The Lawyer's Guide to a Comprehensive Open Source Compliance Program

Presented by

Kate Downing, Law Offices of Kate Downing

About this talk

Note: This is the replay of a webinar that originally aired on Nov. 16, 2022. Today, nearly every company that builds applications uses open-source software — and the majority of organizations use significant amounts of it. Although the explosive growth of open source has yielded numerous benefits (including cost savings and faster time to market), it's also led to increased scrutiny of OSS license compliance (e.g. the ongoing matter of SFC v. Vizio). As a result, organizations without comprehensive compliance programs may face exposure to the legal, reputational, and financial risks that can come with non-compliance. But while the license compliance field is still evolving, there are certain proven processes, tools, and workflows that can help organizations successfully manage compliance-related risk. Join IP attorney Kate Downing, a leading expert in open-source license compliance, to uncover the key ingredients of a comprehensive, effective, and efficient compliance program. Kate will offer practical guidance on areas like: -Implementing license/legal review processes that don't create a bottleneck for engineering -Creating attribution files for distributed products -Preparing source code files (for compliance with copyleft licenses) -Leveraging code scanning software -Bringing these tools and processes together into a scalable, efficient, and effective program
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (60)
Subscribers (6391)
Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for vulnerability management, license compliance, and code quality across the open source stack. With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.