Gone are the days when proprietary hardware was our only option in the data center. As companies seek technologies that would make use of their existing infrastructure, Open Source quickly became the staple solution for innovation and flexibility within the data center. If you’re looking ways to explore an open source strategy for the first time, or to take your existing strategy to the next level, this webinar is for you!
Join Nithya Ruff, Director of Open Source Office and board member at the Linux Foundation, as she shares why you need an open source strategy, and how you can grow your own. We look forward to collaborating with you!
As data continues to grow exponentially, datacenters are challenged with how to manage the increase in data complexity with on-demand access. When there isn’t a good solution to meet the need, Open Source and Flash are at the heart of solving these challenges by enabling companies to create scalable, agile and cost-effective datacenters. Join SanDisk’s Nithya Ruff, Open Source Strategy Director, as she outlines the use-cases for Open Source, and how to leverage the powerful combination of Open Source and flash technology to enable easy scaling, fast deployment of new services and improved user experiences and QoS.Read more >
Increasingly, organizations worldwide are implementing open source security and license risk assessment capabilities early in the software development lifecycle when the cost to remediate issues is lowest. This webinar will demonstrate Black Duck Hub’s effectiveness in providing comprehensive risk assessments when used in combination with our Eclipse IDE plugin, Build Tool, and CI Tool integrations. Additionally, we'll review valuable new features in Black Duck Hub 3.5.
You’ll also learn:
- How to improve the accuracy of your open source inventory by leverage open source dependency discovery techniques for build tools and package managers
- Options for incorporating Hub scanning into your Continuous Integration environments
- How to track remediation tasks using the Hub-Jira integration
- How to streamline your component review process
- Use cases for scanning binary repositories such as Artifactory
This annual review will highlight the most significant legal developments related to open source software in 2016, including:
- Current litigation
- An open source security update
- Companies open sourcing their own code
- FCC banning open source in routers
Gain insights into these important legal developments from two of the leading open source legal experts, Karen Copenhaver, Partner at Choate Hall & Stewart and Counsel for the Linux Foundation, and Mark Radcliffe, Partner at DLA Piper and General Counsel for the Open Source Initiative.
Increase security effectiveness and maintain dev agility
Three certainties in 2017: organizations worldwide will continue to increase their use of open source software; new open source security vulnerabilities will be discovered; exploits of open source vulnerabilities will occur.
With dev teams under constant pressure to accelerate application delivery and with security resources often scarce, organizations need more effective ways to determine which open source vulnerabilities to fix first and the options available to reduce risk during remediation.
Join Black Duck VP of Security Strategy Mike Pittenger as he discusses strategies and emerging best practices for risk-ranking open source vulnerabilities. He will cover:
- the most important considerations in prioritizing open source security issues
- ways to determine the risk associated with a discovered open source vulnerability
- options for dealing with open source security vulnerabilities beyond simply replacing the component
Did you know that nearly all product documentation at SUSE is published under an open document license, such as the GNU Free Documentation License, or Creative Commons? And did you know that we use mainly open source tools during the processes for the creation of our guides, quick starts, best practices? If you are curious to hear more about these tools and processes, just join the talk, and discover how you can influence quality and output of the SUSE documentation work.Read more >
Companies are constantly seeking ways to ensure their application code is secure and effectively managed. For example, M&A acquirers conduct one-time code audits on companies they are buying to avoid legal, operational or security pitfalls. Other organizations are proactive, using an an ongoing solution to make sure their application code is secure and well managed on a day-to-day basis.
Increasingly, many companies are opting to use both approaches.
Join Bob Genshaft, Director Strategic Programs at Wolters Kluwer, and Black Duck executives Phil Odence and Mike Pittenger for a discussion that will address key open source security and management questions:
· When is it appropriate to conduct an audit?
· When should your company consider an ongoing solution?
· What are the benefits of doing both?
Open Source software is the foundation for application development today and its use is growing rapidly worldwide because of the development cost reductions and innovation it enables. Black Duck discovers open source in every application it analyzes and finds finds that 35% of the average commercial software application is open source. Home-grown applications typically contain 50% or more open source.
The dramatic growth in open source use has been accompanied by an array of security and management challenges related to a lack of visibility into and control of the open source in use. Leading organizations are aggressively pursuing ways to continue to increase their use of open source and do so without compromising effective security or management.
This webinar will present findings from Black Duck's Center for Open Source Research examining open source use, risks, and benefits. Black Duck CMO Bob Canaway will discuss the latest open source threats, usage patterns, governance, and the changing security and management needs as open source expands across the cloud, the Internet of Things, and the digital landscape.
