Menu

M2M FEATURE NEWS

The Internet of (Open Source Software) Things

By Carl Ford April 14, 2015

I had a great conversation with Bill Weinberg Senior Director, Open Source at Black Duck Software about the issues associated with enterprise deployments these days.

Let’s face facts. The world we live in is amazing in terms of the amount of resources we have available to us: framework repositories, association libraries, GitHub, etc. The world has no shortage of shared code.

However, shared code is not always tested code.

I remember one Birds of a Feather [BoF] session we ran about the general release of a product that had a great feature in the beta that everyone was excited about, but it turned out nobody had actually tested yet. Gaffs like that can lead to some opportunities for system crackers and ill will in the community.

When I got my NSA penetration testing certification, I was impressed with the collaborative effort to test penetration in an open source environment. I felt like I was riding with the “white hats,” trying to thwart malware.

I still think that way, but I recognize that companies have a lot of complex code and often the hole you plug today leads to another you find tomorrow. So when Bill was speaking to me about the value that Black Duck brings in verifying open source software and testing code for vulnerabilities, I understood the need.

Too often, security and quality assurance are the forgotten step children of software development. Using tools like Black Duck reduces risk and accomplishes the task of compliance verification. In many industries, the ability to show these results removes a lot of liability. The Black Duck software also tests code efficiency. Since coders inadvertently can leave test stubs and other lines of code that may represent a route for reset or injection into software, having Black Duck’s analysis is a good strategy, particularly if you use it as part of your regular testing.

As we move to an agile, sprinting world, having something focused on the big picture is a great way to reduce problems with the details.




Edited by Ken Briodagh

Partner, Crossfire Media

SHARE THIS ARTICLE
Related Articles

Telit Provides Cat M1 IoT Module for NTT Smart Cities Trial

By: Ken Briodagh    6/15/2018

In a recent release, Telit announced that its ME910C1-J1 is being used in a Smart City field trial by NTT DoCoMo in Fujisawa.

Read More

The Blockchain GDPR Puzzle: An Expert Weighs In

By: Cynthia S. Artin    6/11/2018

Akshay Sharma, Principal Analyst for the boutique advisory firm neXt-Curve, shared strong views in a note published last month on the potential to inv…

Read More

Summer Boot Camp: Gateway to Enterprise IOT?

By: Cynthia S. Artin    6/5/2018

June is a beautiful month to be in Canada, and at the LoRa Alliance All Members Meeting and Open House, Senet and Laird will be hosting a boot camp of…

Read More

Curvature is Curving IT Lifecycle Services for Data Centers

By: Chrissie Cluney    6/5/2018

Curvature is the world's largest provider of third-party maintenance and multi-vendor network and data center IT lifecycle services.

Read More

eleven-x Launches LoRaWAN Solutions for Smart City and Enterprise IoT

By: Ken Briodagh    5/31/2018

eleven-x has launched a new platform designed to enable easy and secure wireless LoRaWAN connectivity for currently deployed but unconnected Smart Cit…

Read More