https://ospo.co2023-10-24T17:31:38.981360+00:00OSPOCO provides a full-service Open Source Program Office (OSPO) scaled exactly to your needs.2023-10-24T17:31:38.981360+00:002023-10-24T17:31:38.981360+00:00VanLhttps://ospo.co/blog/when-not-to-open-source-your-code/

You might think that we would always be in favor of open sourcing code from inside your organization. But sometimes releasing code under an open source license can end up causing more harm than good.

2023-09-01T22:10:32.879437+00:002023-09-01T22:17:07.966613+00:00VanLhttps://ospo.co/blog/ai-is-an-opportunity-for-your-ospo/

Every OSPO we are working with is being asked to help with AI issues. A well-functioning OSPO already has the cross-disciplinary legal and technical resources to understand and advise on AI issues. As an open source leader in your company, though, AI is a big opportunity to move from being reactive to proactive, from a compliance focus to a [strategic](https://ospo.co/blog/creating-differentiated-value-when-using-open-source/) focus.

2023-08-18T14:19:09.566409+00:002023-08-18T14:44:36.847469+00:00VanLhttps://ospo.co/blog/a-strategy-for-building-successful-open-source-projects/

One question that frequently comes up with our clients is how to have a "successful" open source project. The answer, of course, depends on your goals and what "success" means to you.

2023-08-11T21:23:00.158362+00:002023-08-11T21:28:12.260131+00:00VanLhttps://ospo.co/blog/llama-2-and-open-source/

Meta recently released the [LLaMA 2 language model.](https://ai.meta.com/llama/) In several places [they said it was "open source."](https://www.linkedin.com/posts/yann-lecun_this-is-huge-llama-v2-is-open-source-with-activity-7087104028718903296-Qy_u/_) It's not. But it has a [fairly permissive commercial license](https://github.com/facebookresearch/llama/blob/main/LICENSE) that is driving a lot of interest, including among OSPOs.

2023-07-18T23:18:34.406000+00:002023-07-18T23:18:34.406000+00:00VanLhttps://ospo.co/blog/on-the-ground-ai-legal-issues/

It seems everyone is scrambling to understand what to do about AI. Based on our work with our clients, here are the emerging issues and best practices.

2023-07-14T20:32:41.332000+00:002023-07-14T20:32:41.332000+00:00VanLhttps://ospo.co/blog/maturing-as-an-open-source-organization/

If you have been around open source for a while, you might have heard of an "Open Source Maturity Model." An open source maturity model is not about how developed a particular open source project is - it is about how well your organization deals with open source.

2023-06-29T22:04:09.965000+00:002023-06-29T22:04:09.965000+00:00VanLhttps://ospo.co/blog/whats-the-difference-between-openjdk-and-java/

One common question we get at OSPOCO is about Java and the OpenJDK. Are they the same thing? What licenses apply? Understanding the difference can save you [thousands of dollars if Oracle comes knocking.](https://ospo.co/blog/ospo-tip-audit-your-use-of-java/) The takeaway: you need to not only understand that you are *using* Java, you need to understand where your developers are *downloading* Java.

2023-06-19T17:09:59.388000+00:002023-06-19T17:09:59.388000+00:00VanLhttps://ospo.co/blog/practice-tip-licenses-dependencies-and-notice-files/

When you ship a program that uses open source code, you need to make sure that 1) your licensing is compliant, and that 2) you provide the necessary attribution, licensing, and (possibly) source code for the open source components you use. But many people are confused about how far back their disclosures need to go. Do you need to declare every dependency, including dependencies of dependencies? What do you need to share?

2023-06-13T17:35:54.967000+00:002023-06-13T17:35:54.967000+00:00VanLhttps://ospo.co/blog/updated-requirements-for-government-contracts/

Some time ago [we wrote about](https://ospo.co/blog/the-risk-of-poor-open-source-practices-is-increasing-part-2/) the [President's Executive Order on Improving the Nation's Cybersecurity](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/) and its requirement to declare what open source code is used in your products. Now we have a timeline for when it is going to start to affect suppliers.

2023-06-01T17:03:35.297000+00:002023-06-01T17:03:35.297000+00:00VanLhttps://ospo.co/blog/understanding-the-legal-context-of-ai/

Every one of our clients has been asking for help on AI issues. We can't reason about AI correctly without understanding how these tools work. Accordingly, I want to bring my latest publication to your attention: [Building and Using Generative Models Under US Copyright Law](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4464001) (18 Rutgers Bus. L.R. No. 2, 2023).

