Skip to main content
Category

security

Webinar: Complexities of Open Source in Automotive

By community, licensing, News, security, Webinar

During our recent OpenChain Automotive Event we had some excellent talks. One that we decided to pull out of the main recording and release solo is ‘Complexities of Open Source in Automotive’ by Russ Eling. This type of high level overview is an excellent starting point for people in complex manufacturing industries that want to use our open source standards for licensing and security.

About Russ and OSS Consultants

OSS Consultants is an official OpenChain Partner with decades of experience. Russ at OSS Consultants has offered his time to speak with anyone that has questions about managing use of open source – even if it is as simple as how to get started on your open source journey. Simply send an email to info@ossconsultants.com to schedule a time.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #54, released on 2023-07-04.

Webinar: OpenSCA

By automation, community, licensing, News, security, Webinar

This webinar highlights a new open source tool for open source compliance and security that originates in China. This tool was created by a company called XMIRROR. The open source CLI offers SPDX support, so is immediate interest to tooling communities around the world, particularly from the perspective of integration with open source tooling frontend solutions.

Check Out The Recording

Check Out The Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #53, released on 2023-06-29.

Webinar: An Overview of SPDX 3.0

By automation, community, licensing, News, security, standards, Webinar

This webinar features Alexios Zavras, Chief Open Source Compliance Officer at Intel Corporation and a long-term friend and collaborator around the OpenChain Project. This time the topic was SPDX 3.0, a significant generational update to SPDX, a sister standard to OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974.

SPDX is a Software Bill of Materials (SBOM) specification, so it operates one layer down from the fundamental processes outlined by OpenChain’s standards, and it provides an excellent way to meet our requirements for an SBOM to be used by companies. The second generation of SPDX has been an ISO/IEC standard for two years as ISO/IEC 5962. The third generation shows interesting promise as a way to manage license compliance, security and more.

Watch The Webinar

Check Out The Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #50, released on 2023-04-31.

Webinar: Security Today

By community, Featured, News, security, Webinar

This webinar provided a snapshot of developments around open source and security topics, an increasingly important part of open source governance and management. While not intended to cover all the issues seen, it was designed to give a strategic overview to interested parties.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #38, released on 2022-03-11.

Webinar: Securing the Development & Supply Chain of Open Source Software

By community, Featured, News, security, Webinar

This webinar explored the topic of how security can be addressed in the context of open source development and deployment. While critical to the long-term management of open source, it has been a historically under-developed area of resource allocation.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #28, released on 2021-08-03.

Webinar: Linux License Clean-Up Disorder Dispelled + ISO 5230 in the Context of Security

By community, Featured, legal, licensing, News, security, standards, Webinar

This webinar unpacked the complexity and solutions for addressing licensing across a large code-base like the Linux Kernel, and it explained how ISO 5230 has been applied to the security domain by some parties in the supply chain.

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #22, released on 2021-04-21.

Webinar: Open Source Issues Remediation + Community Bridge and SPDX Online Tools + CII Best Practices

By automation, Featured, legal, licensing, News, security, standards, Webinar

In our biggest webinar to date, Jari Koivisto talked about Open Source Issues Remediation, Gary O’Neall talked about Community Bridge and SPDX Online Tools and David Wheeler talked about CII Best Practices (the project equivalent of the OpenChain standard). Check out the full recording and the slides below.

Check Out All The Slides

Check Out The Rest Of Our Webinars

This is OpenChain Webinar #11, released on 2020-09-11.