 Now we want to start with the second part of the morning that is going to be the panel discussion The panel discussion is going to be about the role of open source in innovation and I want to be do a very brief Intro about why open source? We consider that open source is the innovation engine of the industry It for those of you by the way Who do you know about open source? Raise your hands. You know about open source Probably most of you knows about open source open source for those of you that you don't know It's about a million projects of software with two over 200 million repositories that contributes receive contributions for about 83 million developers all over the world And that means that a lot of people a lot of companies are using these open source technologies To create their own products Starting with red hat. This is the role of open source in the overall red hat portfolio This is how we create products. We start with those open source projects and out of those we create our own projects Red Hat Enterprise Linux is coming from Fedora. So it's not only us Investing on that and creating the new features of the products It's also the community bringing what they consider are more relevant new features to bring out of Enterprise Linux In fact, it's not only the major products like OpenShift or Well, but also the whole developer tools that we will see during the day are coming also from open source projects We have here Mithun that is the VP of developer relations that is responsible of a lot of these products starting with that open source So we would like to understand how we start how we prioritize those open source and Then with that I want to invite you because this is not only about Mithun and us How do we do the job? But also we want to invite some members that are also contributors and so It's ready. Yep. Perfect. So I would like to invite please Subin that is the SVP of head of architecture and engineering and HDFC Bank Please Subin Saran that is the deputy for Federal Bank, please Kiran that is the ABP of Infosys. Please. Yeah, you take a seat there. Yeah here No, yeah, perfect. I stay here perfect Then we would like to invite Sadri That is the SVP chief architect for Tata and then of course Mithun that is the VP of developer tools. Okay First of all, I would like to start with we want to talk a bit about open source in general But obviously focus on how they use The open source project in their companies So I would like to start with a very basic understanding of Please, how do you use open source in your company? Also a bit of background? In case you have beyond how you are using today open source in your current company and how open source is important for you overall So we can start whoever Prefer to kick off. Maybe Mithun you can kick off because you are Responsible of the tools. Sure. I'll do a quick intro of myself and talk about it as Ignacio was saying I lead the developer business unit within Red Hat at Red Hat for us, you know We we had several facts thrown by Burr Ignacio everyone right like open source is the heart of everything that we do So the developer tools journey you saw the products that we build everything is based on open source for us as You were telling Ignacio we invest over a billion dollars or Burr. I think you were telling that fact Over a billion dollars. We invest in upstream projects every year. That's eight thousand three hundred crores In today's money, so that's a lot of money that we invest and you know for us open source is the first strategy that we deploy everything that we do we also contribute upstream as well and Together we want to make this better and and that's that's our way I'm Zubin Experienced and I've been a developer all my life and now I'm architect The one looking into the growth direction Yeah And I've been fortunate enough to work in open source right from beginning as a fresher I was a part of the Apache HDPD project Work with the developers. I have a mindset of how the whole open source community work in the bank We are moving to an open source. We are a bank. So you know, we are not like to open to open source We're gradually moving towards open source. We are building our digital journeys on open source We are looking at API orchestration resilience. So those kind of frameworks. We're looking at and we are trying to migrate You know legacy applications into cloud native applications. So that's one of the whole stack We are trying to build using open source. I don't know database perspective We are looking at postgres very seriously as our you know go to database for all our cloud applications Hi, not a high level. This is what we're doing. We're going to details later I'm from Federal Bank. I think I am in the industry for 24 years now Also, I'll do the programming with the spring boot and all microservice development also So if you see the Federal Bank website, that is a live right portal life is a commercial open source usually we'll start with open source tank and When it is moved to the production, usually we'll buy the support license Commercial open source license because we're required a support when you're running in the production critical environment So we'll use the supported open source commercial The life is a classic assemble if you go to www.tatterbank.co.it Java portal web content management system. I start with Commercial open source yearly subscription license If you see other product also internally if you use DevOps pipeline everything will use Open sources, but when the production we'll use licensed commercial open source Perfect. Thank you Kiran. Yeah, good morning to all myself Kiran I come from the IT infrastructure support team from Infosys My career started with the programming and then moved on to the infrastructure support I have experience on both the words that is the enterprise proprietary products as well as the open source. So basically we take care of the development testing POC Management we use a lot of proprietary products as well as open source So I have the experience on both the both the sites be it a database