Upload File

sonatype's talk from ranger4's the three ways event

21
Introduction to Sonatype Accelerating Software Innovation, Security, Quality and Compliance WaiMan Yau, VP International Ryan Sheldrake, Technical Architect

Upload: ranger4-limited

Post on 13-Jan-2017

37 views

Category:

Technology


2 download

Report

TRANSCRIPT

Page 1: Sonatype's Talk from Ranger4's The Three Ways Event

Introduction to Sonatype Accelerating Software Innovation, Security, Quality and Compliance

WaiMan Yau, VP InternationalRyan Sheldrake, Technical Architect

Page 2: Sonatype's Talk from Ranger4's The Three Ways Event

In the application economy, companies that build great software will own the future…

1990sWaterfall-Native

2000sAgile

2015DevOps-Native

Page 3: Sonatype's Talk from Ranger4's The Three Ways Event

Over €12bn of investment in Fintech Startups in 2015

Page 4: Sonatype's Talk from Ranger4's The Three Ways Event

#devops#continuous

#software-supply-chain

That’s why companies don’t write software any more. They manufacture it...

Page 5: Sonatype's Talk from Ranger4's The Three Ways Event

Utilizing billions of parts from open source communities...

80% to 90% of modern apps consist of assembled

components.

Page 6: Sonatype's Talk from Ranger4's The Three Ways Event

Unfortunately, not all parts are equal...

Some are healthy, some are not…

…and all go bad over time (like milk, not like wine).

Page 7: Sonatype's Talk from Ranger4's The Three Ways Event

Castles (and other Things) are Lurking…

8 years later, vulnerable versions of Bouncy Castle were downloaded…

CVE-2007-6721CVSS Base Score: 10.0 HIGH Impact Subscore: 10.0 Exploitability Subscore: 10.0

2007 2015

5.7M times

Page 8: Sonatype's Talk from Ranger4's The Three Ways Event

Massive volume and variety of parts

…and invisible dependencies.

Page 9: Sonatype's Talk from Ranger4's The Three Ways Event

How big is this problem?

Survey 3,000 organisations25,000 apps

Page 10: Sonatype's Talk from Ranger4's The Three Ways Event

Waterfall-native teams manage their software supply chain manually…

Page 11: Sonatype's Talk from Ranger4's The Three Ways Event

…and waste 30% fixing mistakes that could have been avoided from the start.

Page 12: Sonatype's Talk from Ranger4's The Three Ways Event

€7MEstimated cost to remediate 10% of defects across 2000 applications.

Page 13: Sonatype's Talk from Ranger4's The Three Ways Event

DevOps-native teams automate and manufacture software from gold standard parts…

Page 14: Sonatype's Talk from Ranger4's The Three Ways Event

…and invest 30% more time delivering innovation.

Page 15: Sonatype's Talk from Ranger4's The Three Ways Event

“Open source components underpin all of our mission critical applications – therefore, we must ensure that we are using the highest quality components at every stage of the development cycle.”

Don Duet, Goldman SachsCo-head of Technology - 2016

Page 16: Sonatype's Talk from Ranger4's The Three Ways Event

Imagine if you could make software the same way Toyota makes cars. Automated

quality standards

Automatedcontrols

Dependable Supplier

Relationships

Orderly recalls when

necessaryGreater innovation with lower costs

Five star safety

Page 17: Sonatype's Talk from Ranger4's The Three Ways Event

Like these folks…

Page 18: Sonatype's Talk from Ranger4's The Three Ways Event

Say Hello to Software Supply Chain Automation

BUILDMANAGE RUNCONSUME

Assemble parts and manufacture apps

faster at scale.

Organize, store and distribute highest

quality parts.

Tack precise location of every part with bill

of materials.

Identify and source the best parts from best

suppliers.

Page 19: Sonatype's Talk from Ranger4's The Three Ways Event

BUILDMANAGE RUNCONSUME

Integrated with Your Favorite Tools

Page 20: Sonatype's Talk from Ranger4's The Three Ways Event

THE APPLICATION ECONOMY IS HEREThe way we build software has changed

Page 21: Sonatype's Talk from Ranger4's The Three Ways Event

Time To Talk To The Lord And Follow His Ways

Infographic: Ranger4 2013 DevOps Readiness Survey Results

Social Media : 7 ways to engage talk leaders and readers

Ranger4 DevOps at High Speed Event - Stu Feasey

Two Ways to Talk about Money in Your Congregation

A Ranger4 Guide to Application Performance Management

10 Ways to Think Online First in 2014: #DistilledLive Talk

Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)

25 SIMPLE WAYS TO€¦ · SIMPLE WAYS TO Strengthen Your 25 Confidence. When you strengthen your confidence, ... 25. TALK TO YOURSELF. Use positive self-talk to boost your confidence

Perfection and Progression: Two Complementary Ways to Talk

A Ranger4 ThoughtPaper: DevOps for Finance

Tech Talk: Docker: 3 ways developers and operators are using Docker to reduce friction

Ten Easy Ways to Improve Your Conference Talk

Find new and compelling ways to talk to customers

Of WebSockets, Facebook and the many ways to talk to the ...pugchallenge.org/2012PPT/CometTechniquesPresentation2.key.pdf · Of WebSockets, Facebook and the many ways to talk to

The best ways to Talk to A Separation Attorney

DevOpsGuys / Ranger4 - Stop Thinking About Servers

3 new ways to talk to mum that will make a connection

Atlassian Talk from Ranger4 The Three Ways Event

Winning Ways to Talk with Young Childrensmartcouples.ifas.ufl.edu/media/smartcouplesifasufledu/...Winning Ways to Talk with Young Children 2 Accepting the child, just as he is, makes

Two Ways to Talk about Money in Your Congregation Pastor Chick Lane

Coffee talk 6 ways to grow your business

Ways of Being, Ways of Talk

Learning the ways of the animals TEDxWarsaw 2013 talk · Learning the ways of the animals – TEDxWarsaw 2013 talk What do you see behind me? Most of you would say that it’s a very

9 Ways for US to Talk to Cuba and for Cuba to Talk to US

A Ranger4 ThoughtPaper: DevOps for CIOs

Ranger4 DevOps at High Speed Event - Tom Levey

Find new and compelling ways to talk to and engage your customers

5 Ways to Talk about Risk with Customers

More than baby talk: 10 ways to promote the

neatoday - NEA Home · neatodayProfessional: 7 Ways to Talk to Your Students neatoday Professional 7 Ways to Talk to Your Students

Let's Talk Research 2015 -Diane Roberts - Interactive Ways of Bringing Research to Life

5 WAYS to Title Your Next Talk

How to Talk. Some Simple Ways - JL Austin

Tech talk. 19 beautiful ways to protect bike lanes