Federal government entities have traditionally been reluctant to allow the inclusion of open source components in their systems due to concerns about quality, reliability, and security. As the momentum for open source continues to grow in mainstream development, the federal government has slowly adopted policies to make use of open source permissible in government projects, but actually doing so is still met with a lot of resistance and roadblocks.
Thomas Scanlon offers an overview of relevant policies that allow for use of open source in federal government projects, delivers tips on getting open source use approved and dealing with bureaucratic hurdles such as RMF and APLs, introduces resources for developing with open source in government settings, and shares a real-world case study from the Department of Homeland Security, where an enterprise-level open source solution was successfully selected and implemented rather than commercial alternatives.
Join in to learn the foundational groundwork needed to successfully advocate for use of open source in government projects and then, upon approval, successfully implement and deliver government solutions with open source.
Thomas P. Scanlon is a senior cybersecurity researcher in the CERT Division of the Software Engineering Institute at Carnegie Mellon University. He specializes in applied research topics related to cybersecurity and software engineering such as secure architecture and design, integrating software assurance (SWA) into the full SDLC, cybersecurity evaluations of systems, security automation and RMF, and regularly performs sponsored work in these disciplines at both the classified and unclassified levels for constituents including the Department of Defense, the Department of Homeland Security, the Defense Cyber Crime Center (DC3), the Joint Federated Assurance Center (JFAC), the US Air Force, the US Army, the US Navy, and other government entities. Previously, he spent 10-plus years in IT leadership roles at Fortune 500 companies. He holds a doctoral degree in information systems.
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org