be it an application we Enable our developers to ensure that they deliver to our customers. So we have a I mean series of open source products as well and we have a unit who does the open source for the community addition as well There's a contribution and we do a lot of open source We take container with a kubernetes cluster or be it an application on the jboss anything we Do lot because we're an enterprise who support The customers across the globe So sadri. Yeah. Hi. Good morning. All I represent Tata play While most of the panelists knows how to count money. They come from a finance background We come from entertainment background. So our only job is to keep our users happy Apart from they counting the money So I would like to start with giving some business perspectives They are taught a play Meaning we always go after one metric called a cost per transaction So we strongly believe that our cost per transaction has to be very low Which would actually make us more competitive the reason is we are one of the few Regulated bodies which government decides the price of the channels that you watch So and Unfortunately meaning from 2019 onwards. We were not allowed to increase the price. So If you look at Meaning in between the inflation has soared by 40 percent. Okay, so our cost is kind of constant But it has kind of meaning our revenues are constant But we are under constant margin pressure to kind of deliver more to our customers Just to give you a few examples Tomorrow There is an India England match see and India is a very cricket crazy country And just like in this room where most of the people prefer to sit back Like that most of our customers actually wake up at around tomorrow 12 30 or 1 o'clock in the afternoon And they kind of come to our platform and try to add a package to watch the match and If by some means, okay, we are not able to honor this transaction and if they know that Meaning I'm the guy behind this scenes meaning I will not be allowed to leave my home So it is as critical as that And at Tata play, right? Okay We build a kind of a stadium for every match where there are millions of users who come and Sit and watch the match and the biggest problem for us is all those users go back Once the match is over and this repeats for every match okay, and Meaning tomorrow is going to be a big day for us and hopefully India will qualify for the finals and Sunday if we have a big clash then that is like a brutal thing for us While there are millions of people, okay, who would like to watch the match But we are the back end. In fact, I started hitting cricket for that even though I'm a big cricket fan So there are a lot of things which go at the back end in terms of engineering And without the open source, I don't think so. Okay We would be in a position to kind of manage this kind of complexity in a property softwares Because in a year we have like this like around 15-20 days. I can't pay for the entire year. Okay with in terms of the Property softwares for the entire year because my customer stays only for this 20 days. Okay during this thing So that is where open source plays a very big role in terms of the Tata play ecosystem And how we'd kind of deliver say there is a lot of benchmarks where hard star claims that okay They have like 1.6 crore concurrent sessions But for us Meaning it is even more because we are in a satellite broadcasting thing. Okay, we reach around 100 million users on these kind of match days So that is the kind of volume that we look at and it is a big journey for us Okay, which open source is helping us in terms of meeting the customer goals Fantastic. Thank you so much. I would like to go through a bit of the pros Why you decided that the open source strategy is the right approach? Maybe you can start following up a bit on what the cricket session or how do you respond into peaks and Why open source what you consider? What are the positive things that you are using open source for say without open source? It becomes difficult for us if us we need to kind of get the right talent for these kind of tools Getting a talent for a proprietary software is kind of tough With more developers, okay now off late preferring meaning contributing to the open source community It becomes a natural selection for us to kind of adopt this open source so that we get the right talent and Unless until the right talent comes in no matter you have the best of technologies, okay Let's assume we are deploying Kafka meaning if it is deployed by the right developer it works Meaning if it doesn't work, okay, you won't blame Kafka for that one So it is the way in which okay. You have deployed that software and there is a problem Internally, okay, so that's where we kind of Go with some products, okay Which are like there is enough support and which helps us in terms of delivering value to the customers perfect just to add to that, you know, yeah So it's it's a very critical part, right? You mentioned about talent available Yeah, so every developer here today, you know, there's so much opportunity for you If you go to developers.redad.com you'll see the amount of content we have put together You know, you can take your skills up level your skills You can get certified and and we invest a lot of money in that the whole developer business unit with the engineering side is around 400 450 people and that's all of us working on products for developers As you saw earlier, you know the the slide which had all of the products within Red Hat and the upstream projects that are We take those upstream projects so the time and effort that you invest in learning those products or projects or contributing or Maintaining or any anything that you play there will add a lot to your skills within within this sector And I think Pretty much all of you agree, right? Like with 83 million developers working on open source projects You know your skills are a lot more transferable Then you know proprietary stack So one of the things I love open source is open source, you know the code is available to you Problem occurs. I look at the stack