2023-05-23T17:12:19.274000+00:002023-05-23T17:12:19.274000+00:00VanLhttps://ospo.co/blog/your-ospo-toolkit-cicd/

We have previously written about the importance of [scanning](https://ospo.co/blog/your-ospo-toolkit-scanning/) for compliance. This has become even more important with the introduction of AI-assisted code generation tools like Github Copilot. The next step is making your scanning effective by integrating with your Continuous Integration / Continuous Delivery (CI/CD) system.

2023-05-16T23:03:04.545000+00:002023-05-16T23:03:04.545000+00:00VanLhttps://ospo.co/blog/ai-is-the-next-trend-in-open-source/

A few weeks ago we wrote about how [Open Source is coming for AI.](https://ospo.co/blog/open-source-is-coming-for-ai/) At that time we didn't realize how quickly our predictions would start to be realized. In a [new leaked document](https://www.semianalysis.com/p/google-we-have-no-moat-and-neither) from inside Google, one of their AI team highlighted open source innovation as the primary competition for Google, OpenAI, and other large incumbent firms.

2023-05-10T22:48:21.234000+00:002023-05-10T22:48:21.234000+00:00VanLhttps://ospo.co/blog/thinking-about-project-health/

Some of the most valuable work that OSPOs do involves open source project health. It could be that your organization wants to make its sponsored projects successful, or you could be proactively trying to understand and manage your open source supply chain risk. Either way, understanding community health is an under-appreciated part of a successful open source program.

2023-05-01T09:00:35.612000+00:002023-05-01T09:00:35.612000+00:00VanLhttps://ospo.co/blog/have-an-open-by-default-policy/

One of the things that can make compliance more difficult is trying to track which open source components have which obligations. Some require general attribution, some require source code, and everything in between. But keeping track of all the differences isn't necessary if your organization has an "open by default" policy.

2023-04-18T21:02:47.859000+00:002023-04-18T21:02:47.859000+00:00VanLhttps://ospo.co/blog/open-source-is-coming-for-ai/

AI is the new hot topic for open source program offices. We [previously discussed](https://ospo.co/blog/model-licensing-for-ai-open-or-not/) licensing for AI models, and how many models are restricted to non-commercial use. But open source is coming for AI. Thankfully, the lessons learned managing open source apply to managing AI as well.

2023-04-13T21:31:07.037000+00:002023-04-13T21:31:07.037000+00:00VanLhttps://ospo.co/blog/modern-reverse-engineering/

One of the time-honored traditions of open source is reverse engineering - working out how another person accomplished a goal and replicating it. Reverse engineering is an important tool in your toolbox and has been growing in importance. But it always involves some legal risk. So how do you make reverse engineering as effective as possible while managing the risk?

2023-04-03T17:30:42.839000+00:002023-04-03T17:30:42.839000+00:00VanLhttps://ospo.co/blog/verify-your-compliance-systems/

There is a common saying among people that manage storage backups: If you don't test your backup, you probably don't have one. The same logic applies to automated systems designed to help you with open source.

2023-03-27T14:04:20.764000+00:002023-03-27T14:04:20.764000+00:00VanLhttps://ospo.co/blog/be-careful-with-openais-terms-of-use/

The biggest name in AI right now is OpenAI. With its wildly popular ChatGPT, GPT-3 and GPT-4, and Codex products, OpenAI has most of the buzz. But before you use any of its tools, make sure you are read OpenAI's terms of use.

2023-03-21T19:53:51.757000+00:002023-03-21T19:53:51.757000+00:00VanLhttps://ospo.co/blog/model-licensing-for-ai-open-or-not/

One hot topic that keeps coming up with our clients is how to deal with AI models and their associated licenses. Many ML model licenses are inspired by open source licenses, so OSPOs are being brought in for their expertise. Today's topic is how to think about licensing out your *own* models and datasets if you want to encourage collaboration, but possibly preserve competitive advantage.

2023-03-13T15:45:35.448000+00:002023-03-13T15:45:35.448000+00:00VanLhttps://ospo.co/blog/ospo-tip-audit-your-use-of-java/

Software licenses can unexpectedly change from version to version. The latest to change is Java, and Oracle is asking for companies to pay up.

