Mr. Baruch Yoeli, VP of R&D at Stanley Healthcare will contrast the new approach with the post-hoc scanner-based approach they have used prior to adopting White Source.
New York, NY (PRWEB) June 04, 2013
White Source, the leading provider of Proactive Open Source Lifecycle Management solutions announces open registration for a free webinar June 19th, titled "Proactive Open Source License Management – Without the Pain."
Traditional approaches to management and compliance with open source licenses range from manual documentation to using code scanners.
Both approaches are flawed.
When developers manually research open source components, they are very likely to miss some of the underlying components. A typical open source project may contain tens of underlying dependencies. Recent White Source study shows that 91% of open source contains dependencies, and in 64% of the cases the dependencies have licenses that are different from the root project. Thus, missing dependencies means missing licenses, and will result in incompliance. Furthermore, researching licenses is a very laborious process, often resulting in substantial loss of development time.
Using a scanner is, on the surface, automatic. However, as most companies found it results in very substantial work. With the number of open source libraries quickly growing, an open source scanner will always find many “potential” but false matches between the legitimate proprietary code and some code that was written by an open source developer. It is not uncommon to identify thousands of such “false matches”, which developers have to rule out one by one – definitely laborious.
Even more importantly, scanning is usually done at specific points in time: just before release of a new version, in preparation to a major OEM, or as part of M&A due diligence process. The problem is that if the company finds a rogue open source at that time, it has to go through a very difficult, sometimes impossible, and always expensive and risky, procedure of removing and replacing the rogue open source.
There is a new and modern alternative. A proactive lifecycle management approach, where open source is detected automatically when it is first added by a developer. Detection “at the door” prevents unpleasant surprises later. Using this approach implemented in White Source, companies can automatically identify all relevant licenses, risks, and compliance requirements, down to the last dependency, saving all that time from developers (not to mention potential errors). Software developers are notified when a component is patched to fix a security vulnerability or major bug. And most importantly, they will never be stuck with an open source they need to replace at the worst timing, just before a major deal or an important release.
White Source is conducting a free webinar, where Mr. Baruch Yoeli, VP of R&D at Stanley Healthcare will describe how they rolled out White Source’s proactive open source license management program. Mr. Yoeli will contrast the new approach with the post-hoc scanner-based approach they have used prior to adopting White Source.
Mr. Rami Sass, White Source Co-Founder and CEO, will demonstrate how commercial software developers can keep track of open source components, their licenses, risks, and requirements, and do so in an affordable fashion and without burdening developers.
The free session will cover:
- How to detect and, if necessary, filter out open source components the minute they are being used for the first time by developers.
- How to easily map existing open source inventory, down to the hundreds of dependencies and their license requirements.
- How to keep open source components up to date at all times and avoid security risks and other major bugs.
- How to comply with legal open source policies during the development process.
To pre-register for the event, please visit webinar registration page
White Source provides a comprehensive, yet simple to use, and very affordable solution for companies that need to manage their open source assets and ensure license compliance and control. White Source automates the business processes necessary to adopt, manage, and update open source components. White Source reduces the burden currently placed on rank-and-file developers, while providing decision makers with the tools to understand the legal, business, and technical risks of specific open source libraries, and to comply with their licensing requirements. White Source integrates seamlessly and can automatically enforce organizational open source policy with leading development tools such as Apache Maven and Ant, Jenkins, JetBrains TeamCity, Red Hat OpenShift, JFrog Artifactory and Atlassian Bamboo.
About White Source
White Source is the leading provider of modern Open Source Lifecycle Management solutions. Our cloud based service is comprehensive, yet easy to use, and very affordable; enabling companies of all sizes to fully realize the advantages of open source software, while mitigating the legal, business and technical risks, and without over-burdening developers. White Source features a dynamic repository of information about open source libraries and their licenses. Our service makes it easy to implement best-practice business processes for open source adoption, usage, updates, and ongoing compliance. For more information, visit http://www.whitesourcesoftware.com/.