Despite open source software's long history - Linux just turned 25 - legal and risk questions about open source use still abound. Black Duck On-Demand Vice President & General Manager Phil Odence regularly fields open source-related questions as he speaks with tech executives and their counsel. Listen in as Phil goes through some of the most frequently asked questions and gets expert answers from Attorneys Karen Copenhaver and Mark Radcliffe. Both are well versed in the legal nuances of open source, and are able to turn their expertise into practical, actionable advice as they ably demonstrate in this webinar.Read more >
During our next customer webinar, we’ll share expert tips and best practices on how to extract maximum value from the latest features available in Black Duck Hub. The new integrations and features help improve both open source security and compliance. You’ll learn how to:
•Track remediation tasks using the new Hub-Jira integration
•Leverage new open source discovery techniques for Ruby Gems and Node.js as well as build integrations for Maven/Gradle to improve the accuracy of your open source inventory
•Customize your notices file so that all open source is properly attributed
•Leverage the new Hub-Email Extension to push notifications via email
•Incorporate Hub scanning into your Jenkins pipeline projects
Open source risk is a significant issue for both buyers and sellers in M&A transactions. Although open source comprises 30-50% of the code in an average application, results from Black Duck open source audits are eye-opening: sellers rarely know what open source they’re using and there are often serious risks associated with open source components in code assets.
In this webinar, Jim Markwith, a technology attorney who handles complex IP licensing transactions, and has been involved in scores of M&A deals, will discuss the top five open source issues that impact transactions. He will provide in-depth descriptions of the challenges encountered and their impact on the transaction, punctuating the presentation with insightful stories from the M&A trenches.
Businesses and governments worldwide increasingly rely on open source software to reduce development costs, get to market faster, and innovate. Despite its ubiquity, there are many management and security challenges that have accompanied the explosive growth in open source usage. Most organizations don’t know how much open source is in their applications or where it is in their code base. There is considerable confusion and misinformation about the what strategies and tools are needed to identify known open source vulnerabilities in the application code and assure the secure use of open source.
Please join Black Duck's VP of Security Strategy Mike Pittenger as he unpacks the common myths and misperceptions surrounding open source use and learn best practices to secure and manage your open source, reduce risk from security vulnerabilities and increase efficiency within your SDLC.
Join us as Patrick Quaiiroli discusses open source concepts, licensing, and the influence of the collaborating model of the golden age of technology.Read more >
Open source has been adopted by organizations across all industries, including software, systems, and cloud services. How much open source is used, along with the license, security, and operational risks posed by unmanaged use of open source, is a question M&A professionals need to consider in every transaction.
This webinar will provide insight from real world data abstracted from Black Duck M&A audits. The data covers hundreds of systems and commercial applications, the code assets of recent acquisition targets, and will illuminate why acquirers should understand exactly what is in the code base before closing the deal. Data will include:
- The composition of open source v. proprietary code in the average code base
- The gap between the number of open source components used vs. what was known by the target
- The prevalence of components using licenses that could put IP at risk
- Number and age of security vulnerabilities in the open source components
- An understanding of which components have underactive support communities
This webinar will examine the implications of recent open source compliance and litigation. It will touch on a series of Linux-related cases as well as stepped up compliance activity in Germany and current patent suits against Apache projects. The new litigation will be discussed in the context of prior similar cases such as the Versata-Ameriprise case. Additionally, the webinar will overview compliance best practices and how to reduce the risk of open source compliance and litigation.Read more >
Join us for our next customer webinar where we’ll share expert tips and best practices on how to extract maximum value from your Black Duck Hub implementation through automation.
Even before you scan your first line of code, Black Duck Hub brings value to your organization. This includes the ability to define strategies around users and user roles, project and policy management in order to simplify and streamline your organization’s open source security management. You’ll also learn how to integrate Hub and its security features more tightly into your continuous code development and DevOps ecosystem to bring you from a simple, reactive scanning approach to a more mature, automated one for managing open source use across your organization.
You Will Learn
• How to architect the right user, project, and policy management for maximum impact.
• Ways to incorporate Hub scanning into your continuous code development and DevOps lifecycle.
•Leveraging Black Duck Hub integrations with DAST/SAST security testing tools for enhanced application security.
• Best practices for interpreting your Hub scanning results and establishing a triage policy to deal with open source issues that need remediation.
• Ways to leverage the built-in and third-party resources to speed up the remediation process.
• How Black Duck Hub can help you move from a reactive approach to open source management to an automated one.
Following the demonstration, we’ll leave plenty of time for you to ask our product experts questions.
Recent Black Duck On-Demand security audits of 200 commercial applications confirm the importance of open source in application development, but also highlight the persistent challenges organizations face in effectively securing and managing their open source. Black Duck’s Open Source Security Audit Report reveals that on average the applications contained more than twice as much open source as the organizations thought, and that 67% of the audited applications contained known open source vulnerabilities.
In this 30-minute webinar, Black Duck VP of Security Strategy Mike Pittenger will review the audit findings and discuss strategies companies can use to minimize security risk while maximizing the economic and productivity value open source provides.
Open source-savvy lawyers have long advised their clients on managing risk by attending to compliance processes. But, insight into the open source and other third party code used in a code base is also critical to managing security risks.