2023-03-07T03:18:28.825000+00:002023-03-07T03:18:28.825000+00:00VanLhttps://ospo.co/blog/understanding-the-strategies-behind-open-source-companies-part-2/

Most open source companies can be categorized into five main business models. In [part one](https://ospo.co/blog/understanding-the-strategies-behind-open-source-companies-part-1/) we reviewed the *Ketchup Model* and the *Dual License Model.* In this part, we review the *Proprietary Crust Model,* the *Infrastructure Model,* and the *Adjacency Model.*

2023-02-20T17:30:49.603000+00:002023-02-20T17:30:49.603000+00:00VanLhttps://ospo.co/blog/understanding-the-strategies-behind-open-source-companies-part-1/

Many companies have embraced open source to make money and create value. From these efforts, five main business models have emerged for successful open source companies.

2023-02-08T23:19:17.243000+00:002023-02-08T23:19:17.243000+00:00VanLhttps://ospo.co/blog/ospoco-joins-forces-with-the-openchain-project/

OSPOCO is now an [official partner of the OpenChain Project](https://www.openchainproject.org/partners). As an official partner, OSPOCO is able to help companies toward OpenChain ISO/IEC 5230 compliance and can act as a third-party certifier for organizations that need audits.

2023-02-07T18:23:01.042000+00:002023-02-07T18:23:01.042000+00:00VanLhttps://ospo.co/blog/how-should-ospos-think-about-ai-assisted-code-right-now/

A few months ago we [talked about GitHub CoPilot](https://ospo.co/blog/github-copilot-and-open-source/) and the controversy it created in the open source community. Since then a [lawsuit](https://githubcopilotlitigation.com/) has been filed against Microsoft, GitHub, and OpenAI (creators of the underlying technology). OSPOs are increasingly being asked whether AI-assisted code is safe to use. The answer, of course, is an unsatisfying *maybe.*

2023-02-04T14:23:42.605000+00:002023-02-04T14:23:42.605000+00:00VanLhttps://ospo.co/blog/open-source-and-ospos-in-a-recession/

Companies tend to increase their use of open source in a recession. Paradoxically, they also tend to cut their open source program personnel. It is more important than ever to tie the work your OSPO does to the financial health of your organization.

2023-01-23T19:27:32.117000+00:002023-01-23T19:27:32.117000+00:00VanLhttps://ospo.co/blog/finding-whats-missing-in-your-security-processes-using-openchains-security-assurance-standard/

One of the keys to success as an OSPO is balance: making sure that you have done *enough,* but do not have so many procedures and processes that they become counterproductive. But how do you know what is "enough"? One way is to use the OpenChain standards as a guide. This article focuses on the recent [OpenChain Security Assurance Standard.](https://ospo.co/documents/12/openchain-security-specification-1.1.pdf)

2023-01-16T15:42:53.577000+00:002023-01-16T15:42:53.577000+00:00VanLhttps://ospo.co/case-studies/open-source-security-at-the-magma-project/

Providing good security procedures and management is one of the things that OSPOs can do to show value. Hands-on security management requires solid technical capability, but no Ph.D.s in cryptography are needed to make a huge difference. Many open source security issues require just as much community engagement as they do technical acumen, and that sits right in the sweet spot of what open source program offices do.

2023-01-12T02:30:17.338000+00:002023-01-12T02:30:17.338000+00:00VanLhttps://ospo.co/blog/your-ospo-toolkit-dependabot/

One of the big drivers for investment in open source tooling is security. We want to introduce you to [Dependabot](https://github.com/dependabot) - a tool you should probably be using to help you keep your open source components up to date.

2022-12-20T18:00:08.618000+00:002022-12-20T18:00:08.618000+00:00VanLhttps://ospo.co/blog/questions-and-answers-about-the-agpl/

The AGPL (short for the "[Affero General Public License, version 3](https://opensource.org/licenses/AGPL-3.0)") is a [free](https://www.gnu.org/philosophy/free-sw.html) and [open source](https://opensource.org/docs/osd) software license designed to promote cooperative development of software that is used in a client-server or peer-to-peer context. It is an increasingly common license for server-side software and it is notoriously tricky to comply with.

2022-12-12T16:19:49.331000+00:002022-12-12T16:19:49.331000+00:00VanLhttps://ospo.co/blog/some-administrative-best-practices-for-working-with-open-source/

Your use of open source is an ongoing process, not a one-time event. Therefore, open source management should be fit into the business processes of your organization, with a focus on simplifying long-term compliance. A few tips can help you be more effective.

2022-12-06T20:01:57.841000+00:002022-12-06T20:01:57.841000+00:00VanLhttps://ospo.co/blog/your-ospo-toolkit-openchain/

One of the first tools that we bring when working with OSPOs is the [OpenChain 2.1 / ISO/IEC 5230 standard](https://ospo.co/documents/11/OpenChain_2.1.pdf). OpenChain is an international standard for open source programs, helping companies create compliant processes. But what does OpenChain mean for your OSPO?

