Top Posts from 2016: From Open Source Licenses to OSRookies

Top Posts from 2016: From Open Source Licenses to OSRookies

I've been fortunate to spend the last year working at Black Duck on many projects with many talented people - from our interns to our engineering and product management teams. It's been an amazing learning experience, one I wouldn't trade for the world. Part of my role here is to manage our blog, so I keep a close eye on which posts provide the most value to our visitors.

I thought it might be helpful to take a quick look back at our top posts from last year, and reflect on why they did well. Below are my takeaways - please share your opinions as well. 

Are SaaS Companies Immune to Open Source Risk

Phil Odence wrote this excellent post examining four risks SaaS companies are exposed to when they use open source. I think this post did well because open source is a growing component of software - including software as a service. It's very appropriate to consider the legal, security, operational and strategic risks that may come up so you can respond appropriately.

Sneak Peak into the Black Duck Hub Plugin Eclipse

Our product management team spends a lot of time thinking about how to make Black Duck Hub work best with the developers using it. Utsav Sanghani lays out how to implement and configure our Eclipse plugin for Hub in this post. Why did it do well? Because people are interested in Eclipse and how to use the plugin to manage open source software. 

Who's Afraid of GPL3

This guest post by Heather Meeker, Technology Transactions Partner at O'Melveny and Myers LLP, examining GPL version 3, is still providing valuable information after nearly four years. We have a long history of compiling open source licenses and licensing information at Black Duck, and clearly this topic is still a compelling one for lawyers and developers alike as they seek to distribute their code responsibly without risking intellectual property.  GPL3 is one of the top open source licenses, applying to 8.1% of projects today.

It's Time to Select 2016 Open Source Rookies

Last year I had no idea what Open Source Rookies referred to, but I found it both extremely fun and interesting to work on the project and with the winners of the Rookies last year. When Patrick Carey, our Director of Product Marketing, wrote this post encouraging folks to get their projects into OpenHub, I thought it would gather a lot of attention, because it's such a fantastic way to shine some light on the excellent open source projects that got started last year. I can't wait to see emerging trends and new projects when we complete our selection process this year.

Top Open Source Tools for Big Data

Another oldy but goody, Doug Levin (Founder of Black Duck), shared the top open source tools for big data. Big data continues to be important, and predictive analytics feature strongly in most companies. It's great to know that there are open source tools for big data, and this breakdown  into data stores, development platforms, development tools, and integration, analytics and reporting tools is very helpful. I'm working on getting an update to reflect new players in this area.

6 Open Source DevOps Tools You Can't Do Without

Another great guest post about open source tools is from Andy Cureton, Partner and Founder at Forest Technologies. Again, I think people really find list of tools very helpful, and DevOps is a really key aspect of agile development. When you think about continuous integration and the key players on this list, it's no wonder people found this post interesting: Jenkins, Ansible, Docker, Nagios, Artifactory and Selenium all offer a lot to DevOps.

Rocket.Chat: Enabling Privately Hosted Chat Services

One of my favorite Open Source Rookies projects: Rocket.Chat! We had a few livechat related Rookies for 2015, and I have to say that besides the functionality, I really loved their story. I think it really resonated with people because they gave so much information about their project and how they built it. The level of detail Gabriel Engel (founder at Rocket.Chat) shared was fantastic and gave a lot of ideas to people looking to start their own open source projects. 

OWASP Top 10: Application Security Risks

When we saw that OWASP was requesting contributions to update their top 10, we thought it was a great time encourage our readers to think about the open web application security project (aka OWASP). I asked our intern, Noah Blier, if he could do some research and provide an overview of the existing list. He did a fantastic job putting together high-level information to help people understand the project. We work with OWASP on webinars and attend events with them because application security is important to us. Traffic to this post shows us that you agree!

I've been thinking a lot about all the posts we wrote over the last year, and how to get better, more interesting posts out there for you to read this year. Subscribe and let me know how you think it's going in 2017!

Subscribe to the Black Duck Blog

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Could Open Sourcing  Adobe Flash Preserve Internet History?

| Aug 7, 2017

  Anyone who has spent time on the internet over the last quarter of a century has probably seen Adobe Flash in one iteration or another, and has likely spent quite a bit of time updating it in light of newly discovered security vulnerabilities. There have been over 1,000 vulnerabilities in the

| MORE >

Q&A on Risk-Ranking Open Source Vulnerabilities

| Aug 3, 2017

Earlier this year VP of Security Strategy Mike Pittenger presented a webinar on risk-ranking open source vulnerabilities, and how that process can increase security effectiveness while maintaining developers' agility. As developers continue their rapid adoption of both containers and Continuous

| MORE >

NotPetya Strikes, Patching Is Vital for Risk Management

| Jun 30, 2017

News about NotPetya is rebounding around the world this week as malware experts quickly determined that the resemblence to Petya is superficial. The consensus is now that NotPetya is a wiper, designed to inflict permanent damage, not ransomware as initially reported. Following closely on the heels

| MORE >