Bill Weinberg helps Fortune 1000 clients create sound approaches to enable, build, and deploy software for intelligent devices, enterprise data centers, and cloud infrastructure. Working with FOSS since 1997, Bill also boasts more than thirty years of experience in embedded and open systems, telecommunications, and enterprise software. As a founding team-member at MontaVista Software, Bill pioneered Linux as leading platform for intelligent and mobile devices. During his tenure as Senior Analyst at OSDL (today, the Linux Foundation), Bill ran Carrier Grade and Mobile Linux initiatives and worked closely with foundation members, analyst firms, and the press. As General Manager of the Linux Phone Standards Forum, he worked tireless to establish standards for mobile telephony middleware. Bill is also a prolific author and busy speaker on topics spanning global FOSS adoption to real-time computing, IoT, legacy migration, licensing, standardization, telecoms infrastructure, and mobile applications. Learn more at http://www.linuxpundit.com/.
OSS Hygiene – Mitigating Security Risks from Development, Integration, Distribution and Deployment of Open Source Software
Across the landscape of IT, Open Source Software (OSS) is pervasive and ubiquitous. From the cloud and web to data centers; from the desktop to mobile devices; and across a range of embedded and IoT applications, OSS comands an ever-increasing, dominant share of the system software stack and provides equally substantial swathes of enabling application middleware, applications themselves, and tooling. While rapid adoption of OSS demonstrably offers a range of advantages, the community development model presents developers, integrators and deployers with a set of accompanying challenges related to security, operational, and legal risk. Historically, foremost among these concerns stood license compliance and IP protection; however, with recent highly publicized threats to OSS, security has joined these concerns and today dominates the OSS adoption conversation. This presentation will explore the role of and requirements for secure development of and deployment with OSS.