New Year's Greetings from all of us at Palamida!

2007 was certainly a busy year for open source. From the release of the GPLv3 to the slew of Busybox lawsuits , open source enjoyed mainstream coverage like never before. The elevated profile propelled it from the online developer communities to daily posts in popular tech blogs. Almost overnight legal, business and security folks that normally didn't know, or weren't involved with how much open source they were using became concerned with its affect on their organizations. That said, the biggest trend we saw last year was awareness.

A few years ago, before it hit the big time, open source hardly ever made the list of software applications destined for the corporate network. In spite of the oversight, it was found in abundance throughout the development environment. So much so that in the 2006 report "Open Source in Global Software: Market Impact." IDC Research found that it was being used by 71% of worldwide developers and was in production at 54% of their companies. IDC called open source the most significant, all-encompassing and long-term trend that the software industry had seen since the early 1980's.

Today, open source can be found beyond the operating system, making its way up and down the stack. A few examples include:

Mulesource for integration software
Intalio for Business Process Management (BPM)
Pentaho for Business Intelligence (BI)
Groundwork Open Source for network management
MedSphere for healthcare IT

In an oft cited 2007 report, Gartner Research said that by this year, 95% of Global 2000 organizations will have formal open-source acquisition management strategies in place to address the challenges and opportunities of OSS. This hasn't, but it is evident that open source is not just a development tool any longer, it's a critical business enabler that, without proper management and use policies, can introduce significant legal and security risks.

In the spirit of forward thinking, Mark Tolliver, Palamida's CEO, contributed his view on the year to come for the recent OSA announcement on Top CEO Predictions:

"Watch for consolidation among open source organizations as a way to strengthen offerings and development efforts as well as acquisitions of open source market leaders by large commercial vendors who have a desire to expand their market reach and revenue stream."

As for the GPLv3, we expect adoption to continue at a steady and relaxed pace and continues to track it on our GPLv3 license site. 2008 will also see GPLv3 license concerns make it to the top of the priority for those in the embedded market, which include the telecom and electronics industries, among others. Many devices shipping today contain Digital Rights Management (DRM) software. Items such as handsets are a prime example. In the GPLv2, the provisions of the license prohibit redistribution of the code without making the source code publicly available. GPLv3 contains anti-DRM provisions that make its use in embedded products prohibitive. You can read more about the GPLv3 Year in Review here.

Following the awareness we saw in 2007, we believe that this will be the year of software risk management. Open source security and risk mitigation will be on the minds of various teams, intersecting in areas such as legal, security, IT, compliance and software development. As Mark explains, "Historically, organizations have taken a passive approach to managing their code base contents - they rarely had a complete view of it and would not investigate until legal action, (usually connected to IP issues), forced them to do so. With the explosion in the use of open source software, organizations today need to actively manage their use carefully, avoiding both IP issues as well as vulnerabilities."

"In 2007, malware attached to undocumented code was responsible for major security breaches such as TD Ameritrade to the United States Pentagon," Mark adds, Organizations must implement risk management processes that deal with security issues at their origin - inside the code base."

Mark's recent keynote at the 3rd Department of Defense Open Conference further highlights the importance of open source integrity and security and the wide-reaching issues the government is addressing in its continued support of open source adoption.

To sum it up, there is a lot of activity on the horizon and we're thrilled to be so perfectly positioned to address it.

--Melisa LaBancz Bleasdale