trace. I know exactly the line number where the problem is occurred So in a kind of mission critical application we work in we don't have that time to open a ticket some engineer comes in Results a ticket escalates again one more ticket to close that ticket if I go open source The reason we selected open source technology is the code is available with brakes I go exactly I know where it has broken you open the code we check it out and then we can move on That's one of the very key things, you know, which we want and secondly in the bank We are trying to like say developers developer We are building a generic platform for digital journey So the bank is moving towards zero-touch zero paper kind of initiative where multiple journeys will get built at right center landing journey as a journey and We want to make sure that we give a developer a framework through which they can build their own journeys The engineering team should not be a bottleneck and we are trying to use a lot of open source technologies to provide resilience So for example, we are 25 years old bank So we have multiple systems which the digital system has to talk to some will break some will work summer SFTP API is sort of they call it, you know a pile up reason API Okay, so what we are trying to build is bring a centralized repository or centralized framework Where everybody can hook it and plug in their journeys and for that we are using a lot of open source We are looking at a framework like temporary. I don't know if you guys heard about it So open source resilience framework, which we are seriously looking at and we are also explaining Kafka to provide a sync mechanism Because in our journeys, it's not a sync journey like supposing you apply for a loan Okay, and I actually give me a bank statement or give me a GST certificate You may not have handy or your lawyer or your finance personal habits So the journey breaks and then I upload my statement the journey continues from where you left it So there is a break or what people long-running processes all these things we are trying to innovate in the bank using open source So traditionally it was all paper based you go to a branch you apply Ten days, but you will come to know. Okay. What's my loan application? We want to cut out all that you know and make it very intense seconds loan What we got 10 seconds journey and for doing all that we are trying to move more towards an open source stack We are looking at corpus as my cloud native framework That's that's my roadmap going forward because everything has to be on the cloud That's the direction we have you know all cloud data application So we are seriously looking at corpus as one of my open source framework Kafka is a very key component in my ecosystem. So more or less, that's where I think it's a very important part of the ecosystem Thank you, Subin cut Saran. If you see most of the enterprise systems also uses the open source libraries I see in one of the core enterprise system. I open it in their libraries or Open source 80% are open source. So only 20% they are getting as a proprietary thing We use more ELK more actually if you see the development we need to think about the support system also for example Our transaction more than 85% are digital. So 24 hours Logs are coming. We need to segregate the log. We need to understand the customer problems If you see the elastics that ELK stack and that kind of open source technology and not seen any interface gate competitor in the market and we are getting that fast update also for example alerting or a based Bucketing and everything is available nowadays in the open source So when if more than the development we will use in the support environment open source Okay why why open source right like I'll just give an Like a comparison for that proprietary products are something like an elephants where we Take it very aggressively and then it's a king of it like and it moves very slow and Yes, it does everything and it is a king there and nobody can Cross the road what elephants are moving right but open source is like an Ants world where small small components and different across the globe they come up and they integrate and make a big Load of it like you know like ants can build many things like it can go anywhere and it's like that So the comparison between an elephant and ant it's like open source goes across there is no barrier or there is no Constructing that okay. This is the end of it like it opens the brains across the world comes together and ensure that We are very fast. So in the current IT requirement, it's more of a speed speed is the which makes a difference for any of the Competitors or the enterprise world to be present. So if you are not coping up with the speed We'll never be able to achieve it. So to achieve speed as open source is a way we can Get into it Perfect, you know just just to add one thing to what you all said, you know I want to follow it by some numbers, right? If you take the Linux core kernel stack There are about 4,000 4,600 I think core contributors who write and maintain that kernel stack and roughly 250 changes go in every single day 22 million lines of code You know is written and maintained by all of you and all of us and 250 changes go in every single day That's you know six every six minutes. There is a change if you want to break it down I know you all are pretty good at math here So, you know, that's the that's the agility, right? You cannot get that from one single company You know and that agility is what drives this whole open source thing So much makes it so much better and drives it so much farther Yeah But because of that I want to raise the fair element that I want to go through that is the challenges I mean we talk about people we talk a lot about Many projects, how do you keep the pace? How do you decide on what to invest and what not to invest? So there are a lot of challenges and we would like to hear how do you handle those? Yeah, we can start with you to win Yeah, there are challenges like no RBI guidelines. We are governed body So, you know, we need to make