2022-11-28T23:07:31.126000+00:002022-11-28T23:07:31.126000+00:00VanLhttps://ospo.co/blog/the-2022-state-of-open-source-report/

Each year the Open Source Initiative sponsors a survey about open source usage across multiple industries. The 2022 report provides a good way to compare your use of open source with many industry peers. We took a look at the [report](https://ospo.co/documents/9/ebook-openlogic-the-2022-state-of-open-source-report.pdf) to provide a few highlights.

2022-11-21T20:55:54.958000+00:002022-11-21T20:55:54.958000+00:00VanLhttps://ospo.co/blog/creating-differentiated-value-when-using-open-source/

One of the most common questions for businesses is how to create differentiation when building on or using open source code. The answer is that these days, your business differentiators usually aren't your code. It is all the things *around* your code that usually lead people to buy your products.

2022-11-14T23:31:42.911000+00:002022-11-14T23:31:42.911000+00:00VanLhttps://ospo.co/blog/your-ospo-toolkit-scanning/

The core administrative function of an Open Source Program Office is making sure you know what open source software your organization is using. Every other function relies on this basic knowledge. If you don't know what software you are using, you can't comply with the licenses, you can't respond to security issues, and you can't engage with the larger community. So how do you get that information? In a word, scanning.

2022-11-07T23:56:10.729000+00:002022-11-07T23:56:10.729000+00:00VanLhttps://ospo.co/blog/crafting-your-open-source-contribution-policy/

One of the first tasks for any OSPO is creating an open source policy. It's the charter for your open source program. It should express your company's take on the big questions: Why does your organization engage with open source? What are your goals? Who is allowed to engage with open source? The answers may be different for each organization, but there are two key concepts that will help you create the most effective policy for your organization.

2022-10-29T01:42:41.867000+00:002022-10-29T01:42:41.867000+00:00VanLhttps://ospo.co/case-studies/building-an-upstream-focused-ospo-at-g-research/

G-Research wanted to invest in its open source supply chain, but traditional engagement didn't quite fit. Instead they built what they call a "muscular OSPO" with a deep investment in advancing upstream projects. Alex Scammon, head of G-Research's OSPO, talked to us about it.

2022-10-24T18:45:54.794000+00:002022-10-24T18:45:54.794000+00:00VanLhttps://ospo.co/blog/github-copilot-and-open-source/

It was a big week for [Github CoPilot](https://github.com/features/copilot) last week. There were [new allegations of copyright infringement of open sourced code](https://twitter.com/DocSparse/status/1581461734665367554) and an [announced lawsuit](https://githubcopilotinvestigation.com/). So how should you think about CoPilot and other machine learning tools trained on open source code?

2022-10-17T23:06:13.761000+00:002022-10-17T23:06:13.761000+00:00VanLhttps://ospo.co/blog/the-risk-of-poor-open-source-practices-is-increasing-part-3/

You may remember the 2017 [Equifax data breach](https://en.wikipedia.org/wiki/2017_Equifax_data_breach). The records of more than 160 million people were exposed, making it one of the largest cybercrimes related to identity theft. Among various other penalties, Equifax was required to pay out $300 million to a fund for victim compensation, $175 million to the states and territories in the agreement, and $100 million to the CFPB in fines. The cause of the data breach? Not updating an open source component on Equifax's website.

2022-10-10T17:35:59.762000+00:002022-10-10T17:35:59.762000+00:00VanLhttps://ospo.co/blog/the-risk-of-poor-open-source-practices-is-increasing-part-2/

Last year, the Biden administration issued the [Executive Order on Improving the Nation's Cybersecurity](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/). What most open source personnel don't realize - yet - is that one of the results of the Executive Order will be a contract requirement to manage open source risks as a mandatory contract term for anyone supplying the Federal Government.

2022-10-03T21:35:08.562000+00:002022-10-03T21:35:08.562000+00:00VanLhttps://ospo.co/blog/the-risk-of-poor-open-source-practices-is-increasing-part-1/

So much of what we do in OSPOs is about trying to get things right. We usually focus on the positive sides of engaging with open source: lower costs, greater control, faster time-to-market, and higher developer satisfaction. But that doesn't mean that we also don't keep an eye on open source risks. A number of independent events have all converged to markedly increase the legal risk of poor open source practices.

