sonatype's talk from ranger4's the three ways event

Report

Post on 13-Jan-2017

37 Views

Category:

Technology

2 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Introduction to Sonatype Accelerating Software Innovation, Security, Quality and Compliance

WaiMan Yau, VP InternationalRyan Sheldrake, Technical Architect

In the application economy, companies that build great software will own the future…

1990sWaterfall-Native

2000sAgile

2015DevOps-Native

Over €12bn of investment in Fintech Startups in 2015

#devops#continuous

#software-supply-chain

That’s why companies don’t write software any more. They manufacture it...

Utilizing billions of parts from open source communities...

80% to 90% of modern apps consist of assembled

components.

Unfortunately, not all parts are equal...

Some are healthy, some are not…

…and all go bad over time (like milk, not like wine).

Castles (and other Things) are Lurking…

8 years later, vulnerable versions of Bouncy Castle were downloaded…

CVE-2007-6721CVSS Base Score: 10.0 HIGH Impact Subscore: 10.0 Exploitability Subscore: 10.0

2007 2015

5.7M times

Massive volume and variety of parts

…and invisible dependencies.

How big is this problem?

Survey 3,000 organisations25,000 apps

Waterfall-native teams manage their software supply chain manually…

…and waste 30% fixing mistakes that could have been avoided from the start.

€7MEstimated cost to remediate 10% of defects across 2000 applications.

DevOps-native teams automate and manufacture software from gold standard parts…

…and invest 30% more time delivering innovation.

“Open source components underpin all of our mission critical applications – therefore, we must ensure that we are using the highest quality components at every stage of the development cycle.”

Don Duet, Goldman SachsCo-head of Technology - 2016

Imagine if you could make software the same way Toyota makes cars. Automated

quality standards

Automatedcontrols

Dependable Supplier

Relationships

Orderly recalls when

necessaryGreater innovation with lower costs

Five star safety

Like these folks…

Say Hello to Software Supply Chain Automation

BUILDMANAGE RUNCONSUME

Assemble parts and manufacture apps

faster at scale.

Organize, store and distribute highest

quality parts.

Tack precise location of every part with bill

of materials.

Identify and source the best parts from best

suppliers.

BUILDMANAGE RUNCONSUME

Integrated with Your Favorite Tools

THE APPLICATION ECONOMY IS HEREThe way we build software has changed

top related

learning the ways of the animals tedxwarsaw 2013 talk ·...
Documents
two ways to talk about money in your congregation pastor...
Documents
winning ways to talk with young...
Documents
results of the ranger4 2013 devops readiness survey
Technology
six ways to get people to talk about your museum
Education
how to talk. some simple ways - jl austin
Documents
rachel hawkes ways to generate confident communication and...
Documents
ten easy ways to improve your conference talk
Presentations & Public Speaking
tech talk: docker: 3 ways developers and operators are using...
Technology
find new and compelling ways to talk to and engage your...
Documents
neatoday - nea home · neatodayprofessional: 7 ways to talk...
Documents
a ranger4 thoughtpaper: devops for finance
Technology
top ten ways to shockproof your use of social media...
Technology
10 ways to think online first in 2014: #distilledlive talk
Social Media
5 ways to talk about risk with customers
Business
find new and compelling ways to talk to customers
Design
a ranger4 guide to application performance management
Technology
tech talk. 19 beautiful ways to protect bike lanes
Lifestyle
25 simple ways to€¦ · simple ways to strengthen your 25...
Documents
winning ways to talk with young...
Documents