Upload
black-duck-software
View
156
Download
0
Embed Size (px)
Citation preview
Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com
Future of Open Source Survey 2016COMPLIANCE SPOTLIGHT
said there is no formal policy for selecting & approving open source code
of respondents who have policies don’t enforce them
or allow them to be bypassed
have no list of approved open source licenses
never evaluate their code quality
30%of respondents aren’t very successful at complying with associated licenses
OVER
NEARLY
NEARLY
NEARLY
50%
50%
are not successfully providing information about licenses, security issues & software versions
NEARLY
60%
60%
90%
Compliance is Erratic
Code Reviews Are Rare
Existing Policies Rarely Enforced
Future of Open Source 2016 collaborators: Abilian, Acquia, Ant Systems, Appnovation, Appsembler, Ardent Technologies, Inc., Bareos GmbH & Co. KG, Black Duck Software, Capital One, Chamilo, Chef, CloudFoundry Corp, Confer, Coolan, Couchbase, Credativ, DEIS/Engineyard, Eclipse Foundation, EnterpriseDB, Evolveum, Grid Protection Alliance, Hewlett Packard, InfoSys, JFrog, Linux Foundation, Linux Professional Institute, MARSEC, Microsoft, MassTLC, Miracl, nexB, NGINX, North Bridge, Open Source Business (OSB) Alliance, Open Source EHR Alliance, Open Source Initiative (OSI), OpenClinic, Open-Xchange, Opmantek, OpusVL, Pentaho, Ravel Law, Red Hat, Rift-io, SDH Institute, Tecnisys, The Apache Software Foundation, The Document Foundation, Ubuntu, Univention, VoltDB, Wikibon, WIPRO and WP Engine. *platinum collaborators are in bold
Growing Opportunity for Policies & Procedures