 Thank you so much. Hi, everyone. Well, Chris, I'm a tech and I will be the money readers for today's panel. And before starting, I would like to first do some introductions. I have to stand with me to send can you go ahead and answer a bit of yourself a little bit of yourself. Thank you. Good morning. Good afternoon. Good evening to everyone's here. Suzanne and Ambiol went from VMware. I'm the director of open source marketing and strategy, and I work with our Ospo to help develop the organizational muscle around open source. I'm happy to be here. Thank you. Yes. Hi, everybody. My name is Sheila Syaby and I work in the open source program office at Comcast. I've been in the Ospo for about five years and with the company for 11, and I reside in Silver Spring, Maryland. Happy to be here and nice to see everyone. Thank you so much. Nick. Yeah. Thanks, Anna. My name is Nick Peters. I'm leading the open source office at Porsche, basically being the head of open source office at Porsche. And thanks for having me. Thank you so much. Alisa. Hi, everyone. I am Alisa Wright. I am helping the open source program office in Bloomberg. I'm based in New York City and it's a pleasure to be here with you all tonight. Tonight, this morning. Hi, everyone. Chris Anisic. I have the, you know, fun job of being currently the CTO of the cloud native computing foundation and help run developer relations at the Linux foundation. I've been involved in Ospo's for probably, you know, a little over, you know, 15 years now help run the Ospo Twitter back in the day help co-found the to do group, which is the home of kind of people that share Ospo best practices and amongst other things really glad to be here and help moderate this panel with with everyone. And, well, I'm Anna program manager at to the group. Also, I've been involved in Ospo's and my previous role, most in metrics at the church. So what development and I did the analytics film and now at to the group, helping organizations with open source and all this education and best practices and help people to work on common to lean in in that great community. So saying that I'm going to start sharing my screen to serve with you the agenda of today. So. Okay. All right. So this is going to be the agenda of today, as you can see, it's a set of questions that we will be asking for all this, all the panelists for today. But before with that, we would like to give a short introductions of what Ospo's are because they might be people here that are just starting to learn this concept for the first time, and also serve the sort of story of to the group. And we will go through all these questions. And once all these questions are answered. That will be your turn, we will leave some Q&A space for people to actually ask to all the season at Ospo's. Everything you would like to ask about an Ospo and how an Ospo is created, and the specific issues you might have, and you might face. Let's start with the first introduction. That is what actually an Ospo is so simply as think about an Ospo as the centralized place where all the open source efforts are happening within our organization. So when you are thinking about how to implement policies and processes and and certainly go compliance and how to host, how to host open source projects, how to contribute upstream to open source projects. All the different activities that are so diverse across the organization and all these open source efforts are in a single place. And they put a strategy on top of that to have aligned goals. And this can usually helps to accelerate these open source adoption. Chris, do you want to go to the next slide. You clicked it so you're clicking. Go ahead. Did I, I think I click. Oh, got it. Sorry. See it now. Okay. Yeah, no, you know, you know, Ospo's have, you know, been around for, I think, you know, 30 years, you know, as a way for organizations to tackle, you know, open source consumption and production. And, you know, what kind of historically started out as kind of a, you know, technical, you know, tech company, internet company thing has basically brought into all different industries from, you know, financial to automotive to academic and so on because people are seeing the value of, you know, taking advantage of open source software to improve innovation within, you know, organizations and the duty group has been at the forefront of kind of helping bring these ideas to to organizations. You know, we've done a lot of research in the organization from kind of how Ospo's form and develop. It tends to be very different for companies, you know, it truly depends on what type of you know what the company is doing with open source software just simply consumers some people actually ship code on phones devices cars and so on so you're going to have kind of different, you know, attitudes but generally what you know happens is for in the beginning, almost everyone is using open source software they may not even know about it, but they're using it for sure. Most products these days, ship it. A lot of people don't have full awareness, you know, within the two to group we've kind of put together, you know, this research and kind of stages of how companies can evolve through their, you know, you know, Ospo journey. You know, like I said, generally, you know default status quo is starting with adoption. A lot of people after that focus on essentially open source inventory, ensuring legal compliance, educating developers within the organization of how to properly consume and produce open source software based on company policies. After that generally the next stage is, you know, essentially, educating for the further use of open source within the organization also participating in upstream, you know, communities out there to ensure that they have the ability to influence open source projects for their, you know, benefits. After that, you know, there's a little bit more essentially deeper