sure that any open source product is blessed by organization We know in case of mission critical, we need to have some organization supporting us So whenever I evaluate an open source product, I at least the mission critical ones the frameworks one We make sure that there is a supporting Organization or like Kafka we will go back with organization with supports Kafka or any cloud products So that's one of the key challenges. I have actually on this one The recent challenge was the log 4j issue that the bug created Yeah, the open source or enterprise everywhere that open source component look 4j was a vulnerability found the fixing was One of the challenge we faced recently in the open source So that's why I stress on that commercial open sources compared to pure open source The critical bugs or one will be or Some kind of issue comes we regret it support from Enterprise or some kind of support Yeah That's that's a pretty interesting Comment you made there and and you're absolutely right, right? It depends on the appetite of the organization You can go upstream take the upstream project and then you know you can start with it But then you will have to be make you you'll have to make sure that there are bodies and people within your organization Who can support the upstream project, right? Whether it's from a security perspective whether it's from a Pure supporting perspective or that's where your choice that you made the commercial open source software Where you know they're contributing and making the upstream project better But at the same time they add the open layer They add the layer on top of it which says hey We are going to work on the security pits for this version of the open source project, right? We are going to bring in the support for you and that's what makes it scalable and and you know But but at the end of the day, it's not going to be completely proprietary, right? You'll still have access to the code base. You can still get your people involved So it's a better together scenario in that. I agree. That's the same strategy. We are looking at And maybe the challenges what we face is like we are an enterprise where we have to support the customers Yes, like you mentioned the one that is one the other side of it like the compliance governance, right? It could be a software compliance or it could be a SLA Achieveable to the customer as a dependency like you mentioned as we do have open source But a supported version will always help us to achieve that governance from the compliance perspective as well as security Whatever even So we are able to achieve a mix and match of that with both open source community edition as well as the supported version So the cons of open source is a great question. The reason is See people think that okay open source is cheap Okay, open source is cheap only when you understand it if you don't understand it trust me It is more expensive than any proprietary products at least proprietary products There is a partner. Okay, who will come and rescue you. Okay. Here you are on your own Just to give you some examples. Okay, we saw a great demo today morning. Okay, where he kind of deployed the code One good thing that happened was okay, there was no requirements which are coming from the audience to him So it was like a fixed demo. Okay, where it worked perfectly, but in reality, it doesn't happen like that So when a developer is about to commit the code, okay, there are some business stakeholders Okay, who will come and tell that no, no, I don't want this shaking feature I wanted that okay, only when they move up and down. Okay, then only it should work like that so when we put pressure on the developer, okay, it kind of creates a problem and Hence, okay, you need to kind of have the right people right Tools to kind of manage this deployment. Otherwise, it is meaning you are creating problems for yourself and the second thing is Getting people to understand what goes behind this open source and kind of knowing that meaning support will be a problem Okay, for instance, there can be a zero-day vulnerability. Okay, which would hit us any time Nobody can predict. Okay. What is going to come? So we need to plan for these failures Otherwise, meaning you are in a bit of a problem where you don't know how to solve the problem Okay, you're dependent on some community and people should understand the cons before they adopt any open source Otherwise, it becomes a huge challenge and you will not be able to base the business stakeholders in terms of Justifying yourself if any security breaches happen Attitude thing to use open source, you know attitude and the confidence I know if it breaks at least my guys can look at the code check it out and fix it You know, otherwise we rely on a partner to help us. So that whole shift left or a whole attitude change has to have Organizational level see adopting open source in silo is one part But if the whole organization has to change the whole attitude of the developers the mindset change is also required to add up open source That's how I look at it And that's something which I am pushing internally in the bank to change attitude look at the code go and fix it Don't call up somebody immediately first. Give it a shot see the code if the code is available Can you fix it? And then you would be an attitude, you know, which will get a support ticket Somebody will come and solve your problem If you move to open source, we need to change that Nobody will solve your problem. It is your problem We need to fix it as a group that mindset change is what I think we need to look at. That's where I'm That's that's a that's a great point both of you make right like I think I think Being bringing in a top level strategy where it is, you know open source first strategy and Embracing that and bringing that center of excellence within within those companies. I think I think that'll make a huge difference For for us within red hat, you know, we are we are a little different because we we develop software You know, so for us the challenge is the problem of plenty those one million