SlideShare a Scribd company logo

Wayne Jackson's Presentation at RSA 2012

Download as PPTX, PDF
Tim O'Brien
Tim O'Brien
TechnologyEducation
1 of 10
From the authors of Maven, Nexus, m2eclipse and other leading technologies. The Sorry State of Application Security Wayne Jackson Chief Executive Officer Used by 80,000 organizations worldwide
Central: Where Open Source Lives Sonatype
Ecosystem Lacks Change Awareness WE DON’T KNOW ABOUT WE CAN BELIEVE IN 14,334 Components Were Updated in 2011 On Average, 400 Updates per Day
Component Dependencies are Complex of modern software 80% is open source. The global 2000 average more than 1,000 unique components per month
Issues are Viral… 1,447 projects contain the flawed component …the Fixes are NOT
Houston, We Have a Problem! • In the Last Year… • 6,982 Organizations • Crypto Library • Level 10 Flaw • 3 Years After Fix
Event-Driven Knowledge Engine License Detail Update Events Knowledge Project Detail Component Detail Consumption Events Consumption Metadata Events Flaw Update Correlation Detail Reason Creation The Central Repository Public & Private Component Usage Events Metadata Resources
Delivering Knowledge. In Context. Sonatype Insight
Sonatype: Transforming Software Integrity Started – Q3 2010 Insight Pre-Launch – Q4 2011 Insight Launch – RSA 2012 Already, more than 300 customers
From the authors of Maven, Nexus, m2eclipse and other leading technologies. Thank You! Used by 80,000 organizations worldwide

Recommended

What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityWhat You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityCloudPassage
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeContrast Security
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Sonatype
 
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014Sonatype
 
DashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentDashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentMatteo Picozzi
 
Event Processing Overview
Event Processing OverviewEvent Processing Overview
Event Processing OverviewClifford Foster
 
Haydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn Shaughnessy
 
Computing for Human Experience and Wellness
Computing for Human Experience and WellnessComputing for Human Experience and Wellness
Computing for Human Experience and WellnessAmit Sheth
 

Recommended

What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityWhat You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityCloudPassage
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeContrast Security
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Sonatype
 
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014Sonatype
 
DashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentDashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentMatteo Picozzi
 
Event Processing Overview
Event Processing OverviewEvent Processing Overview
Event Processing OverviewClifford Foster
 
Haydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn Shaughnessy
 
Computing for Human Experience and Wellness
Computing for Human Experience and WellnessComputing for Human Experience and Wellness
Computing for Human Experience and WellnessAmit Sheth
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsEdward Curry
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesNeil Chue Hong
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...Compuware APM
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Compuware APM
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Opher Etzion
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsSouleiman Hasan
 
Web 2.0
Web 2.0Web 2.0
Web 2.0gypsy
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatasciencelizliddy
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Benjamin Heitmann
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu Global
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetupOKFN-GR
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applicationsruyalarcon
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceBob Rhubart
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcaresetstanford
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesBlueFish
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Intel IT Center
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsDave Kellogg
 
Webinos Project
Webinos ProjectWebinos Project
Webinos ProjectGeorgios Gionis, PhD
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

More Related Content

Similar to Wayne Jackson's Presentation at RSA 2012

Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsEdward Curry
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesNeil Chue Hong
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...Compuware APM
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Compuware APM
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Opher Etzion
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsSouleiman Hasan
 
Web 2.0
Web 2.0Web 2.0
Web 2.0gypsy
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatasciencelizliddy
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Benjamin Heitmann
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu Global
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetupOKFN-GR
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applicationsruyalarcon
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceBob Rhubart
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcaresetstanford
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesBlueFish
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Intel IT Center
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsDave Kellogg
 

Similar to Wayne Jackson's Presentation at RSA 2012 (20)

Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous Events
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositories
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous Events
 
Web 2.0
Web 2.0Web 2.0
Web 2.0
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatascience
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetup
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applications
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle Coherence
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcare
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo Slides
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasets
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile Applications
 
Webinos Project
Webinos ProjectWebinos Project
Webinos Project
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Wayne Jackson's Presentation at RSA 2012