engagement companies start to produce code and share projects maybe on their own get up organization or get lab organizations, and then finally, you know, kind of the final stages. You know, companies are, you know, full blown leaders, you know, either starting open source foundations movement technologies that truly shapes the industry and so this is kind of a model that we've kind of come up, you know, for for people to kind of think about their journey in an organization. Yeah, and as Chris was saying, like us both have been evolving is not just several companies now it's everywhere in every industry. And we see like us both are becoming a more complex term. And for instance we have in an also we might find different roles. Some of the roles might be focused on security on licensing others in community engagement, others in project management and governance. We also have different responsibilities, depending on the hospital. We might maybe collaborate with open source organizations develop and execute an open source strategy implement in our source practices to then move to open source that is another one, give advice and open source, run retain open source or selling inside the organization and so on. So as you can see everything is really diverse, and it's something that we cannot put together in a single place and say yeah this is an hospital. Yeah, so that is why to the group is is for its organization, open community of practitioners and organizations that aims to create and certain knowledge and create collaborate on best practices and tools to create effective open source program offices adapted to different needs, depending on the industry depending on the region and so on. And we've been here for a long time, but now we, it's formed by more than 1600 community participants and more than 70 general members. You can see that it was funded long time ago, but we have been evolving a lot. And just also search started to in case you would like to learn more about to the group and join the community. There are our communication channels we will serve the slides in the chat soon. And some interesting resources, you might like to take a look. We have networking and communication network in the spaces communication channels, also spaces for contributors to help us. So I'm going to guide some white papers on studies. So, the door is open and feel free to jump. Okay, so I'm going to come back to these agenda that we have. I'm going to stop, I'm going to stop serving because I think it's better because people can actually see our faces. But just to let you know that now we will move to the to the questions that I serve in the initial slide. All right, so. So the first question, it's a common one. How does an organization start it's, it's hospital journey. So who would like to start and break the ice. Okay. Sure, thank you. So I can tell you a little bit about the Comcast Ospo and how our journey started. I think I mentioned earlier that I've been with Comcast for a little over a decade so open source actually predates my time with the company. So we started our Ospo in 2017 and we went on a hunt to figure out if we could find when open source started popping up here at Comcast. After interviewing a lot of folks across the company who had been here much longer than we had. We actually were able to trace it back to 2006, where we knew we were consuming open source. And that is where an open source advisory council was formed and I see this happen across other companies to where they don't necessarily have an Ospo but they have dedicated folks who spend a certain amount of time on open source. For us that was in 2012 and that included our legal team, several engineers across Comcast, representing security networking architecture. So today that actual that open source advisory council still exists, and members of the open source program office are now running it. So our our Ospo actually opened in 2017 and we've been around for roughly five years. And we started with just the contribution guidelines that were in place by the open source advisory council and we started working our way up from there. Cool. So does anyone would like to start their experience on the journey. So I'll jump in there. Thanks for telling your story Sheila that's very interesting Comcast journey is similar to to my story I've been at VMware for 12 years, doing a variety of roles, but I started working in open source about six years and six years ago is when our former CEO Pat Gelsinger declared that he he wanted VMware to be among the best in open source, and he made a strategic choice to invest in that because it was important to not only our customers, but also to the company as well. And so with that declaration, there was a focused effort and intent and a strategy to develop an Ospo. And that's when Dr. Condeau joined the company he's now moved on to another role in the industry, but that's where the sort of the nexus and the process started around doing open source with strategic intent, rather than opportunistic Lee and I think, I think that's where an Ospo can really help an organization. Most organizations today are consuming and using open source somewhere. They just don't know it. And they may be doing it accidentally, or incidentally, and as soon as you pivot towards. Oh, this is a strategy. This is part of our supply chain. This is the third leg in our it strategy by software you build software, and you consume use and contribute to open source. Once you step into that strategic mindset, that's where an Ospo can really make a difference, and actually help you turn that wheel even faster, because you've got someone that's their role they're paying attention to it. They're helping the organization shift their mindset as well. Yeah, I'd like to have an interrupt anyone but yeah I'd like to plus 100 that. So I have been at Bloomberg at the Ospo team for the past year, but prior to