2022-04-13T20:20:53.010000+00:002022-04-13T20:20:53.010000+00:00TODO Grouphttps://ospo.co/case-studies/comcast-focusing-on-the-business-needs/

[Comcast's](http://corporate.comcast.com/) involvement in open source was a gradual process that evolved over time. The company eventually created two open source program offices, one for the NBC business and another for the cable side of the business, which is the subject of this profile.

2022-02-20T01:38:42.596000+00:002022-02-20T01:38:42.596000+00:00TODO Grouphttps://ospo.co/blog/building-leadership-in-an-open-source-community/

This guide explains how organizations can build leadership and influence within the open source projects they’re involved in and on which they are commercially dependent. Learn about leadership culture and roles within a project, how decisions are made, how an organization can build leadership, and tips for being a good leader in open source communities.

2022-02-18T16:28:58.108000+00:002022-02-18T16:28:58.108000+00:00TODO Grouphttps://ospo.co/blog/improve-your-open-source-development-impact/

Open source development requires a different approach to software engineering than many organizations are accustomed to. It becomes easier if you have a clear plan to follow. Fortunately, many companies and individuals have already forged a path to success by contributing to significant open source projects in strategic ways. This practical guide will help you and your company improve your internal development process and prepare you to contribute to the open source projects that matter most to your company.

2022-02-18T16:32:23.840000+00:002022-02-18T16:32:23.840000+00:00TODO Grouphttps://ospo.co/blog/measuring-your-open-source-programs-success/

Open source program managers must demonstrate the ROI of their efforts. This guide provides an overview of some of the standard ways that organizations evaluate their open source programs, projects, and contributions. Learn what to measure, how to define success, and how to best use this information to advance your open source program objectives, demonstrate effectiveness, and gain support.

2022-02-20T01:30:37.693000+00:002022-02-20T01:30:37.693000+00:00TODO Grouphttps://ospo.co/blog/creating-an-open-source-program-office-ospo/

So what is an open source program office (or "OSPO")? It is the hub of an open source program. The OSPO is a designated place where open source is supported, nurtured, shared, explained, and grown inside a company. With such an office in place, businesses can establish and execute on their open source strategies in clear terms, giving their leaders, developers, marketers, and other staff the tools they need to make open source a success within their operations.

2022-02-20T01:35:36.490000+00:002022-02-20T01:35:36.490000+00:00TODO Grouphttps://ospo.co/blog/participating-in-open-source-communities/

This guide covers what it means to contribute to open source as an organization and how to become a good corporate citizen. Learn how open source projects are structured, how to contribute, why it’s important to devote internal developer resources to participation, and why it’s important to create a strategy for open source participation and management.

2022-05-13T20:05:25.308000+00:002022-05-13T20:05:25.308000+00:00TODO Grouphttps://ospo.co/case-studies/growing-the-open-source-footprint-at-ni-national-instruments/

NI (formerly National Instruments) has responded to the industry's shift toward open source by growing its open source footprint. This case study describes some successes and lessons learned in a growing open source program.

2022-05-13T20:42:53.934000+00:002022-05-13T20:42:53.934000+00:00TODO Grouphttps://ospo.co/case-studies/establishing-an-open-source-program-office-at-sap/

SAP’s climb to higher visibility is a sign of its continued commitment to excellence in open source. Peter Giese, director of SAP’s Open Source Program Office and Michael Picht, chief development architect, contributed this case study.

2022-05-13T20:07:46.894000+00:002022-05-13T20:07:46.894000+00:00TODO Grouphttps://ospo.co/case-studies/driving-dropboxs-open-source-program/

Dropbox was started and built on a foundation of open source code. But Dropbox did not always have a formal Open Source Program. This case study discusses the development of the open source function at Dropbox.

2022-05-13T20:23:10.618000+00:002022-05-13T20:23:10.618000+00:00TODO Grouphttps://ospo.co/case-studies/capital-one-open-source-in-a-regulated-environment/

When you about how banks work, open source might not be at the top of your mind. But more and more companies—including those in the financial sector—have learned that open source software is often more reliable and secure than closed source.

2022-05-13T20:38:09.235000+00:002022-05-13T20:38:09.235000+00:00TODO Grouphttps://ospo.co/case-studies/managing-an-open-source-company-red-hat/

As the largest open source company in the world, Red Hat is all-in on open source. This case study describes some of the lessons learned over two decades of working in the open source community.

