Capital One: Open Source in a Regulated Environment



  • Capital One Open Source

    Lessons Learned on Our Open Source Journey at Capital One.

    Most people know Capital One as one of the largest credit card companies in the U.S. Some also know that we’re one of the nation’s largest banks — number 8 in the U.S. by assets. But Capital One is also a technology-focused digital bank that is proud to be disrupting the financial services industrythrough our commitment to cutting edge technologies and innovative digital products. Like all U.S. banks, Capital One operates in a highly regulated environment that prioritizes the protection of our consumers and their financial data. This sets us apart from many companies who don’t operate under the same level of oversight and responsibility.

    Our goal to reimagine banking is attracting amazing engineers that want to be part of the movement to reinvent the financial technology industry. During interviews, they are often surprised to find we want them to use open source project and contribute back to the open source community. Even more are blown away that we sponsor open source projects built by our engineers.

    People expect that kind of behavior at a start-up, not a top bank. There is nothing traditional about Capital One and our approach to technology.

    When we see opportunities, especially in technology, we deliberately pursue them. Our approach to managing technology, guided by general industry regulations and company-specific policies, provide the guardrails for using, contributing to, and launching open source software projects. The Open Source Office adopted a comprehensive risk management approach wherein we have identified clear risk ownership around when to use, contribute to, and launch open source projects.

    Our journey to managing open source risk and implementing this strategic approach followed this trajectory:

    • Engineers wanted to use and contribute to open source projects.
    • Risks were identified, analyzed, and a path to managing them was mapped out with the Open Source Office, Legal, and Security teams.
    • Focus on education, with external partnerships providing guidance (Linux, TODO, etc.).
    • Momentum increased as we matured our internal partnerships with Engineering, Legal, Security, and Audit Teams.
    • Explaining and demonstrating our risk management approach to leaders secured sponsorship and resources.

    Organizing Into an Office

    With strong leadership support, in 2015 we formalized oversight and governance through the creation of Capital One’s Open Source Office (OSO). With strong partnerships in Legal and Security, resources accountable for advising and overseeing open source activities were established within the OSO.

    Through these partnerships, the OSO team manages the company’s open source contributions, including these three crucial pillars:

    • Manage direction — Policy, guidance, and education.
    • Manage connections — Internal and external, as well as partnerships with Legal, Security, and other stakeholders.
    • Manage technologies — Support open source processes and community needs.

    As a horizontal function, OSO manages the direction and risk-based approach Capital One takes with open source. We collaborated to define a corporate level policy for Open Source Software and developed educational materials and videos to guide teams and individual developers on how to manage defined risks. On a daily basis, OSO team members, along with our partners in Legal and Security, work with engineers and data scientists to understand use cases and provide guidance on how to appropriately manage risk.

    In addition to OSO managing internal connections with various teams in Capital One (Engineering, Legal, Trademarks, Security, Brand, Corporate Communications, Risk Management, Audit etc.), we actively manage our relationships with external communities such as the Linux and ApacheFoundations. We are also active members in the Open API Initiative, Cloud Native Computing Foundation (CNCF) and the TODO Group. We are also actively interacting with members of our own open source project communities (e.g. Hygieia and Cloud Custodian).

    Formalizing Guardrails Through a Corporate Policy and Standard

    In 2016, the OSO defined a corporate level Open Source Software Policy and Open Source Software Standard based upon an example from the Linux Foundation. The policy addresses three use cases and calls out the requirements to manage risk when:

    1. Using open source software projects.
    2. Contributing to open source projects.
    3. Sponsoring open source projects

    The policy also formalizes accountabilities for the three main open source stakeholders at Capital One, including:

    1. The developer/engineering community.
    2. Establishes a new strategic partnership between from diverse groups called the Open Source Steering Committee.
    3. Defines the tactical partnership between OSO, Legal, and Security within an Open Source Review Board.

    image alt text

    As we developed this policy and formalized accountabilities, we established the tactical partnership between OSO, Legal, and Security as the OSRB. This tactical team works to guide open source activities with the development community. We also established a strategic leadership committee named the OSS Steering Committee, a group comprised of a dozen leaders who provide strategic direction for the development community.

    Taking it to the Next Level

    As we look ahead in our open source journey, we plan to focus on:

    • Continue to educate our growing technology organization.
    • Strike a balance between managing risks and minimizing development bottlenecks.
    • Further automate license and security scanning and integrate it into our build process.
    • Establish and grow a robust governance function.