that, with the tooth ledge of Kevin Fleming, we started an Ospo team 10 years ago and I think it is exactly that transition in that just being incidental or accidental that you're using open source because, you know, fundamentally we all are, but that really bringing it together into a strategic, a strategic mindset and to not only bring in processes that make it easier for us to engage in the open source communities that we're a part of to sustain them and to be, you know, good, good, you know, citizens, but, but also, you know, there's a, there's a plethora of other like kind of pieces of what it means to be a, you know, to do open source in a strategic way. So we have had the opportunity to be at Bloomberg we have the opportunity to have been part of the technology strategy for the past 10 years and, and, you know, look forward to like growing that as we come, you know, more and more aware of our like our of where open source fits into our supply chain. Thanks Alyssa, I'm just going to add something to that so we at Porsche I mean Porsche is not really a traditional software company we are car manufacturer basically, but as Chris mentioned previously, everyone utilizes open source and we have so many application that completely consists 100% of open source software, and we do have two streams basically enterprise application so and then we're talking about mobile apps web application and embedded software. And we always had, I wouldn't say an Ospo but kind of Ospo processes but two years ago we officially launched our open source office initially really focusing on legal compliance and we had always legal compliance and such things but more kind of a decentralized approach. So we started really establishing legal compliance and focusing on security and now really trying to give back something to the community is because contributions also count, and this is what we're trying to do. So for us it's also kind of a holistic approach we are not just focusing on consuming open source, but we really want to go the whole way. Thank you so much for all your answers. As you can see it's quite different depending on the organizations you ask right. I would say, but I would say there is one really important common theme for me when I hear people's stories or organizational stories and that is the step between just back to, back to Suzanne's words like incidentally accidentally using open source to really strategically deciding to like how are you going to work with open source, whether you're a consumer contributor, and having a little bit more mindfulness around like your, your, your engagement with open source. So I think that that is like, that is the thinking of cartoons that that's like the canyon to be jumped. And once you're there. I will, I will say like there is like a phrase that can summarize this that is from open source had hope to thinking strategically about open source. So that would be like the common, like the key the missing key that maybe some organizations will need to think about that. But and then as soon as we get there like and then there are many ways that it might look like in an organization has to, and has to be responsive to what a organization looks like already, but like that first like, like step of agreement needs to be there, like, you know, we're not just doing this. We are doing this for a reason. Once the organization comes to the realization that they need to adopt a strategic posture around open source. Then the next step is you kind of have to look at your organization to see, you know, who you are and what's happening where because not every part of your organization is going to be ready for certain aspects of open source strategy. Some are going to be more immature, some are going to be more mature on that scale. So you really have to be agile and and and adapt to each organization's sort of place in this understanding. They're not just consumers and they're just consuming is like, okay, that's fine. But do you know why you're just consuming and what you're just consuming, and what you need to do to change that consumption from ad hoc to strategic, right, and that's where an auspice can provide that mentorship that consulting that introspective that this is interesting what you're doing here. Let's have a chat about how you can take that to the next level, so that you are, you know, making informed choices, rather than accidental ones. It's interesting to see how things have evolved over the years because you know early stage auspice were generally formed based on someone making a mistake someone maybe shipping some GPL code and a router they weren't supposed to or you know leaking some keys somewhere. And now it seems to be at least those are different days where open source was maybe less adopted but now it's just so incredibly pervasive across, you know, a company companies you know software in house that you have to have kind of some strategic thought of what you're both consuming and producing because the downside is, you know, if you're using all this open source software, most likely you're going to find box security issues and so on and you may have to do fixes on your own if your organization makes this impossible you are just adding a lot more work to your internal teams of managing forks and dealing with that process so it's just kind of interesting to see how things have have have shifted over the years and I think you know the next the next question here. The next question that we put together is, you know, you know, it'd be kind of curious if, you know, what kind of, you know, barriers your organizations have faced when you know essentially establishing and growing your Ospo and maybe any other regional challenges because, you know, I've seen some companies struggle with resource and staffing sometimes justifying that hey we need some more people. And, you know, the way I kind of see the Ospo movement is it's similar to