Proactive Open Source Lifecycle Management – Customer Case Webinar

Mend to host a free webinar with Stanley Healthcare Vice President of R&D on June 19, 2013 at 11:00 AM EDT.

Mend, the leading provider of Proactive Open Source Lifecycle Management solutions announces open registration for a free webinar June 19th, titled “Proactive Open Source License Management – Without the Pain.”

Traditional approaches to management and compliance with open source licenses range from manual documentation to using code scanners.

Both approaches are flawed.

When developers manually research open source components, they are very likely to miss some of the underlying components. A typical open source project may contain tens of underlying dependencies. Recent Mend study shows that 91% of open source contains dependencies, and in 64% of the cases the dependencies have licenses that are different from the root project. Thus, missing dependencies means missing licenses, and will result in incompliance. Furthermore, researching licenses is a very laborious process, often resulting in substantial loss of development time.

Using a scanner is, on the surface, automatic. However, as most companies found it results in very substantial work. With the number of open source libraries quickly growing, an open source scanner will always find many “potential” but false matches between the legitimate proprietary code and some code that was written by an open source developer. It is not uncommon to identify thousands of such “false matches”, which developers have to rule out one by one – definitely laborious.

Even more importantly, scanning is usually done at specific points in time: just before release of a new version, in preparation to a major OEM, or as part of M&A due diligence process. The problem is that if the company finds a rogue open source at that time, it has to go through a very difficult, sometimes impossible, and always expensive and risky, procedure of removing and replacing the rogue open source.

There is a new and modern alternative. A proactive lifecycle management approach, where open source is detected automatically when it is first added by a developer. Detection “at the door” prevents unpleasant surprises later. Using this approach implemented in Mend, companies can automatically identify all relevant licenses, risks, and compliance requirements, down to the last dependency, saving all that time from developers (not to mention potential errors). Software developers are notified when a component is patched to fix a security vulnerability or major bug. And most importantly, they will never be stuck with an open source they need to replace at the worst timing, just before a major deal or an important release.

Mend is conducting a free webinar, where Mr. Baruch Yoeli, VP of R&D at Stanley Healthcare will describe how they rolled out Mend’s proactive open source license management program. Mr. Yoeli will contrast the new approach with the post-hoc scanner-based approach they have used prior to adopting Mend.

Mr. Rami Sass, Mend Co-Founder and CEO, will demonstrate how commercial software developers can keep track of open source components, their licenses, risks, and requirements, and do so in an affordable fashion and without burdening developers.

The free session will cover:

• How to detect and, if necessary, filter out open source components the minute they are being used for the first time by developers.
• How to easily map existing open source inventory, down to the hundreds of dependencies and their license requirements.
• How to keep open source components up to date at all times and avoid security risks and other major bugs.
• How to comply with legal open source policies during the development process.