SlideShare une entreprise Scribd logo

How temenos manages open source use, the easy way combined

Télécharger en tant que PPTX, PDF
WhiteSource
WhiteSource

The extensive use of open source in commercial software requires engineering executives to set processes and measures that will enable their organization and their customers to make the most of what open source can offer without assuming the accompanying risks. See how Temenos manages their open source components.

Logiciels
1  sur  23
How Temenos Manages Open Source Use, the Easy Way Martin Bailey, Product Director – Enterprise Software, Temenos Group AG Rami Sass is CEO and Co-Founder of WhiteSource
Agenda and Logistics  Temenos  Effortless management of open source components  WhiteSource Demo  Q&A  Please type questions in the control bar  Full answers will be sent by email
Martin Bailey How Open Source Management Became Effortless IEEE Webinar
4 Innovation led World’s leading banking software company World class delivery No.1 2000+ installations in 150+ countries 469m USD revenues in 2014 4,000+ employees in 72 international offices 135 go lives in 2014 Strength and depth: 1,000+ consultants, 100 concurrent projects Community of 2,000+ certified partner consultants Highest level of R&D in the industry to drive innovation Regular software upgrade strategy Passion for standards and openness Temenos – a global market leader
5 Powerhouse in financial software 500 million US$115m 38 US$5 trillion of top 50 banks use Temenos In annual R&Din assets processed through Temenos software customers rely on Temenos for daily banking needs
6 Nice to meet you Martin Bailey Product Director – Enterprise Software at Temenos • Leads team of product groups and architects • In charge of the technology that is the basis for all of Temenos’ solutions
8 Looking for the Right Solution The manual option: error prone and time consuming Looked for an open source management solution that: • Provides an always up-to-date open source report • Offers full licenses, compliance, security alerts and version information • Enables continuous vetting of open source components as they are added • Easy to use • Saves time • Low cost of ownership
9 Open source inventory and vetting Error prone WhiteSource automatically discovers all of open source components, including dependencies Time consuming Always up-to-date inventory on hand Report is a button click away Before After
10 License Compliance No way of vetting open source components before they are used A policy was set in the WhiteSource system with a black list of forbidden licenses and a white list of permitted licenses If a forbidden license is discovered, development time is wasted Based on lists, open source components are vetted as they are added by developers (during the build) Before After
11 Security Vulnerabilities and New Versions Occasional manual search for security vulnerabilities WhiteSource alerts on security vulnerabilities, fixes and new versions for all components used Before After
12 The WhiteSource Implementation Install plugin < 1 hour Set up policy – 30 minutes -------------------------------------- < 90 minutes start to finish Reward: open source serenity Up-to-date accurate report, on hand at all times License compliance issues in check Open source vulnerabilities and new version alerts
Open Source License and Security Management Practice Safe Open Source
Open source is great...  If used right, open source components substantially boost developers productivity  Focus on core capabilities  Rely on true and tested code *Source: Gartner User Survey Analysis: Open-Source Software, Worldwide According to Gartner, 85% of commercial software vendors rely heavily on open source to boost productivity and remain competitive*
But, if Improperly Managed…  License Risks and Compliance Issues  Security Vulnerabilities, Quality risks and compliance Issues Eat into the value of open source, and bring substantial legal, technical, and business risks
License Risks and Compliance  Difficult to properly track all open source and comply with their licenses  Large gaps between reported and actual*  Difficult to identify all dependencies, which may have different license (64%)*  Difficult to enforce licensing policy* *WhiteSource data Open source is free, but comes with a license. Incompliance results in legal, security, and business risks.
Security Vulnerabilities  Defects and vulnerabilities exist in open source as in any software  70% of apps include vulnerabilities*  Defect rate in open source is similar to other applications*  Everyone tests their own code.  But, testing open source is “out of process” for most developers. When a fix vulnerability is detected, they will never know, nor update to fix it  24% of commercial software includes vulnerable open source libraries**  85% of projects have outdated open source libraries** Sources: *Coverity, Veracode, **WhiteSource If your product contains vulnerable open source libraries, your product is vulnerable. Period.
WhiteSource Makes It Whole Again Automated Agile Easy-to-use Affordable
License Risks And Compliance  Automatically detect and document open source inventory  Automatically identify all licenses, including dependencies  Automate enforcement of organizational license policy  Automate documentation during version release
Security and Quality  Proactive alerts on security vulnerabilities that affect you  Proactive alerts on fixes and new versions  Detect libraries that you no longer use
Automatic. Easy. Agile.  Integral part of your development lifecycle  Wide range of OOTB plugins to leading build tools  Send signatures of libraries (not the code!) to WhiteSource  Entire open source content is discovered and categorized  Open source policy can be enforced (including stop build)  Take developers out of the loop  Saves time. Lets developer focus on their work.  Increase precision and timeliness. Reduce errors.
One Word: Effortless
Demo
Thank You! Our website: www.whitesourcesoftware.com