what happened, you know, maybe 20 30 years ago with the security, you know, and kind of see so movement companies back in a day generally didn't really have security team, you know, it's until security issues, you know, happen and I kind of see the same thing happening now with Ospo is that you know they're just becoming more prevalent and no one questions the need for a security or CISO team that's just literally cost of doing business right now so I kind of love to hear from folks like kind of what challenges your face and kind of growing establishing your Ospo. Yeah, I'll jump in and go first. I think one of the biggest challenges that VMware faced in our Ospo journey is that many people, VMware is a big company so we're 40,000 people, you know I don't know how many people are engineers slash developers, but many people who think they understand open source and are used to it come into VMware and bristle at some of the process because they're used to being an individual free styling I'll say on GitHub. As a part of a larger organization that freestyle, you have to adapt it to working within an enterprise, because your great idea that you want to push out into open source community may in fact overlap with intersect with a product roadmap that you are unaware of. So the Ospo provides that sort of centralized process point of view, so that everybody can look at that. And, and, again, make those informed choices that are based on a strategy, rather than an individual desire. And that really ran into a lot of grit there because there's a lot of creative people and they, you know, this is what they're super enthusiastic and energetic and we're like, whoa, whoa, whoa, whoa, whoa, let's have a chat. And we've, we hit a lot of grit there for people to understand and accept that there's a larger strategy around open source. Anyone other anyone else want to chime in on challenges. I would see this as a potential counterpoint in terms of one of the challenges that I've seen is that there, there are a lot of processes and many of the organizations that we're talking about and so how do you connect open source like considerations into that those flows. And, and it's not just one process, it's all of them, because open source touches everything and so I find one of the challenges, both about this. The other topic of work is that it touches every, you may be in one office but it really touches every single department. And so the breadth of the breadth of competence, one must have as a team. It can be held by a single individual like it needs also almost similar to an open source project itself. Like I think need to be a matrix of experts that come together and, and talk about how open source will be strategically, you know, implemented within the company. And so, so, so a challenge for me that I see within the Bloomberg is injecting open source into like all the like existing processes and and requirements, things that are coming from in our internal processes and like legacy of being around for years from the, you know, legal laws of being in the financial services, but like how do we inject the lessons of what we have learned about open source and the strengths of open source into like pre existing structures of how business is being done. Yes. So I absolutely agree with Alyssa. So from a Porsche standpoint, basically, yes, we do have lots of processes and open source basically touches lots of departments and processes. For example, patent, and then you have to make sure that it's basically lean, and you don't disturb the product teams when when we're really talking about legal compliance on the one hand but on the other hand you also want to enable product teams to contribute. And now lessons learned. So for example, so we as a open source program office. Yes, we are the competent center but we had some issues actually to reach the product teams. Everyone is aware of our processes. Everyone knows they can reach out we are having best practices we are trying to teach them we are having a learning, but still we had issues. And then what did we do as a next stage, we basically set up a concept of coordinators. So we went to different product teams and departments, and we tried to establish the so called coordinators who kind of a bridge of the hospital. And these coordinators they're working with us partially but also with the product teams. So they're kind of really the bridge between the product teams and the open source program office. And that was a breakthrough for us at Porsche, because now really thinks are much more smoother. One coordinator, for example, if he works with product team of 6070 developers, I mean he's really our bridge and he can really translate our message he can enable people, and he's also developing by himself so that was for us kind of a lessons learned establishing a cross functional team establishing coordinators, and you need to have all skillsets on our, we're calling ourselves like we have the open source program office and then we have the next stage it's the open source management team. Legal legal folks, technical people, functional people, and that's a success for us so you have to have all kind of skillset within your open source program office or at least within the open source management team to have also the breakthrough and also to move on and to help the product teams. Yeah, totally totally bridge coordinators definitely required, especially for large organization so one more question before I hand it, you know maybe back to Anna to ask some other questions so you know Ospo structures tend to vary a lot across organizations when I helped start the Ospo Twitter basically I would say it started and it would be the call the office of the CTO before it shifted a little bit to the security team briefly, and then another real cap and then it was developer efficiency or developer programs were where it ended up to be the most logical place