projects that are out there We are looking at it and constantly evaluating on what are the projects that are resonating, right? Where can we add a lot of value to our customers? The if you remember the stack that bird walked us through from all the way, you know from portal to You know the inner loop the outer loop Sort of tools the CI CD tools and then coming all the way to observability There there are plethora of products that are there and projects that are there for us the challenge is How do we prioritize right? Where do we see? big adoption rates going on with those projects and then one such Project that we are currently evaluating is backstage Right, it's backstage is all the rage. How many of you here have used backstage or from the internal portal perspective? Wow, I'm surprised. Okay backstage has been you know a lot of has gained a lot of interest and then That's that's one area where you know, we didn't have a good onboarding solution for our customers So we are looking at adopting backstage and then trying to build on backstage and then there are other ones as well Right on the observability side, you know, there are plethora of products that we are trying to look at but but yeah, the challenge again for us is How do we prioritize these upstream projects in a way that it can add value to our customers? Perfect, so I would like to close also this panel Having a bit of understanding of what do you consider are the critical projects for the future? What do you consider is going to be? The role of open source in your organizations looking forward say in last three years, okay We are kind of migrated around the 25 projects from proprietary to open source Okay, so we started with small small projects where we were testing the waters and we are in a stage where we are Moved as critical as a billing application Okay, which is from a very established OEM where we have migrated that entire thing to a open source based project Okay in a microservice based architecture. It was not like a small exercise Okay, it took us close to two to three years for us to do this migration Meaning luckily Meaning we came out of this project in a successful manner because the chances of failure of these kind of projects are very high because You migrating a core it is like a banking system. Okay moving their core banking to open source so Since the chance of failures are there. Okay, you need to plan for those failures and Since I represent, okay tata group. Okay, we believe in giving back to the community That is there in our genes. Okay, so what are open source projects that we kind of adopt? We kind of contribute back to the community so that Whatever fixes our developers all bring to the Put in our ecosystem actually gets committed to the public ecosystem And in fact, we also reward those kind of things while it is not expected As okay to kind of rank these developers and kind of reward them But since it is something over and above the duty that they are doing so we kind of have a hall of fame where we recognize these Developers okay from our partner communities So that we kind of keep this ecosystem vibrant Okay, if nobody comes into this ecosystem then kind of these projects kind of died on So that is one of the key thing. Okay, where when we take any open source project We kind of master that open source project and we kind of contribute back so that we are also part of that cycle So that's how we keep and then the journey has just started for us Until we kind of migrate most of our applications to open source Now just you mentioned sasadri. I would like also to give some key takeaways that you consider also for the audience When you see one of the key takeaways, please choose the right Product, okay, there are meaning there is like one million Projects, okay, I don't know meaning how many of those projects, okay would be available in the next three years There might be like two million projects. Okay, but out of this one million that might be like Meaning nine hundred K might be not relevant. So it's a very fast evolving thing. So unless until you keep yourself Up to speed in terms of okay, what is the trend? Okay, which is going in the market Please kind of upskill yourself. Okay to those kind of things mean trust me okay as of now meaning the Market for developers is very very hot. Okay, and especially in India and you guys are more Relevant for organizations than people like CFOs or CMOs because you make a very big change Okay for the organizations that you guys contribute to and since every company is trying to adopt Meaning are making more technology-oriented solutions Meaning the role of developers is like paramount These days. So just keep yourself open for new things and don't Meaning try to unlearn things. Okay, meaning if you know a particular project or a particular open source And you feel that okay, it is not going meaning try to leave it Okay, don't try to stick with it and try to build more on top of it Meaning then you become a technical debt Okay, which actually creates problem. Okay in the future So try to be agile in terms of just how these softwares move your code So you should also be able to move your technologies meaning how they kind of Thank you So as a bank we are moving to shift left and we are just started the journey of adapting open source earlier It was more of commercial products, which we were evaluating and you rightly said in open source The key takeaway selecting the right product or the right framework because there are a lot of fly by night kind of Framework which come and they vanish. So and we need to have a long-term strategy. Look at the dev community Look at who has contributed. What's the background developer? That's what I do when I look at a open source project I go a background check on the key developers. So that at least I know Very stability in the source program at least one or two years because a kind of cycle we have in our bank It is at least six months for something to go like so I don't want to start a project today And after six months that opens a specific doesn't exist