Recommandé

1. gen1 evolution and architecture of t24-r10.01
1. gen1 evolution and architecture of t24-r10.011. gen1 evolution and architecture of t24-r10.01
1. gen1 evolution and architecture of t24-r10.01Emmanuel Boadu
 
Temenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationTemenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationAshraf Imran
 
Introducing CA Nimsoft Monitor 6 - Webcast
Introducing CA Nimsoft Monitor 6 - WebcastIntroducing CA Nimsoft Monitor 6 - Webcast
Introducing CA Nimsoft Monitor 6 - WebcastCA Nimsoft
 
IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)Kimber Spradlin
 
Ch4 req eng
Ch4 req engCh4 req eng
Ch4 req engsoftware-engineering-book
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkerseG Innovations
 
Securing Your Infrastructure: Identity Management and Data Protection
Securing Your Infrastructure: Identity Management and Data ProtectionSecuring Your Infrastructure: Identity Management and Data Protection
Securing Your Infrastructure: Identity Management and Data ProtectionLumension
 
System Center Endpoint Protection
System Center Endpoint ProtectionSystem Center Endpoint Protection
System Center Endpoint ProtectionScientia Groups
 

Recommandé

1. gen1 evolution and architecture of t24-r10.01
1. gen1 evolution and architecture of t24-r10.011. gen1 evolution and architecture of t24-r10.01
1. gen1 evolution and architecture of t24-r10.01Emmanuel Boadu
 
Temenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationTemenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationAshraf Imran
 
Introducing CA Nimsoft Monitor 6 - Webcast
Introducing CA Nimsoft Monitor 6 - WebcastIntroducing CA Nimsoft Monitor 6 - Webcast
Introducing CA Nimsoft Monitor 6 - WebcastCA Nimsoft
 
IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)Kimber Spradlin
 
Ch4 req eng
Ch4 req engCh4 req eng
Ch4 req engsoftware-engineering-book
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkerseG Innovations
 
Securing Your Infrastructure: Identity Management and Data Protection
Securing Your Infrastructure: Identity Management and Data ProtectionSecuring Your Infrastructure: Identity Management and Data Protection
Securing Your Infrastructure: Identity Management and Data ProtectionLumension
 
System Center Endpoint Protection
System Center Endpoint ProtectionSystem Center Endpoint Protection
System Center Endpoint ProtectionScientia Groups
 
ENPAQ Brochure
ENPAQ BrochureENPAQ Brochure
ENPAQ BrochureVinod Kumar
 
IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0RMayo22
 
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...Matthew Skelton
 
How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM sflynn073
 
Resume
ResumeResume
ResumeManish Malik
 
An Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing PlatformAn Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing PlatformBo-Chun Peng
 
Job Postings
Job PostingsJob Postings
Job PostingsJMacKenzieAst
 
Reducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity AssessmentReducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity AssessmentLinuxIT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...eG Innovations
 
NeilBrittleton Current CV
NeilBrittleton Current CVNeilBrittleton Current CV
NeilBrittleton Current CVNeil Brittleton
 
AOS - Five Monitoring Offering
AOS - Five Monitoring OfferingAOS - Five Monitoring Offering
AOS - Five Monitoring OfferingNGINX at F5
 
ITIL Best Practice for Software Companies
ITIL Best Practice for Software CompaniesITIL Best Practice for Software Companies
ITIL Best Practice for Software CompaniesDaniel Brody
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_ResumeChuck Roden
 
Akant_Kukreja
Akant_KukrejaAkant_Kukreja
Akant_KukrejaAkant Kukreja
 
E-GEN
E-GENE-GEN
E-GENGeorges Deschamps
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel IoT
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenanceNagesh Kollu
 
SteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War RoomSteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War RoomRiverbed Technology
 
Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)Roy Cardona
 
About Shenick
About ShenickAbout Shenick
About ShenickShenick Network Systems
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Rogue Wave Software
 
Open Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are usingOpen Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are usingAll Things Open
 

Contenu connexe

Tendances

IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0RMayo22
 
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...Matthew Skelton
 
How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM sflynn073
 
An Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing PlatformAn Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing PlatformBo-Chun Peng
 
Reducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity AssessmentReducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity AssessmentLinuxIT
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...eG Innovations
 
NeilBrittleton Current CV
NeilBrittleton Current CVNeilBrittleton Current CV
NeilBrittleton Current CVNeil Brittleton
 
AOS - Five Monitoring Offering
AOS - Five Monitoring OfferingAOS - Five Monitoring Offering
AOS - Five Monitoring OfferingNGINX at F5
 
ITIL Best Practice for Software Companies
ITIL Best Practice for Software CompaniesITIL Best Practice for Software Companies
ITIL Best Practice for Software CompaniesDaniel Brody
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_ResumeChuck Roden
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel IoT
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenanceNagesh Kollu
 
SteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War RoomSteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War RoomRiverbed Technology
 
Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)Roy Cardona
 

Tendances (20)

ENPAQ Brochure
ENPAQ BrochureENPAQ Brochure
ENPAQ Brochure
 
IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0IBM Endpoint Manager V9.0
IBM Endpoint Manager V9.0
 
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
Practical operability techniques for teams - Matthew Skelton - Conflux - Cont...
 
How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM How Nationwide Insurance use IBM Decision Manager and BPM
How Nationwide Insurance use IBM Decision Manager and BPM
 
Resume
ResumeResume
Resume
 
An Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing PlatformAn Easy To Deploy Penetration Testing Platform
An Easy To Deploy Penetration Testing Platform
 
Job Postings
Job PostingsJob Postings
Job Postings
 
Reducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity AssessmentReducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
Reducing Risk And Cost In With A Linux Infrastructure Maturity Assessment
 
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
Best Practices for Troubleshooting Slow Citrix Logon and Ensuring Excellent U...
 
NeilBrittleton Current CV
NeilBrittleton Current CVNeilBrittleton Current CV
NeilBrittleton Current CV
 
AOS - Five Monitoring Offering
AOS - Five Monitoring OfferingAOS - Five Monitoring Offering
AOS - Five Monitoring Offering
 
ITIL Best Practice for Software Companies
ITIL Best Practice for Software CompaniesITIL Best Practice for Software Companies
ITIL Best Practice for Software Companies
 
Chuck_Roden_Resume
Chuck_Roden_ResumeChuck_Roden_Resume
Chuck_Roden_Resume
 
Akant_Kukreja
Akant_KukrejaAkant_Kukreja
Akant_Kukreja
 
E-GEN
E-GENE-GEN
E-GEN
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of Things
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenance
 
SteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War RoomSteelCentral Portal Take the War Out of the War Room
SteelCentral Portal Take the War Out of the War Room
 
Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)Roy Cardona Resume (2 pages)
Roy Cardona Resume (2 pages)
 
About Shenick
About ShenickAbout Shenick
About Shenick
 

Similaire à How temenos manages open source use, the easy way combined

Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Rogue Wave Software
 
Open Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are usingOpen Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are usingAll Things Open
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015Rogue Wave Software
 
Everything you need to know about your open source support contract
Everything you need to know about your open source support contractEverything you need to know about your open source support contract
Everything you need to know about your open source support contractRogue Wave Software
 
Giving Everyone Access To Open Source Best Practices: The OpenChain Curriculum
Giving Everyone Access To Open Source Best Practices: The OpenChain CurriculumGiving Everyone Access To Open Source Best Practices: The OpenChain Curriculum
Giving Everyone Access To Open Source Best Practices: The OpenChain CurriculumShane Coughlan
 
Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...WhiteSource
 
Top 5 best practice for delivering secure in-vehicle software
Top 5 best practice for delivering secure in-vehicle softwareTop 5 best practice for delivering secure in-vehicle software
Top 5 best practice for delivering secure in-vehicle softwareRogue Wave Software
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security Rogue Wave Software
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...WhiteSource
 