I love to kind of hear, you know from from all y'all where you're kind of Ospo is structure which part of the organization, you know, it may live in because I've you know I've seen Ospo's live in legal and security, you know truly kind of depends where you know where that organization isn't kind of what it does for as a business in terms of generally where an Ospo sits but would love to kind of hear from all y'all where your Ospo currently is or where it has moved even if it's moved around that would be interesting to know. Sure, I can jump into that for that one. So when we went where our Ospo first started it was being led by Nithya Ruff, who is no longer with us. But originally when when the doors of the Ospo open we were in the security org. And that's when I joined I joined I think a month or two in after the Ospo had had opened up and then we actually got moved to the office of the CTO. So, that's where we are placed. Now we are right in the office of the CIO slash CTO. And, and it's part of the developer strategy organization, and that's kind of a new name that we have under this work but we stayed, we're still under the CTO. I'm, I hadn't heard of Ospo's being under legal that's really interesting. Yeah, sometimes. Yeah, so for VMware we've always been the Ospo's always been in the office of the CTO, but it is a matrix organization. I don't report to the Ospo, but I am hard lined matrix into them. I actually sit in our global marketing organization in our brand team. I'm not saying to a lot of people, but it's with intent, because it's, it's again going back to sort of that ambassador guild concept, we're trying to infuse the organization with an understanding and appreciation for open source. So me residing outside our Ospo formally in our legal team, also hard lining to Ospo but sitting in legal enables us to really diffuse that expertise into various orgs, using the language of that org. So I sit in brand, so I understand their language, but a hard line into Ospo to understand their language so I can kind of translate and bring it over into the organization we can start to infuse the rest of the org with an understanding and appreciation for open source, and why it's so critical to the company, the legal team does that security team does that we have these ambassadors that we seed in different organizations to help grow this muscle and make it stronger. And to ask a follow up question there Suzanne, like these ambassadors that is their full time role. It's informal, it's informal it's not a formal title that I, that I anoint you with but we have identified individuals who are savvy with open source, understand how it works how it should works, understands our processes, and are able to be a point of contact within their and answer the questions locally, and then if things aren't addressed there appropriately then they can then can get escalated or routed back to the Ospo, because the Ospo is a small organization and VMware is 40,000 so there's no way we can answer questions for all 40,000 we have to distribute that knowledge. I was just going to jump in and say we have a similar program all over the country, all over the world. We have folks in India, we have folks in all over the US. They're passionate about open source. We get manager permission from them we say hey can we borrow four to six hours of their time. We have a quarter and we don't really bother them with much, but we ask that they help us triage we we ask that they tell us who's doing open source if you know of teams that are doing open source that haven't talked to us. Let's meet them, and they've been super helpful it is exactly what you were saying Suzanne it's so hard to scale across thousands of engineers with a small but mighty team. So the ambassador program has been super helpful with that. And I was just going to say and perhaps like I feel like the question betrays the interest, I feel like the, the, the structure of an Ospo team is not static. It's not changing both with like the, the technologies that we're bringing in how the ecosystems are changing, you know, and a reflection of the expertise like that, that the company kind of demonstrates in house and so we, we ourselves as the Ospo sits in the CTO office for a lot of like our sort of forward thinking like develop like R&D work happens, but to everybody else's point like of having you know tentacles and, you know, all the different departments. We have like a matrix, not of ambassadors, like in that word, but but of guild leaders and what we call an open source council. And so they help us answer questions specifically procedural questions about how to either open source a project or contribute to an upstream project like these are what these are places where the expert, the legal expertise the language expertise like is not cannot be held by like, you know, the few people in the Ospo team but really we'd like defer to the expertise that happens and you know and access throughout the company. But it's constantly moving, not, it hasn't moved from the CTO but I'm just saying like it's the, I think the structure of an Ospo, of an effective Ospo team is not static. It needs to be resonant and reflective of what's happening in the world, like, and in the languages and projects that we're supposed to be, you know, working with and being part of. I don't know if Susan wanted to add anything. I think you raise your hand and then you, you're okay. Okay. Yeah, so we have a few times so let's move to the next question. I think it's kind of related like what you said about first, once the Ospo start it evolves. And I imagine that the goals of the Ospo at the very beginning and start are evolving over the time so I wanted to ask, what were the main goals of the Ospo at the beginning and if those goals have been evolving and if you find a reason why those were evolving for your specific organizations? I mean, I can start. So basically, yeah, at