    Specifically, in 2018 we’re focusing on education, strengthening awareness in the development community, and establishing our role as an advisor.

    image alt text

    Collaboration among the multiple stakeholders has been key to navigating our open source journey. Capital One is a technology driven company and we are unified across our organization on taking our open source activities to the next level in 2018.

    At the end of the day, we strongly believe in the benefits of involvement in open source projects. By managing the associated risks through policies, standards, and cross-departmental collaboration, the OSO allows Capital One to fully leverage our involvement in this community.

    Acknowledgments

    Thank you to Nadine Hoffman and the Capital One OSPO for contributing this guide based on this original article.

    This article originally appeared on GitHub as part of the TODO Group’s open source program case studies.

    The post Capital One: Open Source in a Regulated Environment appeared first on The Linux Foundation.

    https://www.linuxfoundation.org/blog/capital-one-open-source-in-a-regulated-environment/





Tmux Commands

screen and tmux

A comparison of the features (or more-so just a table of notes for accessing some of those features) for GNU screen and BSD-licensed tmux.

The formatting here is simple enough to understand (I would hope). ^ means ctrl+, so ^x is ctrl+x. M- means meta (generally left-alt or escape)+, so M-x is left-alt+x

It should be noted that this is no where near a full feature-set of either group. This - being a cheat-sheet - is just to point out the most very basic features to get you on the road.

Trust the developers and manpage writers more than me. This document is originally from 2009 when tmux was still new - since then both of these programs have had many updates and features added (not all of which have been dutifully noted here).

Action tmux screen
start a new session tmux OR
tmux new OR
tmux new-session
screen
re-attach a detached session tmux attach OR
tmux attach-session
screen-r
re-attach an attached session (detaching it from elsewhere) tmux attach -d OR
tmux attach-session -d
screen -dr
re-attach an attached session (keeping it attached elsewhere) tmux attach OR
tmux attach-session
screen -x
detach from currently attached session ^b d OR
^b :detach
^a ^d OR
^a :detach
rename-window to newname ^b , <newname> OR
^b :rename-window <newn>
^a A <newname>
list windows ^b w ^a w
list windows in chooseable menu ^a "
go to window # ^b # ^a #
go to last-active window ^b l ^a ^a
go to next window ^b n ^a n
go to previous window ^b p ^a p
see keybindings ^b ? ^a ?
list sessions ^b s OR
tmux ls OR
tmux list-sessions
screen -ls
toggle visual bell ^a ^g
create another window ^b c ^a c
exit current shell/window ^d ^d
split window/pane horizontally ^b " ^a S
split window/pane vertically ^b % ^a |
switch to other pane ^b o ^a <tab>
kill the current pane ^b x OR (logout/^D)
collapse the current pane/split (but leave processes running) ^a X
cycle location of panes ^b ^o
swap current pane with previous ^b {
swap current pane with next ^b }
show time ^b t
show numeric values of panes ^b q
toggle zoom-state of current pane (maximize/return current pane) ^b z
break the current pane out of its window (to form new window) ^b !
re-arrange current panels within same window (different layouts) ^b [space]
Kill the current window (and all panes within) ^b killw [target-window]
  • ?

    Клуб #RAZBOGATEI - ВЫПЛАЧИВАЕТ ИСПРАВНО

    https://razbogatei.com/p/esif22

    НЕ УПУСТИ ШАНС РАЗБОГАТЕТЬ НА 7 000 000 ? СТУДЕНТ ВХОД 100 РУБЛЕЙ ВЫХОД - 699 600 ? СТАЖЁР ВХОД 200 РУБЛЕЙ ВЫХОД - 1 399 200 ? МЕНЕДЖЕР ВХОД 300 РУБЛЕЙ ВЫХОД - 2 098 800 ? ДИРЕКТОР ВХОД 400 РУБЛЕЙ ВЫХОД - 2 798 400 ? НОВЫЙ ТАРИФ “БОСС” ВХОД 1500 РУБЛЕЙ ВЫХОД - 7 000 000 ?

    ПАССИВНЫЙ ЗАРАБОТОК - “приглашать” и пр. никого не надо!!!

    Не Обязательно Быть Умнее Других - Надо Стараться Быть Раньше Многих!!! Проекту ВСЕГО несколько дней! Мы - первые по подключениям!!! Успей вступить в первых рядах на самой верхушке!

    Регистрация, Активация https://razbogatei.com/p/esif22

    #млм #работанадому #бизнесонлайн #зароботоквсети #РЕФЕРАЛЫ

    read more
  • sort -g /var/log/nginx/access.log | awk '{print $1}' | uniq

    read more
});