Loading…
Attending this event?
19 September 2024
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for SOSS Community Day Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central Europe Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

The schedule is subject to change.
← Back to schedule
OSS Dependency Health: Towards Maturity and Sustainability Risk Assessment Model - Georg Link & Miguel Ángel Fernández Sánchez, Bitergia; Ana Jiménez Santamaría, Linux Foundation; Wietse Braam, ING BANK
Thursday September 19, 2024 12:10 - 12:30 CEST
Room 3.29-3.30
Organizations depend heavily on OSS libraries. Existing tools assess license compliance and code vulnerabilities in the short term, but there is a gap in tools to monitor long-term health and sustainability of OSS libraries. Enterprises especially face challenges in assessing these risks for large-scale deployments. In this panel, using Kubernetes as the sample, we show how the Risk Model we built together with ING can evaluate the health and sustainability of open source dependencies. This model is informed by the CHAOSS project (community health) and is complementary to the OpenSSF Scorecard. It goes beyond traditional SBOM analysis to assess ongoing maintenance activity. Attendees learn how this Risk Model can help ensure the health and sustainability of open source deployments. We will discuss varying security needs from the perspective of OSPOs who facilitate open source understanding and security assessments across business units. The attendees can ask questions directly to the Data Scientists that built the Risk Model on top of the open source CHAOSS GrimoireLab software.
Speakers
avatar for Wietse Braam

Wietse Braam

IT Area Lead, ING Bank
Senior manager coming from a developer background. Currently responsible for the team that develops the global CI/CD solution for ING.
avatar for Miguel Ángel Fernández

Miguel Ángel Fernández

Data Analyst and Consultant, Bitergia
Data Scientist passionate about the open-source ecosystem & CHAOSS Contributor
avatar for Georg Link

Georg Link

Director of Sales, Bitergia
Georg’s mission is to make open source more professional by using community metrics and analytics. Georg cofounded the CHAOSS Project to advance analytics and metrics for open source project health. Georg is an active contributor to several projects and has often presents on open... Read More →
avatar for Ana Jiminéz Santamaria

Ana Jiminéz Santamaria

Project Manager, Linux Foundation
Ana is the Project Manager at the Linux foundation TODO Group collaborative project, whose aim is to create and share knowledge on open source management and operations best practices. Formerly she worked at Bitergia, a Software Development Analytics firm, and she has finished her... Read More →
Thursday September 19, 2024 12:10 - 12:30 CEST
Room 3.29-3.30
  Panel Sessions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link