The Illusion of Control: Secrets Within Your Java-Based Software Supply Chain
Tuesday, September 15, 2015
You may not realize it, but you have a Java-based software supply chain. There is a massive volume of open source and proprietary components being consumed within your software supply chain at a very high velocity. Within it, a lot of inefficiencies are *hidden* to you and are silently sabotaging your efforts to accelerate development, improve efficiency and maintain quality. During the meeting, I will openly share insight about your use of Java that will change the way you think about everything, and put you leagues ahead of organizations who are still in the dark.
This year, I authored the 2015 State of the Software Supply Chain Report – a quantitative analysis of 160,000 Java-centric development organizations that consumed 17 billion open source and proprietary software components from over 105,000 projects — all hosted on Maven Central. While the average organization consumed 240,000 components in 2014, the study revealed evidence of inefficient software sourcing practices, building in outdated components, and using software with known security vulnerabilities or potentially risky license types by mistake.
Attendees will also learn how organizations like ServiceNow, Blackboard and DHS are applying proven supply chain principles from the manufacturing industry toward improving their Java-centric DevOps and Continuous Delivery practices. Then, I will shed light on pending legislation in the U.S. Congress that may change the way all of us develop software in the future.