or you know, there's no developer support for that So one of the key takers which at least I push for is look at the frameworks and make sure the long-term strategy for those Perfect Saran If you see that end-of-life problem that isn't That is in the enterprise segment also proprietary things also the open source also almost same Enterprise is more now because open source is more matured and more powerful. That's why enterprise also shopping their product We got in the same problem. We are moving to open source because of that They'll declare end-of-life. So we had to move to open source. We don't have any other options sometimes So we are focusing more on open source next few years Perfect and then Keetan For us like open source has been a big push from the management also from the internal IT We have taken a strategy that we need to adapt. It's as simple as that the DevOps Has been there for some time now and it's integration of both developer as well as an operations If you go back few years back IT operations you have a skilled set of admins and also the DBS who never knew anything about the coding because I come from both the site, right? I have a coding experience as well as an admin. So now it is a Amalgamation of both. It's a merger of development as well as ops. So yes, definitely as open source is a way forward for the DevOps team If you concentrate on open source, yes, you'll have the opportunities like Shisha, they also mentioned and Zubin mentioned like there's a huge opportunity and right set of choosing will make a big difference and If you choose the right product doesn't mean that you have to leave and because it's one million products, right? You can cut across any product there. That's not a problem. The opportunity is very high and Strategically, we have already taken a decision to move towards open source and implement internally Be it a community or beat a supported version and then take it to the our customers so that that helps them both commercially as well as strategically for their Perfect any final consideration Smith one. Yeah, as you know as closing points I would say from a developer perspective look every one of them said like hey scale fast or fail fast, right? They're of the one million projects look at it pick it up Play with it and if if you see value in it and you can start implementing it then, you know scale scale it fast Otherwise, you know no no problem, right? Don't try to force fit it You can you can always fail fast move to the next one and from you as developers here Definitely contribute back to the projects right and and looks like you have a great Sort of internal framework. I think HDFC all of you have internal frameworks where Developers are empowered and recognized for their contributions upstream and this is how you build your persona This is how you build your profile out in the market, right? So make sure that your portfolio is you know filled with those contributions So that you are as much a part in the success of that project as anybody else and that's the beauty of open source, right? It's democratized innovation And that's what we are all here for so with that I want to thank you all the panelists Please if we can give a token of appreciation to them, okay? And also I would like to because they are not going to stay here until the end of the day So if you have any question or you want to ask any particular project or something Feel free to raise your hand and we can go through that and if not We are set to go also bar is here in case you have any particular question or want to know about any particular Project in any question from the audience When you work for the open-source project like everything if you does not go in the depth you does not touch the problem You just know this thing is there. I can get some detail But when you go in the depth then only you're providing the solution then in your conversion You say that it is not good to go for the depth. Could you elaborate more? What do you mean? You said like hey if there are any if I'm paraphrasing your question You you sort of mentioned that hey if there are if you know start Evaluating some projects, but you know if you think it's not the right fit don't go too deep into it Because there are a million projects out there that you can select so he wanted to understand Where's the fine line between going in depth and evaluating the project versus you know moving to another project because you're not fully Sure. Yeah, great question. Thanks for that question. See there are two parts to this thing Okay, there is something called technical depth. Okay dbt. Okay, which is like, okay You kind of adopt a solution, okay, but assume that okay It is not evolving when I mean evolving. Okay, you're not getting proper security patches. Then you're stuck with that Okay, when a zero-day vulnerability hit, okay, be it okay It might be a non-dependent thing like the log 4j vulnerability bit hit most of their projects So in that thing, okay getting a patch for that particular solution or put that particular Software that you have deployed. Okay, can be a challenge. Okay, and at that time, okay You can't force your developer to kind of Patch that thing. Okay to fix that vulnerability. It becomes like a huge thing. Okay, so just we need to ensure that okay there is a kind of right community base, okay for this thing and At least that should be some kind of updates which has to come at least every quarter So you the moment you see that okay, it is kind of getting delayed or Meaning the last quarter patch is getting delayed to the subsequent quarter. Then these are like warning signs for you Where you need to figure out that okay, why is this community not Completely working meaning what is going wrong here? Okay, like that We need to constantly be in touch and you should also at the same time marry your business requirements So if your business record one kind of changes which requires like different kind of solution then that is also a kind of Hx point for you to decide should I continue with this stream or should I just pivot and