By now you've probably seen HP's FOSSology announcement. It's an initiative that they say will, "facilitate the study of Free and Open Source Software by providing free data analysis tools". It's a welcome addition to the open source world, and is evidence of the growth of a robust ecosystem of tools and information. Open source is how software is done today.

We have a professional services group within Palamida who last year viewed hundreds of millions of lines of code in applications across multiple industries. It was rare for us to find an application that was not made up of at least 50% open source. That's an amazing change.

Any organization today that is not fully engaged with the open source world, both as a consumer and as a contributor, is falling behind. As we've said for some time, any change of this magnitude has implications. In this case it's to make sure there is a framework of policy, education and compliance that makes the use of open source both easy and safe. That idea was the genesis of Palamida and is at the nexus of our continued evolution into open source security. It's also why there will always be room for more and better tools and information to help customers answer questions such as: what open source code are we using, where we using it, how much do we have, what security vulnerabilities are associated with it, and what are our rights for using it?

HP is a terrific company, and will no doubt do good work with their FOSSology initiative. In kind, we will continue our contributions to the open source community, with ideas that will add momentum to the use of open source software, our GPLv3 site and our new vulnerability reporting solution are a few important examples. The net is that development teams will have a spectrum of tools, information, and services to make their use of open source increasingly productive, and at the end of the day, that benefits all of us.

--Mark Tolliver