As mentioned in our webinar on the practices of Open Source Software (OSS) usage in software development organizations, we discovered that most organizations (74%) want to manage their open source usage but fail to do so in an effective way.
We can see that these efforts are largely ineffective, resulting in unnecessary risk, too much work and undue hidden costs with the main outcome of this being that most companies’ usage is completely out of control, for they severely undermanage their open source usage.
New technologies such as WhiteSource make it easy to continuously track open source usage, and automatically enforce licensing and security policies. WhiteSource plugs into the build server and becomes a native part of the software development lifecycle without burdening developers. Newly adopted open source modules are discovered as soon as they are added by developers. Their licenses (and those of all of their dependencies) are automatically compared to the company licensing policies, initiating the appropriate approve/reject workflow if necessary. WhiteSource continues to track each open source in use, and will proactively notify each project manager in case of new vulnerabilities or patches.