How to automate your DevSecOps successfully
How to automate your DevSecOps successfullyHow to automate your DevSecOps successfully
How to automate your DevSecOps successfullyManuel Pistner
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suitejeff cheng
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...FINOS
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceRogue Wave Software
 
PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?Black Duck by Synopsys
 
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...Sonatype
 
Create code confidence for better application security
Create code confidence for better application securityCreate code confidence for better application security
Create code confidence for better application securityRogue Wave Software
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
Open DevSecOps 2019 - Securing the Software Supply Chain - Sonatype
Open DevSecOps 2019 - Securing the Software Supply Chain - SonatypeOpen DevSecOps 2019 - Securing the Software Supply Chain - Sonatype
Open DevSecOps 2019 - Securing the Software Supply Chain - SonatypeEmerasoft, solutions to collaborate
 
DevOps and Open Source Software Continuous Compliance
DevOps and Open Source Software Continuous ComplianceDevOps and Open Source Software Continuous Compliance
DevOps and Open Source Software Continuous ComplianceSource Code Control Limited
 

Similaire à How temenos manages open source use, the easy way combined (20)

Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
 
Open Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are usingOpen Source evaluation: A comprehensive guide on what you are using
Open Source evaluation: A comprehensive guide on what you are using
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
 
Everything you need to know about your open source support contract
Everything you need to know about your open source support contractEverything you need to know about your open source support contract
Everything you need to know about your open source support contract
 
Giving Everyone Access To Open Source Best Practices: The OpenChain Curriculum
Giving Everyone Access To Open Source Best Practices: The OpenChain CurriculumGiving Everyone Access To Open Source Best Practices: The OpenChain Curriculum
Giving Everyone Access To Open Source Best Practices: The OpenChain Curriculum
 
Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...Winning open source vulnerabilities without loosing your deveopers - Azure De...
Winning open source vulnerabilities without loosing your deveopers - Azure De...
 
Top 5 best practice for delivering secure in-vehicle software
Top 5 best practice for delivering secure in-vehicle softwareTop 5 best practice for delivering secure in-vehicle software
Top 5 best practice for delivering secure in-vehicle software
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
 
How to automate your DevSecOps successfully
How to automate your DevSecOps successfullyHow to automate your DevSecOps successfully
How to automate your DevSecOps successfully
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suite
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded system
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open source
 
PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?
 
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
Lawyers and Licenses in Open Source-based Development: How to Protect Your So...
 
Create code confidence for better application security
Create code confidence for better application securityCreate code confidence for better application security
Create code confidence for better application security
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 
Open DevSecOps 2019 - Securing the Software Supply Chain - Sonatype
Open DevSecOps 2019 - Securing the Software Supply Chain - SonatypeOpen DevSecOps 2019 - Securing the Software Supply Chain - Sonatype
Open DevSecOps 2019 - Securing the Software Supply Chain - Sonatype
 
DevOps and Open Source Software Continuous Compliance
DevOps and Open Source Software Continuous ComplianceDevOps and Open Source Software Continuous Compliance
DevOps and Open Source Software Continuous Compliance
 

Plus de WhiteSource

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps WhiteSource
 
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskInnocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskWhiteSource
 
Empowering Financial Institutions to Use Open Source With Confidence
Empowering Financial Institutions to Use Open Source With ConfidenceEmpowering Financial Institutions to Use Open Source With Confidence
Empowering Financial Institutions to Use Open Source With ConfidenceWhiteSource
 
Tackling the Container Iceberg:How to approach security when most of your sof...
Tackling the Container Iceberg:How to approach security when most of your sof...Tackling the Container Iceberg:How to approach security when most of your sof...
Tackling the Container Iceberg:How to approach security when most of your sof...WhiteSource
 
Taking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelTaking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelWhiteSource
 
Securing Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsSecuring Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsWhiteSource
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
The State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementThe State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementWhiteSource
 
Open Source Security at Scale- The DevOps Challenge 
Open Source Security at Scale- The DevOps Challenge Open Source Security at Scale- The DevOps Challenge 
Open Source Security at Scale- The DevOps Challenge WhiteSource
 
Tackling the Risks of Open Source Security: 5 Things You Need to Know
Tackling the Risks of Open Source Security: 5 Things You Need to KnowTackling the Risks of Open Source Security: 5 Things You Need to Know
Tackling the Risks of Open Source Security: 5 Things You Need to KnowWhiteSource
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureWhiteSource
 