  • 1. From the authors of Maven, Nexus, m2eclipse and other leading technologies. The Sorry State of Application Security Wayne Jackson Chief Executive Officer Used by 80,000 organizations worldwide
  • 2. Central: Where Open Source Lives Sonatype
  • 3. Ecosystem Lacks Change Awareness WE DON’T KNOW ABOUT WE CAN BELIEVE IN 14,334 Components Were Updated in 2011 On Average, 400 Updates per Day
  • 4. Component Dependencies are Complex of modern software 80% is open source. The global 2000 average more than 1,000 unique components per month
  • 5. Issues are Viral… 1,447 projects contain the flawed component …the Fixes are NOT
  • 6. Houston, We Have a Problem! • In the Last Year… • 6,982 Organizations • Crypto Library • Level 10 Flaw • 3 Years After Fix
  • 7. Event-Driven Knowledge Engine License Detail Update Events Knowledge Project Detail Component Detail Consumption Events Consumption Metadata Events Flaw Update Correlation Detail Reason Creation The Central Repository Public & Private Component Usage Events Metadata Resources
  • 8. Delivering Knowledge. In Context. Sonatype Insight
  • 9. Sonatype: Transforming Software Integrity Started – Q3 2010 Insight Pre-Launch – Q4 2011 Insight Launch – RSA 2012 Already, more than 300 customers
  • 10. From the authors of Maven, Nexus, m2eclipse and other leading technologies. Thank You! Used by 80,000 organizations worldwide

Editor's Notes

  1. THAT AWARENESS IS VITAL, IN PART BECAUSE THE OPEN SOURCE ECOSYSTEM HAS NO NOTIFICATIONINFRASTRUCTURE. IMAGINE YOUR DESKTOP WITHOUT AUTO-UPDATE. IMAGINE DIGGING THROUGH THOUSANDS OF WEB SITES, SIFTING THROUGH RELEASE NOTES, SEARCHING FOR SECURITY BULLETINS, TRACKING DOWN CRITICAL FIXES.
  2. AND THE ECOSYSTEM AFFECTED BY THIS CONDITION IS VAST - MORE THAN 80% OF MODERN SOFTWARE IS OPEN SOURCE AND THE TYPICAL ORGANIZATION USES THOUSANDS OF THESE OFTEN COMPLEX COMPONENTS.
  3. THE COMPOUNDING REALITY IS THAT WHEN ISSUES DO ARISE, THE EFFECTS ARE VIRAL, WHILE THE FIXES ARE NOT. FOR EXAMPLE,PATCHING SPRING 2.5.6 DID NOTHING TO FIX THE 1,447 COMPONENTS THAT ITCOMPROMISEDOR THE UNTOLD NUMBERS OF DOWNSTREAMAPPLICATIONS THAT USED THEM.
  4. THE RESULT IS SITUATIONS LIKE THIS... 6,982 ORGANIZATIONS – INCLUDING GLOBAL FINANCIAL INSTITUTIONS AND THE DEPARTMENT OF HOMELAND SECURITY – ARE ACTIVELY USING A THREE YEAR OLD CRYPTO LIBRARY WITH A REMOTELY EXPLOITABLE, BAD AS IT GETS, SECURITY FLAW WITH PUBLISHED EXPLOIT CODE. <PAUSE TO LET THIS SINK IN>
  5. SONATPYE IS FOCUSED OBSESSIVELY ON CREATING ORDER AMIDST THIS CHAOS, DEVELOPING AN EXTRAORDINARY CAPACITY FOR BRIDGING CRITICAL AWARENESS GAPS. FIRST, BUILDING SOPHISTICATED INFRASTRUCTURE FOR MINING VIRTUALLY EVERYTHING KNOWABLE ABOUT A GIVEN SOFTWARE COMPONENT. AND, SECOND…
  6. A PLATFORM FOR DELIVERING KNOWLEDGE DIRECTLY INTO THE TOOLS THAT DEVELOPERS AND DEVELOPMENT MANAGERS USE EVERY DAY. THAT PLATFORM, SONATYPE INSIGHT, ENABLES ORGANIZATIONS TO GOVERN DEVELOPMENT PROCESSES, TO CONTINUOUSLY MONITOR THE HEALTH OF THEIR REPOSITORIES, AND TO RETRIEVE REAL-TIME ALERTS WHEN CRITICAL APPLICATIONS ARE AFFECTED BY NEWLY DISCOVERED THREATS.
  7. SO…TODAY, WE HAVE A VITAL, FRIGHTENINGLY COMPLEX ECOSYSTEM WITH VIRAL ISSUE PROPOGATION AND NO NOTIFICATION INFRASTRUCTURE… TOMORROW, WILL BE A LOT LESS FRIGHTENING. THE LAUNCH OF INSIGHTIS HAPPENING AS WE SPEAK. PRE-LAUNCH ACTIVITIES HAVE GENERATED MORE THAN 300 CUSTOMERS AND OVER THE NEXT FEW MONTHS, WE EXPECT THOUSANDS OF OTHERS TO JOIN THEM. A SIGNIFICANT ADVANCE, WE HOPE, IN THE STATE OF SOFTWARE INTEGRITY AND APPLICATION SECURITY.