Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

2021 Open Source Governance: Top Ten Trends and Predictions

101 vues

Publié le

If you work in software development, jumpstart your engineering team in 2021—get ahead of the engineering curve and your competitors—by attending this must-watch open source trends and predictions webinar.

Alex Rybak, Director of Product Management at Revenera, and Russ Eling, founder and CEO of OSS Engineering Consultants, share their top 10 open source usage, license compliance and security insights for the new year.

Just a few hints at what you’ll learn more about:

Where the adoption of shift-left is headed and the decisions you’ll face going forward
The impact of a lack of software developer security training relative to pandemic fallout
The broader role of the engineering team in open source management and governance
The expanding role and impact of open source marketplaces such as GitHub
Don’t miss the discussion for valuable insight and learning for software engineering teams

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

2021 Open Source Governance: Top Ten Trends and Predictions

  1. 1. ©2021 Revenera | Company Confidential OPEN SOURCE GOVERNANCE TOP TEN TRENDS AND PREDICTIONS FOR 2021
  2. 2. ©2021 Revenera | Company Confidential TODAY’S SPEAKERS RUSS ELING Founder at OSS Engineering Consultants russ@ossengineeringconsultants.com ALEX RYBAK Director, Product Management at Revenera arybak@revenera.com
  3. 3. ©2021 Revenera | Company Confidential “SCA efforts must accelerate their shift toward the development phase. Savvy firms that use SCA early in the SDLC ensure that open source vulnerabilities and licensing issues don’t cascade throughout the application.” – Forrester, The State of Application Security, 2020 1 THE SHIFT-LEFT MOVEMENT
  4. 4. ©2021 Revenera | Company Confidential “DevOps tasks such as open-source license compliance, security management and functionally safe certification are driving the demand for greater software transparency across the supply chain. Simply put—manufacturers cannot succeed at these tasks without clear insight into the third-party and open-source software components that comprises their products. This requires a continuous analysis of software commits throughout the development lifecycle.” – Mark Gisi, Director of IP & Open Source Program Office, Wind River 2 SOFTWARE SUPPLY CHAIN MATURITY
  5. 5. ©2021 Revenera | Company Confidential Based on Forrester Research TOP 40 U.S. AND TOP 5 INTERNATIONAL COMPUTER SCIENCE PROGRAMS DO NOT INCLUDE OPEN SOURCE LICENSING AND SECURE CODING IN CURRICULUM. “ “ 3 OSS AND SECURITY TRAINING
  6. 6. ©2021 Revenera | Company Confidential 25 25 29 8 27 17 29 19 N/A 221 236 252 454 560 590 626 670 3,630 2012 2013 2014 2015 2016 2017 2018 2019 2020 Average OSS discovered by Revenera’s audit teams Average OSS disclosed by customers Source: Revenera Professional Services Audit Data 2012 – 2020 (Sampled) 122% increase over 2 years Package managers gain adoption in build environments for managing dependencies 442% increase YOY Popular ecosystems including PyPI, NPM, RubyGems, and many others are bringing in many more dependencies 4 BOM CONTINUES TO GROW
  7. 7. ©2021 Revenera | Company Confidential REVIEW REMEDIATE (optional) MONITOR REFINE (optional) CREATE Software producers, maintainers, and security professionals alike must understand that merely viewing the use of a Software Bill of Materials as a vehicle for security and compliance is no longer enough. Safety, security, export controls, a secure chain of custody, and even regulation will drive customers to demand this as a requirement in software agreements. Disclosing a Software Bill of Materials will soon become a general part of doing business in the world of selling secure software. – Christine Gadsby, Vice President of Product Security, BlackBerry 5 IMPORTANCE OF THE BILL OF MATERIALS
  8. 8. ©2021 Revenera | Company Confidential In just 10 years, GitHub has transformed how people code. GitHub hasn’t just made coding easier—it has changed the way software developers think about programming. ▪ 60M new repositories in 2020 ▪ 1.9B contributions 6 MATURITY AND CONSOLIDATION OF OSS MARKETPLACES
  9. 9. ©2021 Revenera | Company Confidential 61% of US dealmakers expect M&A activity to return to pre–COVID-19 levels within the next 12 months. - Deloitte’s Future of M&A Trends Survey 7 M&A IS PICKING UP AGAIN
  10. 10. ©2021 Revenera | Company Confidential Gartner, The Future of DevOps Toolchains Will Involve Maximizing Flow in IT Value Streams BY 2023, 70% OF ORGANIZATIONS WILL USE VALUE STREAM MANAGEMENT TO IMPROVE FLOW IN THE DEVOPS PIPELINE, LEADING TO FASTER DELIVERY OF CUSTOMER VALUE. “ “ 8 ANALYSIS TIMELINES ARE GETTING COMPRESSED
  11. 11. ©2021 Revenera | Company Confidential FALSE-POSITIVES RATE DATA CURRENCY 9 KEY MARKET CHALLENGES FOR CONTENT
  12. 12. ©2021 Revenera | Company Confidential ENTERPRISE SCALING DEPLOYMENT MODELS 10 KEY MARKET CHALLENGES FOR DEPLOYMENT
  13. 13. ©2021 Revenera | Company Confidential KEY TAKEAWAYS 1. Adoption of Shift-Left 2. Software Supply Chain Maturity 3. OSS and Security Training 4. BOM Continues to Grow Due to Dependencies 5. Emphasis on the Importance of the Bill of Materials 6. Maturity and Consolidation of OSS Marketplaces 7. Pace of M&A is Increasing 8. Analysis Timelines are Getting Compressed 9. Key market challenge: False Positives and Data Currency 10. Key market challenge: Enterprise Scaling and Deployment Models
  14. 14. ©2021 Revenera | Company Confidential Q & A
  15. 15. ©2021 Revenera | Company Confidential THANK YOU! Alex Rybak arybak@revenera.com Russ Eling russ@ossengineeringconsultants.com revenera.com ossengineeringconsultants.com

×