The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for the event to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to find out more information.
This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Microsoft's Open Source Programs Office (OSPO) has been building tools and resources to increase visibility of risk according to a set of metrics (Rubrics) in our open source dependencies.
Like many things open source, the path to resolving risk through investment, is a 'learn by doing' exercise. Simply saying 'this project needs funds' isn't helpful to decision makers. What *is*helpful is being able to describe risk, who shares that risk, and what type of investment is most likely to have impact (and ways of tracking that investment over time).
In this talk, I'll share with you our new learn by doing 'investing in open source dependencies framework' to help those advocating for funding, build business cases to advocate strategically for those outcomes. I'll also share a couple of case studies to show how it might work in your company.
We’re learning here too, and look forward to expanding some of the ways we can experiment together and empower every employee to advocate for the need that they see in their dependencies to ultimately contribute to a more secure healthy ecosystem.
