Gary O’Neall of Source Auditor talked about how the new SPDX Services Profile proposal structures information. This profile is likely to have an important on business process management, as it covers topics far beyond open source compliance, with one example being fields for topics like Export Control. Gary’s deep background as a core contributor to the SPDX Project allowed him to contextualize this discussion from a historical perspective.
The OpenChain Project ran a series of webinars about using open source tools for open source compliance ran between September and December 2021. They have been re-published in the main webinar series to improve discoverability. This webinar explores how SPDX ISO/IEC 5962 works as a Software Bill of Materials (SBOM) in the supply chain through existing open source tooling for open source compliance.
Get the Slides
More About Our Webinars:
This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #66, released on 2024-02-01. It was originally published as “Automation Case Study #5 – SBOMs in a Virtual Supply Chain” on 2021-11-24.
This webinar features Alexios Zavras, Chief Open Source Compliance Officer at Intel Corporation and a long-term friend and collaborator around the OpenChain Project. This time the topic was SPDX 3.0, a significant generational update to SPDX, a sister standard to OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974.
SPDX is a Software Bill of Materials (SBOM) specification, so it operates one layer down from the fundamental processes outlined by OpenChain’s standards, and it provides an excellent way to meet our requirements for an SBOM to be used by companies. The second generation of SPDX has been an ISO/IEC standard for two years as ISO/IEC 5962. The third generation shows interesting promise as a way to manage license compliance, security and more.
Watch The Webinar
Check Out The Slides
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #50, released on 2023-04-31.
Webinar: Challenges and Opportunities for SCA Vendors in China + Quantifying Open Source Risk in M&A
This webinar explores how SCA and tooling vendors in China are addressing the local market, and how open source risk can be managed around M&A.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #42, released on 2022-06-14.
This webinar was a simple overview of how companies can begin to engage with the OpenChain Project, the standard for open source license compliance it maintains, and use the reference material it provides.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #32, released on 2021-11-03.
This webinar focused on real-world usage of ISO 5230 and the practical issue of how open source governance can be addressed in high-pressure, low-resource environments like humanitarian deployments.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #29, released on 2021-08-26.
This webinar covered the concept of preparing for adoption of ISO 5230 via readiness assessments. This approach can provide a company with a structured way of allocating resources to improve their open source management.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #27, released on 2021-07-27.
This webinar covered a lot of ground with open hardware, new open source automation from Korea and methods of using SPDX with the Yocto Project. It provided a solid way to “take the pulse” of a certain moment in open source governance.
Plus…
The LG Electronics video on FOSSLight
The full LG Electronics presentation
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #26, released on 2021-07-07.
In this webinar we had two great talks and a very active Q&A. First we had Dr. Till Jaeger from JBB Rechtsanwälte on ‘How to bring an ancient development project into compliance best practices.’ This was followed by Nicole Pappler from AlektoMetis ‘OpenChain ISO 5230 and Software Quality Management.’ Check out the full recording below.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #25, released on 2021-06-23.
This webinar explored how ISO 5230, the International Standard for open source license compliance, is being used by Venture Capital firms to assess the quality of corporate governance they encounter.
Check Out The Rest Of Our Webinars
This is OpenChain Webinar #23, released on 2021-05-21.