the beginning we wanted to make sure that we have a central competent center that focuses on compliance. That was the first stage. Then obviously adding security, then contribution and basically as I've mentioned previously, so we are not a traditional software company, we are car manufacturer, but software is everywhere. Now everyone knows it. I don't have to explain about cars and that software will basically lead the way, but we are also evolving together with our organizations. So for example, we do have, we have founded several subsidiaries like Porsche Digital that are just focusing on development and they just consist of software developers. And now our goal is right, stage three is really also enabling the teams and showing them way how to contribute. And what we are basically doing as the Ospo, so we as an Ospo, we actually are very, we are just a technical team. We consist of 10, 12 developers. Plus we have legals and coordinators. I think ambassadors is a better way really to call them. This is what I need to take with me. But the point is the following view. We also want to lead by example. So, like when we do the security process or when we want to make sure that we are compliant, we actually developing the tooling ourselves together with other industry partners. So really, and that's an open source project, like open source review toolkit, because we want to show also the product teams that we as an open source office, we're not just utilizing commercial tooling, but we're collaborating together with the communities. So for example, with Porsche, with technologies, BMW and so on. And so we can lead by example, because we are not just talking, yeah, we're enabling you here the processes, we are no bears, but we're actually doing it by ourselves, actually writing the code. And that's also the difference, I think, because then the developers trust you immediately. And they can just have a look on GitHub and see the product where the Ospo is basically contributing to it. Suzanne. Yeah, that's a great example of leading by example. Our Ospo operates in the same way and I think the evolution of our Ospo. We started at compliance I think everybody starts there. And then mature from there so I would say ours kind of goes went down the four C's compliance is where we started contribution, creation and community. So as we got an understanding and grips on compliance. Okay, now we understand what we're consuming and that we are compliant. Now let's start going up. How do we contribute back how do we go upstream what's the best process for doing that. So we've learned that skill. Organizationally we moved on to creation. So what if we want to create new open source. All right, that's a different skill set, and then building community around that all of those things. You know, sort of start to exercise that maturity muscle, and our Ospo also tries to lead by example showing people how to do it well and right. So an example of that from VMware is turn, which is, it's a tooling for inspecting containers and creating your SPOM out of containers and SPDX files that was donated from VMware to the automated compliance tooling initiative. So that's an example of us building the tool, being compliant, contributing, creating, building a community and really stepping up into a larger more, you know, neutral organization under the LF so that's an example of VMware's Ospo leading the way. So, again, the maturity model for us is compliance contribution creation community that that's how I would view it myself internally so. And by the way, Suzanne, I like the example of turn because turn is on our roadmap we're actually going to evaluate this. And we also thinking actually contributing back to turn so that's on our roadmap so that's funny to know that's coming from you basically from VMware. I can connect I can connect you with Rose judge she's the lead maintainer. If you, if you. Oh, that would be great. Wonderful. I'm just going to add in plus one to everything that Nick and Suzanne said so we're we're also the same we started with the same exact needs. I was just going to highlight one step before that one of our goals was actually to get our name out there and also learn about the open source landscape at Comcast. We knew it was happening we know we're consuming we know that repeat their people contributing back. But like I said, thousands of engineers thousands of teams. How do we know what's strategic what's even tied to the business. So that was actually one of our first goals was to learn about the landscape and figure out what kind of open source was happening, and then tie it together with the ASPO and start building our community from there so that was kind of one of the big things we did in the first year that we existed was get our name out there and one of the new goals I don't know if you mentioned like how that has evolved. I'd say, based on that that map that Chris showed us the maturity model. So we're moving towards the right direction. We, one of the latest things we launched is a required open source trading for any and all technologists that work at Comcast whether you're brand new, or you've been there for a long time. It'll just pop up everybody gets notifications and from there we talk about consumption compliance contribution usage how to contribute back. But those are kind of like we're trapped we're getting to the point where we're influencing influencing and making decisions at a leadership level. And hopefully we can continue doing that. Okay, I just have to say that we are a bit 50 minutes from right now from the schedule time so we're going to move to Q&A now because we have four questions right now. And so I'm going to start serving with you and if you want to anyone wants to answer just raise your hand and and jump in. So the first question is, you talk a bit about the value added to hospitals at the very beginning. How do you quantify