User:Guillaume Rousseau/sandbox

ANTELINK

Antelink is a French software company located in the heart of Paris at Place de la République. It is a private company that was founded in 2009 by open source advocates from INRIA. Their products and services help manage the integration of Open Source software throughout the development cycle to determine security risks through vulnerabilities, license information, or software upgrades.

Antelink houses the largest Knowledgebase of open source projects within its Antepedia Suite. The Knowledge Base is comprised of data received from Sourceforge, Maven Central, Google Code, Apache, Debian, Eclipse, Github, and CPAN. The continuous updating of the Knowledge Base by the repositories allow Antelink to provide the most accurate license information, code version, code origination, and security vulnerabilities in Open Source Software. Antelink uses this information throughout the lifecycle of software production to help eliminate potential risks resulting out of misuse, or unknown use of open source software licenses.

The use of Open Source is expanding at an exponential rate, and it is do to the “continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team.” Although the benefits of open source use are clear, the challenge comes when a software license’s rules of use are not abided, or when specific security vulnerabilities are not retrieved. As recent as 2010, the US Federal Circuit Court finalized proceedings in Jacobsen v. Katzer, where the ruled on whether to consider “the ability of a copyright holder to dedicate certain work to free public use and yet enforce an ‘open source’ copyright license to control distribution and modification of that work.” The two parties agreed to settle in the amount of $100,000 for the Plantiff (Reasonable Costs and Attorney fees for enforcement separate). “Now that the threat of being sued for improper use of open-source code has been unleashed, a market is developing for automated tools that detect the presence of open-source within larger application development environments.” In addition, Brian Prentice, research vice president of emerging trends and technologies at Gartner, highlighted that while legal issues are a factor in OSS, it does not mean they are not a consideration in proprietary software. "The number of different open source licenses is certainly a factor to consider in an open source governance strategy," Prentice said in an e-mail. But, he added, any software use should involve a careful analysis of contract terms and conditions.

This evidence justifies the emergence of software lifecycle companies (i.e. Antelink), who manage the potential licensing and security risks from integrating open source software. The companies provide a thorough examination of software products that may include open source and thus limit the risk of litigation and financial assessments.

Products
Antepedia is the home of the tools: Reporter, Developer, and Notifier. They are the keys to what help companies manage the software lifecycle for Open Source Software compliance and vulnerability risks.