March 12-14, 2019 - Half Moon Bay, CA
Click Here For Information
Back To Schedule
Wednesday, March 13 • 4:00pm - 4:30pm
SPDX: Bridging the Compliance Tooling Gap - Gary O’Neall, CEO, Source Auditor & Steve Winslow, Director of Strategic Programs, The Linux Foundation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Any organization which utilizes open source software needs to comply with the open source license terms and the specific security policies of their industry.  To satisfy the basic requirement of knowing the specific open source packages included in the software, several tools have been produced which create or manage a software “Bill of Materials”.  The Software Package Data Exchange (SPDX) defines a standard format for a Bill of Materials which can facilitate harmonious integration of multiple tools.

This talk will discuss the current state of SPDX, the compliance tooling landscape, and work underway to better facilitate compliance tool interoperability.

avatar for Gary O’Neall

Gary O’Neall

CEO, Source Auditor Inc.
Source Auditor was co-founded by Gary O’Neall, where he also serves as the Chief Technology Officer and as a Principal Consultant.  He has served for over 20 years in a wide variety of technology management roles in F500 companies like HP and Motorola, and in smaller startups like... Read More →
avatar for Steve Winslow

Steve Winslow

VP of Compliance & Legal, The Linux Foundation
Steve Winslow is Vice President of Compliance and Legal at The Linux Foundation. He runs The Linux Foundation’s license scanning and analysis support program, advising projects about licenses identified in their source code and dependencies. Steve is also involved with projects... Read More →

Wednesday March 13, 2019 4:00pm - 4:30pm PDT
Salon 1