2022-05-13T20:35:06.406000+00:002022-05-13T20:35:06.406000+00:00TODO Grouphttps://ospo.co/case-studies/helping-salesforce-succeed-the-open-source-program-office/

Salesforce is well-known in the enterprise for its Software-as-a-Service offering. Many people don't know that open source is a key part of what keeps Salesforce innovating.

2022-05-13T20:31:31.760000+00:002022-05-13T20:31:31.760000+00:00TODO Grouphttps://ospo.co/case-studies/open-source-and-innersource-at-autodesk/

Autodesk is a traditional software company that has also embraced open source, as shown by its large and increasing presence on Github (at [https://autodesk.github.io/]([https://autodesk.github.io/])). In this case study, Guy Martin (@guyma) talks about developing the open source program.

2022-05-13T20:41:02.248000+00:002022-05-13T20:41:02.248000+00:00TODO Grouphttps://ospo.co/case-studies/open-source-at-verizon-media/

This open source office case study comes from Verizon Media (formerly Oath). Through its predecessor companies, Verizon Media has a long history with open source.

2022-05-13T20:45:11.862000+00:002022-05-13T20:45:11.862000+00:00TODO Grouphttps://ospo.co/case-studies/open-source-program-case-studies-uber/

Uber is one of the best-known disruptors in the digital age. Its business model famously separated transportation services from the traditional underlying infrastructure with an app-based model offering on-demand and multimodal options. In many ways, this transformation, and Uber itself, also mirror the creative and collaborative aspects of the open source community.

2022-05-13T19:55:05.090000+00:002022-05-13T19:55:05.090000+00:00TODO Grouphttps://ospo.co/case-studies/microsoft-embracing-the-new-world-of-open-source/

It may be surprising to some that Microsoft is now one of the biggest contributors to open source. But that evolution was the result of deliberate work - and a thoughtful open source program.

2022-05-13T20:02:50.322000+00:002022-05-13T20:02:50.322000+00:00TODO Grouphttps://ospo.co/case-studies/open-source-at-facebook-core-to-our-engineering-dna/

"Open source is core to our engineering DNA. We believe that sharing our code and even hardware designs accelerates the pace of innovation in the world." Christine Abernathy, Open Source Developer Advocate at Facebook, features in this case study of the well-known tech giant.

2022-05-13T19:57:28.208000+00:002022-05-13T19:57:28.208000+00:00TODO Grouphttps://ospo.co/case-studies/open-source-at-sandisk/

Our next open source office case study comes from SanDisk, the maker of computer storage equipment. Open source is a key part of SanDisk's entire production pipeline.

2022-05-13T19:24:25.079000+00:002022-05-13T19:24:25.079000+00:00TODO Grouphttps://ospo.co/case-studies/github-at-the-center-of-open-source/

From the very beginning, GitHub has been about open source. Scratching the itch of better code collaboration turned into a company built on and for open source; from the philosophies that founded the company, to the servers running the infrastructure, to the languages and libraries we use to build applications, to the millions of public repositories hosted on them. Even our business model - based on the premise that you shouldn't have to pay if you share - encourages open source.

2022-05-13T19:49:39.233000+00:002022-05-13T19:49:39.233000+00:00TODO Grouphttps://ospo.co/case-studies/twitter-why-we-run-an-open-source-program/

This case study features Chris Aniszczyk (@cra) who established the Open Source Program Office at Twitter and is now the Executive Director of the Cloud Native Computing Foundation.

2022-05-13T19:45:36.353000+00:002022-05-13T19:45:36.353000+00:00TODO Grouphttps://ospo.co/case-studies/creating-an-open-source-program-office-at-box/

We're excited about what we've been able to accomplish and we look forward to seeing the projects emerging from other businesses in situations similar to ours. Being a part of the open source community is a rewarding experience and is totally achievable by companies working in enterprise capacities.

2022-05-13T19:42:27.740000+00:002022-05-13T19:42:27.740000+00:00TODO Grouphttps://ospo.co/case-studies/why-we-run-an-open-source-program-at-yahoo/

Yahoo had an early OSPO and was initial member of the TODO Group. This case study was provided by Gil Yehuda (@gyehuda), who is in charge of open source at Yahoo!. "You will find that open source participation is essential to long term tech health."

2022-05-13T19:22:05.163000+00:002022-05-13T19:22:05.163000+00:00TODO Grouphttps://ospo.co/case-studies/why-we-run-an-open-source-program-at-walmart-labs/

"It takes time and resources to build a great open source team, so you shouldn't take it on lightly, but .. in this day and age I don't know if you could build out a matrix and conclude 'we can afford not to'."