the value to upper management or non technical folks. Anyone that would like to jump in. I'll jump in. I think this is a an ongoing and really deep question. There was an apology that I like would reference back to about like not measuring return on impact and return on investment but rather measuring impact. So what, what is the impact of having an Ospo team. And I, for me, for me looking at the number of teams that are able to contribute to open source and the speed at which we can make that happen, the number of, and making it measurable is important. Those numbers are important. A number of projects that we've been able to open source and successful ways not just like turn on the switch and say hi we're open source now but really like you know, kind of build a foundation for community. That's the way that we measure impact. And we are presence at open source related events and our leadership and voices there. That's the way that we measure impact. And then finally, and I think that this is, you know, part of probably, I think, all of our pieces is is hiring hiring and retention. Like, you know, open source is an important way to develop technology to innovate on technology but it's just so I think a very satisfying way to do that as well. And so I, one of the ways that I measure my success is like, you know, how, how many open source contributors and leaders are we bringing in to Bloomberg that are finding their homes there they're able to continue to do their their work in their open source spaces. And, and, and so HR, and, you know, related like kind of communications around that are is another way that we measure impact of our work to you. And there's more. I will, I see the floor. Yeah, just, I'm just going to add one sentence to this. And it's challenging. So really to convince upper management or top management why we should invest further in open source and to contribution but so again we're trying to lead by example. Meaning, we as as for we completely build everything the whole tool channel and everything that we have is based on open source technology. We contribute back, and I have a couple of slides and use cases where I'm basically showing the management. Look, we are leading by example, and driving some comparisons. This is the comparison if we, for example, would have acquired a commercial tooling versus what we're actually doing. We have for example cost saving, we collaborating with other partners such as Bosch or here technologies we learn from each other. We share our backlog so really telling them by example how we do it and that we actually drive innovation shorter time to market cost savings and trying to kind of translate this also to other product teams. But it's challenging. It's not always easy but this is at least my approach. I'm trying on a daily basis. And I'll jump in with a with a different angle on measuring the value and the contribution of an Ospo to the organization. I really look at it from a qualitative point of view, not a quantitative one. So I'm looking at the, the impact on brand on reputation on perception, especially in our customer base because VMware is a software builder we sell software. That's what we do. That's how we make our revenue. And more and more, we see our customers anticipating expecting open source as part of the solution we bring to them. So if customers are expecting it they're expecting you to be a leader. They're expecting you to be a role model. They're expecting you to be in those communities that matter to them. So if I look at it more from that reputational point of view, then I do from an engineering angle. And I think it's, it's a, it's a, it's another aspect or dimension of an Ospo and, and your relative maturity in it. Reputation change may not be something you, you value at the outset, but as you mature, it becomes an attribute you take a look at and you watch. I think what's key here amongst all of us is that it's important to track why we're here, you know, like what we're doing, I mean, and that we're showing value. So, it's, it's, there's a lot to do reactively in the job just to keep like the things flowing but this is a really important part of the work as well as like carving out time to be able to show that like, there's an important reason why we're here too. Absolutely. Next, I'm going to move to next question we are getting a lot right now. So the next one is how is the training on open source software compliance been happening, and who are the typical candidate for it, and how frequent is a training given to that person. So I can jump in really quickly. Open source training is given to all new hires, it is a requirement. They learn about compliance they learn about the processes. So that is done within the first, I think, three weeks or four weeks of their new hire training. And then it's part of our ongoing engineering essentials learning modules that all of our technical people have to complete. And so then one question is it kind of an e learning thing or are you really having kind of people who are teaching this. It is e learning because we're such a distributed global company to have it face to face is challenging, especially, I don't know the last two years pandemic. Yeah, that's it. So prior to the pandemic. We had local in person trainings face to face, but it is all transitioned to e learning at this point. Okay. Yeah, so basically just to quickly answer this question same at Porsche. So we do have a e learning and it's mandatory for everyone who at least has some touch points with it products. It's a developer or a product owner. And they have to do this. We're going to move to the next question. Thank you so much for the answers. How is the security program carried on just will never know. Sorry about that just a vulnerability tech or full scale. I didn't get the first one but let's let's go to how is the security program carried or if the person that answered