change it to a different steam? So it is a function of both business plus the kind of technical roadmap, okay, which is going on and At the end of the day you are in the driver's seat. So you decide okay when to kind of shift gears and change the direction okay, and Meaning you should also own the responsibility. Okay, if something happens so as long as you have that ownership I think things will go fine. So I think just to add to fail fast fit with a mantra The way I look at it Agile kind of adoption only then the adoption will be faster and better One more point is like if you're looking at training or I mean Rayskilling or upskilling your skill set right then there's no limit you can go any depth But when it comes to business like just as I was mentioning then you need to be cautious and then take a call there I have one question right recently mainly for the banking kind of apps and red apps like a sova It's a Trojan recently has been attacked for apps mobile apps Okay, that is mainly because using this open source Right because many people know what exactly is happening from a open source market right like a framework and all To get that out right like water. What is the best security mechanism right like this red hat provides? Mithun right like you can put some points over here. Yeah Yeah, absolutely. So so if I may paraphrase your question again Your question was hey open source projects, you know, they're are they a little more vulnerable because the Codebase is more open and a lot of people know about it. So how do you stay a little ahead of it? Is that is that right? Yeah That's that's a that's an interesting and a good question, right? So the good part is it is open and everybody can can innovate and invent on that The better part I'd say is you know Like every other project right like no matter how if you go down the proprietary lane The proprietary stack path, you know, there are always vulnerabilities there as well right on this case You have a lot more people lot more companies lot more projects focused around, you know looking at it Right, it's not just the bad people but also the good people are looking at it the 83 million developers. They're also looking at it, right? That's why when lock 4j was out. I think CIS big was one of the first companies to roll out You know a zero-day vulnerability patch and that got that and they contributed back upstream To the project and you know, they were able to they were able to curb it, you know Before a lot more damage was done And and so so the point of making is look even even in there There's always going to be a case where you know bad people are a tad bit smarter But then the response time will be you know, you have you have more companies looking at it more companies contributing So, you know your chance of nipping it at the bud would be much higher So there's there's definitely advantages there and with the current CI CD platforms that are going on You know, they're they're also they scan for open source projects that are being used they look at you know We have something called as reddit dependency analytics We look at and we partner with sneak on that right so the vulnerabilities we always keep an eye We always keep those vulnerabilities up to date So at the time, you know at code when you're writing code and when you push it when you push it It already scans it tells you hey, so you're using this project You're using this project here are the vulnerabilities that we found You know, are you addressing that or not if not it's gonna show you that these vulnerabilities are not there And if you haven't checked out, it's a redhead dependency analytics. It's a free product from us Take a look at it. Give it a spin, you know, that's just one of the many solutions that are available out there in the market Dev sec ops. Yes, indeed that was my point, right? So so there is the dev sec ops dev sec and sec ops and dev sec ops So that and there are many products that are coming in there as well and projects So, yeah, that should become part of your internal development life cycle And and you know, so you'll you'll be able to catch catch most of those vulnerabilities there And there's always gonna be look I'm never gonna say that you'll never ever have zero-day vulnerabilities It's always the the thief and the cop game that you got to keep playing So then you are going to see the OS market when all these are coming on proprietary voice more than open source that everybody knows second one so sick to your question. They're like antivirus. There are Security SDKs are available that is May not be open source because we need to pay because like a antivirus signature It every month or every day. It is updating the signature. We need to pay for the signature We can use that to prevent the malware's because We are not updated each time with the malware of which malware is available After getting her mail only or news only we'll come to know so like a antivirus You'll get a SDK to protect your mobile app. We are using that. Yeah, that's where you know your companies like sneak companies like sysdig You know, all of these products are a lot there We are building entire DevSecOps pipeline. Yeah, and we are moving to a shift left So moment a container comes into ecosystem. It doesn't get deployed automatically It goes to a checks and balances and if the checks and balances fail, we reject the container So and so entire pipeline has so the whole thought process to change You know, we need to move from just dumping a jar file into a container into building the whole automated pipeline With the DevSecOps as a first step in that Couple of more points is like I mean adding to the DevSecOps. We have modularity there, right? So it gets arrested there and also I can go into micro segmentation Which definitely will help you to isolate the problems and then take care of the things quickly. I mean with the speed We want to continue with the conversation feel free again if we can give to them Yeah, a token of appreciation that would be great and again a round of applause to all of them Thank you