Join Phil Odence, Vice President and General Manager at Black Duck Software, as he moderates a panel on the strategies you should have in place to manage the security of open source components in applications and containers.
DLA Piper security expert Peter McLaughlin will discuss the legal underpinnings of cyber security. David A. Wheeler, security research expert for the Institute for Defense Analyses (IDA) will explore the Linux Foundation's Core Infrastructure Initiative to ensure the security of open source projects.
The world is full of scheduling problems: employees to shifts, delivery routes to vehicles, aircraft and crews to flights, and manufacturing jobs to machines, just to name a few. Solving these problems optimally is often key to a businesses’ success, and yet the technology and knowledge needed to do it is often only available to the largest of enterprises. Until now.
Red Hat® JBoss® BRMS includes a business resource planner based on the popular OptaPlanner open source project. It offers a range of powerful optimization algorithms that enable regular Java™ developers to quickly build solvers for many common optimization problems.
Watch this webcast with the OptaPlanner to:
- Work through some actual examples and use cases whose solutions demonstrate business benefits.
- Leave equipped with tools and resources to start solving your own business planning problems.
- Discover how digital transformation and open source are changing the face of business and IT operations
The recent high-profile “Panama Papers” exploit, which resulted in the theft of 2.6 terabytes of data from the Mossack Fonseca law firm, highlighted the firm’s failure to effectively secure and manage its open source software.
Although the exploited component has yet to be pinpointed, the breach investigation has revealed that Mossack Fonseca was delinquent in patching known open source vulnerabilities in both Drupal and Wordpress. This lapse exposed sensitive client information.
Open source software is an essential element in application development today and this breach raises the question: What are the best practices for securing and managing open source to avoid exploitation? This webcast will detail the processes organization can implement to secure and manage their open source to reduce risk from security vulnerabilities.
Please join us to learn the results of the 2016 Future of Open Source Survey.
Today, open source drives technology and development forward. Its adoption worldwide is visible in companies ranging in size from a single employee to companies like Microsoft and Apple. All of these organizations rely on open source to innovate, reduce development costs, and speed time to market. In this evolving market, important questions remain about open source management, security, policies and procedures, and governance.
The Future of Open Source Survey includes input from new players, established leaders, and influencers across vertical markets and communities. This range of respondents drives broad industry awareness and discussions of key issues.
Please join these industry influencers as they review the top level results from the survey, and bring your questions.
Jeffrey Hammond - Forrester Research @jhammond
Paul Santinelli - North Bridge @paulsantinelli
Bill Ledingham - Black Duck Software @bill_ledingham
Jay Jay Billings - Oak Ridge National Laboratory @jayjaybillings
Follow the conversation on Twitter, using the hashtag #FutureOSS
The first quarter of 2016 was a big one for new open source security vulnerabilities. The Glibc vulnerability was by far the biggest. It impacts nearly 900K of the 1 million different open source projects. In this webinar, we’ll dive into Glibc and the Q1 data to help you:
- Understand latest trends in open source security threats and what it means to your organization in 2016
- Simple steps to quickly find and protect yourself from newly reported threats
- Prepare your organization to respond to new vulnerabilities in open source projects
2015 saw continued growth for open source software across many dimensions, a trend expected to continue in this coming year and a range of interesting developments that we reviewed in the last webinar.
In this webinar, the panelists will discuss:
- Open source and application security
- Community-centered compliance as reflected in OpenChain and SPDX
- The explosion of company involvement in collaborative projects
- The direction of the VMware case and other topics we anticipate being hot this year
Register now to join Black Duck, Mark Radcliffe and Karen Copenhaver on to discuss the hot topics generating buzz in the year to come.
Join us for the very first in a series of highly interactive webinars to learn why managing open source vulnerabilities has become the top concern of many corporations today. Having survived a few high-profile vulnerabilities such as Heartbleed, Shellshock, and Ghost, the need to more proactively manage the open source software used to build your own applications has become paramount. In this webinar, our experts will demonstrate how you can leverage your existing investment in Black Duck Protex and Code Center and quickly get visibility and control of these types of security risks by using our next-generation platform – The Black Duck Hub. After a fast-paced demonstration, we’ll leave plenty of time for you to ask our experts questions. We’ll also provide you with a preview of the next webinar in the series which will showcase brand new policy management capabilities in the Black Duck Hub.
You Will Learn How To:
-Identify open source security vulnerabilities in minutes with your Protex BOM and the new Black Duck Hub
-Address high profile vulnerabilities more quickly using Black Duck Hub notifications
-Track remediation of open source vulnerabilities in your projects
Enterprise class open source software can help to dramatically cut costs, lower deployment and vendor risk and enable innovation to solve real problems. Compared with alternative choices, Sun's investment in product development combined with broad community support results in the best vendor to provide global support and services for open source software.Read more >