Deep Dive into Container Security
Deep Dive into Container SecurityDeep Dive into Container Security
Deep Dive into Container SecurityWhiteSource
 
Fire alarms vs. Fire hoses: Keeping up with Dependencies
Fire alarms vs. Fire hoses: Keeping up with DependenciesFire alarms vs. Fire hoses: Keeping up with Dependencies
Fire alarms vs. Fire hoses: Keeping up with DependenciesWhiteSource
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationWhiteSource
 
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemBarriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemWhiteSource
 
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...WhiteSource
 
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...WhiteSource
 
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...WhiteSource
 
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...WhiteSource
 
Automating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceAutomating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceWhiteSource
 

Plus de WhiteSource (20)

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
 
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskInnocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
 
Empowering Financial Institutions to Use Open Source With Confidence
Empowering Financial Institutions to Use Open Source With ConfidenceEmpowering Financial Institutions to Use Open Source With Confidence
Empowering Financial Institutions to Use Open Source With Confidence
 
Tackling the Container Iceberg:How to approach security when most of your sof...
Tackling the Container Iceberg:How to approach security when most of your sof...Tackling the Container Iceberg:How to approach security when most of your sof...
Tackling the Container Iceberg:How to approach security when most of your sof...
 
Taking Open Source Security to the Next Level
Taking Open Source Security to the Next LevelTaking Open Source Security to the Next Level
Taking Open Source Security to the Next Level
 
Securing Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsSecuring Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOps
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOps
 
The State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities ManagementThe State of Open Source Vulnerabilities Management
The State of Open Source Vulnerabilities Management
 
Open Source Security at Scale- The DevOps Challenge 
Open Source Security at Scale- The DevOps Challenge Open Source Security at Scale- The DevOps Challenge 
Open Source Security at Scale- The DevOps Challenge 
 
Tackling the Risks of Open Source Security: 5 Things You Need to Know
Tackling the Risks of Open Source Security: 5 Things You Need to KnowTackling the Risks of Open Source Security: 5 Things You Need to Know
Tackling the Risks of Open Source Security: 5 Things You Need to Know
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure Culture
 
Deep Dive into Container Security
Deep Dive into Container SecurityDeep Dive into Container Security
Deep Dive into Container Security
 
Fire alarms vs. Fire hoses: Keeping up with Dependencies
Fire alarms vs. Fire hoses: Keeping up with DependenciesFire alarms vs. Fire hoses: Keeping up with Dependencies
Fire alarms vs. Fire hoses: Keeping up with Dependencies
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to Remediation
 
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemBarriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome Them
 
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...
5 Things Every CISO Needs To Know About Open Source Security - A WhiteSource ...
 
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...
SAST (Static Application Security Testing) vs. SCA (Software Composition Anal...
 
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
 
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
 
Automating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceAutomating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSource
 

Dernier

How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 

Dernier (20)

