[SGVLUG] Reminder: SGVLUG Meeting 5/11. Topic: Lawyers vs Developers, The Fight Over FOSS in the Enterprise

Lan Dang via SGVLUG sgvlug at sgvlug.net
Fri May 5 01:56:56 PDT 2017 

Hi all,



Reminder that we have an SGVLUG meeting next Thursday.  I need a volunteer to emcee and do Linux in the News as Jess is unavailable.



This month, we'll be at OpenX.  Rami will be reprising the talk he gave at SCaLE on Open Source in enterprise.  Please forward this to anyone who you think will be interested.


You know the drill.  Please RSVP on Meetup or with me, so I can populate the sign-in sheet.  And if you're new to OpenX, please check out the Meetup for parking directions.


https://www.meetup.com/SGVTech/events/239471274/



---
TIME: Thursday, March 11th, from 7pm to 9pm
LOCATION: OpenX Technologies, 888 E Walnut St, Pasadena, CA 91101
TOPIC: 
Lawyers vs Developers, The Fight Over FOSS in the Enterprise

SPEAKER: Rami Al-Ghanmi 


TOPIC:

Enterprises have learned that Open Source is the way to develop great and mature software. Leveraging open source tools and packages allows the enterprise to go to market faster and have stronger applications. Therefore, using Open Source tools is a no brainer for developers. The lawyers on the other hand don’t see it the same way.

The speaker had the privilege of working with the Open Source approval and review process in a large security firm. In this UpSCaLE talk, he will share lessons learned from this process and some best practices that developers should do to make the Enterprise Lawyers happy as much as the developers are.

Each organization that uses Open Source software – even in an unedited form – has a list of FOSS licenses that are acceptable and some that are not. Also, has strict requirements on how to handle the software and how to incorporate it in the distribution of the company’s products. In this UpSCaLE talk, we go through some of the lessons learned and pitfalls that some Open Source packages have, such as:

1. Not inserting a copyright clause in project code or homepage

2. Asking the user to alter the code in order to change the license from GPL to MIT, for example

3. Using dependencies that could be outdated or have CVE’s against it

Not providing enough information to build the code from scratch



BIO:
Rami Al-Ghanmi is a Principal Software Engineer at Symantec Corporation.  He

is the DevOps technical lead for Endpoint Protection Cloud products at Symantec Corporation where he works on building, deploying and managing security infrastructure and services on OpenStack and AWS-based platforms. Also, he is an outspoken advocate of Open Source Software, tools and practices within Symantec. The technology stack that Rami works with every day includes: Docker, Kubernetes, OpenShift and automation tools on AWS. 
Lan

More information about the SGVLUG mailing list