wayne jackson's presentation at rsa 2012
Post on 26-May-2015
1.031 Views
Preview:
TRANSCRIPT
Wayne JacksonChief Executive Officer
From the authors of Maven, Nexus, m2eclipse and other leading technologies.
The Sorry State of Application Security
Used by 80,000 organizations worldwide
Sonatype
Central: Where Open Source Lives
14,334 Components Were Updated in 2011
WE CAN BELIEVE INWE DON’T KNOW ABOUT
Ecosystem Lacks Change Awareness
On Average, 400 Updates per Day
Component Dependencies are Complex
of modern software is open source.
The global 2000 average more than 1,000 unique components per month
80%
…the Fixes are NOT
1,447projects contain theflawed component
Issues are Viral…
• In the Last Year…
• 6,982 Organizations
• Crypto Library
• Level 10 Flaw
• 3 Years After Fix
Houston, We Have a Problem!
Usage Events
Event-Driven Knowledge Engine
The Central RepositoryPublic & Private Component
Metadata Resources
Update EventsConsumption Events Metadata EventsConsumption
CorrelationCreation
ComponentDetail
LicenseDetail
ProjectDetail
UpdateReason
FlawDetail
Knowledge
Sonatype Insight
Delivering Knowledge. In Context.
Started – Q3 2010
Insight Pre-Launch – Q4 2011
Insight Launch – RSA 2012
Sonatype: Transforming Software Integrity
Already, more than 300 customers
From the authors of Maven, Nexus, m2eclipse and other leading technologies.
Thank You!
Used by 80,000 organizations worldwide
top related