Dated: May 21, 2012 Table of Contents OpenMake Dynamic DevOps Suite 7.5 Road

More information

Solving the Software Quality Challenges of Agile Development

Solving the Software Quality Challenges of Agile Development Solving the Software Quality Challenges of Agile Development 2 Solving the Software Quality Risks of Agile Development Agile software development is a series of iterative and incremental development methods

More information

Enabling Continuous Delivery by Leveraging the Deployment Pipeline

Enabling Continuous Delivery by Leveraging the Deployment Pipeline Enabling Continuous Delivery by Leveraging the Deployment Pipeline Jason Carter Principal (972) 689-6402 Jason.carter@parivedasolutions.com Pariveda Solutions, Inc. Dallas,TX Table of Contents Matching

More information

ENJOYING OPEN SOURCE WITHOUT COMPROMISING BUSINESS. Dr. Ron Rymon Founder, White Source Software ron@whitesourcesoftware.com

ENJOYING OPEN SOURCE WITHOUT COMPROMISING BUSINESS. Dr. Ron Rymon Founder, White Source Software ron@whitesourcesoftware.com ENJOYING OPEN SOURCE WITHOUT COMPROMISING BUSINESS Dr. Ron Rymon Founder, White Source Software Background I am a software entrepreneur, not a legal expert My own experience with the dark side of open

More information

How To Change A Business Model

How To Change A Business Model SOA governance and organizational change strategy White paper November 2007 Enabling SOA through organizational change Sandy Poi, Global SOA Offerings Governance lead, associate partner, Financial Services

More information

The Next Wave of Data Management. Is Big Data The New Normal?

The Next Wave of Data Management. Is Big Data The New Normal? The Next Wave of Data Management Is Big Data The New Normal? Table of Contents Introduction 3 Separating Reality and Hype 3 Why Are Firms Making IT Investments In Big Data? 4 Trends In Data Management

More information

Delivering Quality Software with Continuous Integration

Delivering Quality Software with Continuous Integration Delivering Quality Software with Continuous Integration 01 02 03 04 Unit Check- Test Review In 05 06 07 Build Deploy Test In the following pages we will discuss the approach and systems that together make

More information

Advent of Open Source in PLM

Advent of Open Source in PLM Advent of Open Source in PLM By SuryakumarShivasagaran, COO and MD of Plural Technology Pvt. Ltd. Contents About the Author... 2 Abstract... 2 What is Open Source Software?... 2 Open Source versus Closed

More information

Successfully managing geographically distributed development

Successfully managing geographically distributed development IBM Rational SCM solutions for distributed development August 2004 Successfully managing geographically distributed development Karen Wade SCM Product Marketing Manager IBM Software Group Page 2 Contents

More information

Business Rule Management. Effective IT Modernization

Business Rule Management. Effective IT Modernization Business Rule Management Effective IT Modernization Business Rule Management Lynne Harbin, Associate Director Health Eligibility Center, Veterans Health Administration I. Philip Matkovsky, Principal Macro

More information

OBLIGATION MANAGEMENT

OBLIGATION MANAGEMENT OBLIGATION MANAGEMENT TRACK & TRACE: CONTRACTUAL OBLIGATIONS Better Visibility. Better Outcomes RAMESH SOMASUNDARAM DIRECTOR, IT VENDOR MANAGEMENT SERVICES MARCH 2012 E N E R G I C A Governance Matter

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER The IT Manager's Role in Proactive Information Retention and Disposition Management: Balancing ediscovery and Compliance Obligations with IT Operational and Budget Constraints Sponsored by:

More information

Reliable Business Data Implementing A Successful Data Governance Strategy with Enterprise Modeling Standards

Reliable Business Data Implementing A Successful Data Governance Strategy with Enterprise Modeling Standards Reliable Business Data Implementing A Successful Data Governance Strategy with Enterprise Modeling Standards All Rights Reserved Welcome! Let Me Introduce Myself Marcie Barkin Goodwin President & CEO Axis

More information

Be Fast, but be Secure a New Approach to Application Security July 23, 2015

Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Copyright 2015 Vivit Worldwide Copyright 2015 Vivit Worldwide Brought to you by Copyright 2015 Vivit Worldwide Hosted by Paul

More information

Automation and Virtualization, the pillars of Continuous Testing

Automation and Virtualization, the pillars of Continuous Testing HP Software: Apps meet Ops 2015 Automation and Virtualization, the pillars of Continuous Testing Jerry Saelemakers/ April 2 nd, 2015 Today s business initiatives demand a balance between velocity and quality

More information

Seven Practical Steps to Delivering More Secure Software. January 2011

Seven Practical Steps to Delivering More Secure Software. January 2011 Seven Practical Steps to Delivering More Secure Software January 2011 Table of Contents Actions You Can Take Today 3 Delivering More Secure Code: The Seven Steps 4 Step 1: Quick Evaluation and Plan 5 Step

More information

forecasting & planning tools

forecasting & planning tools solutions forecasting & planning tools by eyeon solutions january 2015 contents introduction 4 about eyeon 5 services eyeon solutions 6 key to success 7 software partner: anaplan 8 software partner: board

More information

Industry. Head of Research Service Desk Institute

Industry. Head of Research Service Desk Institute Asset Management in the ITSM Industry Prepared by Daniel Wood Head of Research Service Desk Institute Sponsored by Declaration We believe the information in this document to be accurate, relevant and truthful

More information

Strategies for assessing cloud security

Strategies for assessing cloud security IBM Global Technology Services Thought Leadership White Paper November 2010 Strategies for assessing cloud security 2 Securing the cloud: from strategy development to ongoing assessment Executive summary

More information