this that asked this question is here that person can turn on the mic and explain better this this question. Okay, so let's just answer how is the security program period on in your organization. I can jump in. We partner very closely with our security team. So we actually have a member of our security team that is part of our open source advisory council. So they weigh in on all code that goes out to open source. We also recently set up a standing meeting with our security team because we want to make sure that we keep a strong relationship with them and that we are also conveying what we're doing in the open source space with them, and that we are just maintaining that relationship and keeping in ties with them. So we're there one of our stakeholders and also one of our very close partners. So what we're basically doing is similar what Sheila just explained, except and that's a new approach that we as Ospo actually want now to own the first security piece so we are now really building the capabilities and the people because we are saying we need to have a holistic approach. So we're going to be the first security team as well and we're kind of restructuring it a little bit. Okay, another question. What are some strategies to open up proprietary code basis in your organization. If you can, I mean, you don't have to answer, but if someone would like to. Or course or anything if not we can move to the next one. I can jump in from a from a general point of view is that what I have learned in my past six years looking at open source versus proprietary proprietary code was written with that in mind. It wasn't written with a an open community contribution point of view. And so proprietary code is really never ready to open source, you sort of have to start with open source as your end point. It's very difficult to take something that's proprietary and take it apart and get it ready to be open source you just can't go. You just can't flip a switch. That is a very difficult thing to do and you would have to really work with your business leaders to understand why you think this switch from proprietary code based to open source needs to happen. What needs to happen to get there in and, you know, really ask those hard questions because that is a very difficult thing to undertake Chris I don't know you have any thoughts on that. It's going to depend on kind of the organization what they value patents IP like it's I think it's a mix of everything I do think if you have a proprietary code base has been around for a long time, untangling everything to open source that is very difficult this is kind of why you hear a lot of companies these days, going a quote unquote like default open approach where it means like you know you you build this as you potentially may intend to open source it. You know later as a successful approach but it's, it's, it's hard, you know, every company kind of goes through it's, you know what truly is, you know, IP for us how do we you know make money is this stuff actually something that we should open up or not so I think it just it's completely you know variable yeah I started to quote a list in the chat starting with an open source mind will make your life significantly easier to eventually open source that code down the line or even even if you don't generally starting with open source mind will bring better collaborative practices, you'll probably modularize your code base, a little bit better and so on so there's just a lot of benefits outside of just purely being able to open things yeah dependencies are always a nightmare. Go ahead. You know, but, but if there is this like, like this gem of something that you really want to open source. I mean I, I, an organization. I feel like, you know, don't, don't give, don't give up. But, but try to find the people first the projects first where that might fit in, you know, like so. But, but starting starting with an open source like in mind in mind at the beginning, I think is really where we want to like build from. And I think when if you're planning on doing that or considering that really have a three year minimum time horizon in mind too many people open source things with a lot of energy, and then like six months later like yeah oh well like no once you do this you've got to be committed to it, because if you build a community around it and they start embedding it if you walk away. That's the ultimate betrayal. Know that it's not a short term commitment when you open source something this is something you have to really promise to support and be active in. No. I'm sorry to interrupt, but we are already out of time. There was other questions I tried to put them together because we have an into the group we have an Oscar forum, where people ask questions and the community and other scores. So I will really recommend to go to the Oscar forum and ask questions, because since there are other people who serve this practices and under and their point of view. So yeah, Chris, I think you wanted to mention something. I put the links for all your the hospital discussions we have an amazing slack community but you know please use more of our public GitHub resources so things are you know indexed and you know we kind of collaborate a little bit more on systems that are indexed by Google and other search engines versus being lost in slack. Yeah, and all I have to say, again, thank you so much to Tom, Silla, Chris, Nick, Lisa, and everyone here that has been attending asking questions and I'm really sorry that we didn't have time to answer all of them. But as I said, our doors are open and the community so feel free to join and and and engage with others for us. Thank you so much for joining us for your time today and thank you everyone for joining us just a quick reminder that this recording will be up on the Linux Foundation YouTube page later today. We hope you join us for future webinars have a wonderful day.