How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 

How temenos manages open source use, the easy way combined

  • 1. How Temenos Manages Open Source Use, the Easy Way Martin Bailey, Product Director – Enterprise Software, Temenos Group AG Rami Sass is CEO and Co-Founder of WhiteSource
  • 2. Agenda and Logistics  Temenos  Effortless management of open source components  WhiteSource Demo  Q&A  Please type questions in the control bar  Full answers will be sent by email
  • 3. Martin Bailey How Open Source Management Became Effortless IEEE Webinar
  • 4. 4 Innovation led World’s leading banking software company World class delivery No.1 2000+ installations in 150+ countries 469m USD revenues in 2014 4,000+ employees in 72 international offices 135 go lives in 2014 Strength and depth: 1,000+ consultants, 100 concurrent projects Community of 2,000+ certified partner consultants Highest level of R&D in the industry to drive innovation Regular software upgrade strategy Passion for standards and openness Temenos – a global market leader
  • 5. 5 Powerhouse in financial software 500 million US$115m 38 US$5 trillion of top 50 banks use Temenos In annual R&Din assets processed through Temenos software customers rely on Temenos for daily banking needs
  • 6. 6 Nice to meet you Martin Bailey Product Director – Enterprise Software at Temenos • Leads team of product groups and architects • In charge of the technology that is the basis for all of Temenos’ solutions
  • 7. 8 Looking for the Right Solution The manual option: error prone and time consuming Looked for an open source management solution that: • Provides an always up-to-date open source report • Offers full licenses, compliance, security alerts and version information • Enables continuous vetting of open source components as they are added • Easy to use • Saves time • Low cost of ownership
  • 8. 9 Open source inventory and vetting Error prone WhiteSource automatically discovers all of open source components, including dependencies Time consuming Always up-to-date inventory on hand Report is a button click away Before After
  • 9. 10 License Compliance No way of vetting open source components before they are used A policy was set in the WhiteSource system with a black list of forbidden licenses and a white list of permitted licenses If a forbidden license is discovered, development time is wasted Based on lists, open source components are vetted as they are added by developers (during the build) Before After
  • 10. 11 Security Vulnerabilities and New Versions Occasional manual search for security vulnerabilities WhiteSource alerts on security vulnerabilities, fixes and new versions for all components used Before After
  • 11. 12 The WhiteSource Implementation Install plugin < 1 hour Set up policy – 30 minutes -------------------------------------- < 90 minutes start to finish Reward: open source serenity Up-to-date accurate report, on hand at all times License compliance issues in check Open source vulnerabilities and new version alerts
  • 12. Open Source License and Security Management Practice Safe Open Source
  • 13. Open source is great...  If used right, open source components substantially boost developers productivity  Focus on core capabilities  Rely on true and tested code *Source: Gartner User Survey Analysis: Open-Source Software, Worldwide According to Gartner, 85% of commercial software vendors rely heavily on open source to boost productivity and remain competitive*
  • 14. But, if Improperly Managed…  License Risks and Compliance Issues  Security Vulnerabilities, Quality risks and compliance Issues Eat into the value of open source, and bring substantial legal, technical, and business risks
  • 15. License Risks and Compliance  Difficult to properly track all open source and comply with their licenses  Large gaps between reported and actual*  Difficult to identify all dependencies, which may have different license (64%)*  Difficult to enforce licensing policy* *WhiteSource data Open source is free, but comes with a license. Incompliance results in legal, security, and business risks.
  • 16. Security Vulnerabilities  Defects and vulnerabilities exist in open source as in any software  70% of apps include vulnerabilities*  Defect rate in open source is similar to other applications*  Everyone tests their own code.  But, testing open source is “out of process” for most developers. When a fix vulnerability is detected, they will never know, nor update to fix it  24% of commercial software includes vulnerable open source libraries**  85% of projects have outdated open source libraries** Sources: *Coverity, Veracode, **WhiteSource If your product contains vulnerable open source libraries, your product is vulnerable. Period.
  • 17. WhiteSource Makes It Whole Again Automated Agile Easy-to-use Affordable
  • 18. License Risks And Compliance  Automatically detect and document open source inventory  Automatically identify all licenses, including dependencies  Automate enforcement of organizational license policy  Automate documentation during version release
  • 19. Security and Quality  Proactive alerts on security vulnerabilities that affect you  Proactive alerts on fixes and new versions  Detect libraries that you no longer use
  • 20. Automatic. Easy. Agile.  Integral part of your development lifecycle  Wide range of OOTB plugins to leading build tools  Send signatures of libraries (not the code!) to WhiteSource  Entire open source content is discovered and categorized  Open source policy can be enforced (including stop build)  Take developers out of the loop  Saves time. Lets developer focus on their work.  Increase precision and timeliness. Reduce errors.
  • 22. Demo

Notes de l'éditeur

  1. Temenos Group Market leading financial services software provider Public company 2014 Revenue $468.7M Selling to banks and other financial institutions ~1500 engineers
  2. OK – so I guess this is where we say why they ‘buy’ from us rather than build We really have to position the benefits of the platform approach here underpinning our out of the box solutions . . So key benefits versus other two options are Rapid deployment of pre-packaged solutions (Retail, Corporate & Wealth) – Time to market Only provider with solutions underpinned by UXP - f Low risk, low cost of ownership Highly customisable Enterprise scalable, performant with stringent security Maximum business re-use across the enterprise Future proof platform Multi-host Seamless integration with T24 In the middle we reinforce credibility of Temenos – something like: Work with experts in banking technologies driving innovation providing end to end solutions from back to front for over 1200 banking customers across the globe