An exposition on open source risk and a strategy to mitigate it. If the Log4J issues kept you up at night, if the Elasticsearch license change caused you headaches, if lack of response from open source projects is driving you to frustration, then this is the talk for you. We will discuss the prevalence of open source in closed source projects, a timeline of identified open source risks, and a proposal to reduce risk. This talk extends the concepts of the Cathedral and the Bazaar introduced by Eric S. Raymond to include the Coffeehouse as a place for cross project open source support. Attendees should come away with concepts and ideas that can be implemented within their own companies to reduce their risk exposure.
Claude Warren is a Senior Software Engineer with over 30 years experience. He is currently employed by Aiven in Best, Netherlands where, as a member of the Open Source Program Office. He works on the Apache Cassandra project, and supports other projects. He is a Committer and Project Management Committee member on the Apache Jena project, has contributed to other Apache projects such as commons-collections, commons-codec, and RAT. He has presented papers at several conferences and has several papers published both in the popular IT press and in refereed journals. He is a founding member of the Denver Mad Scientists Club and winner of the original Critter Crunch competition.