SlideShare a Scribd company logo

Wayne Jackson's Presentation at RSA 2012

Download as PPTX, PDF
Tim O'Brien
Tim O'Brien
TechnologyEducation
1 of 10
From the authors of Maven, Nexus, m2eclipse and other leading technologies. The Sorry State of Application Security Wayne Jackson Chief Executive Officer Used by 80,000 organizations worldwide
Central: Where Open Source Lives Sonatype
Ecosystem Lacks Change Awareness WE DON’T KNOW ABOUT WE CAN BELIEVE IN 14,334 Components Were Updated in 2011 On Average, 400 Updates per Day
Component Dependencies are Complex of modern software 80% is open source. The global 2000 average more than 1,000 unique components per month
Issues are Viral… 1,447 projects contain the flawed component …the Fixes are NOT
Houston, We Have a Problem! • In the Last Year… • 6,982 Organizations • Crypto Library • Level 10 Flaw • 3 Years After Fix
Event-Driven Knowledge Engine License Detail Update Events Knowledge Project Detail Component Detail Consumption Events Consumption Metadata Events Flaw Update Correlation Detail Reason Creation The Central Repository Public & Private Component Usage Events Metadata Resources
Delivering Knowledge. In Context. Sonatype Insight
Sonatype: Transforming Software Integrity Started – Q3 2010 Insight Pre-Launch – Q4 2011 Insight Launch – RSA 2012 Already, more than 300 customers
From the authors of Maven, Nexus, m2eclipse and other leading technologies. Thank You! Used by 80,000 organizations worldwide

Recommended

What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityWhat You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityCloudPassage
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeContrast Security
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Sonatype
 
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014Sonatype
 
DashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentDashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentMatteo Picozzi
 
Event Processing Overview
Event Processing OverviewEvent Processing Overview
Event Processing OverviewClifford Foster
 
Haydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn Shaughnessy
 
Computing for Human Experience and Wellness
Computing for Human Experience and WellnessComputing for Human Experience and Wellness
Computing for Human Experience and WellnessAmit Sheth
 

Recommended

What You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityWhat You Haven't Heard (Yet) About Cloud Security
What You Haven't Heard (Yet) About Cloud SecurityCloudPassage
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeContrast Security
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Sonatype
 
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014
"Wait, Wait! Don't pwn Me!"- AppSec Europe 2014Sonatype
 
DashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentDashMash: a Mashup Environment for End User Development
DashMash: a Mashup Environment for End User DevelopmentMatteo Picozzi
 
Event Processing Overview
Event Processing OverviewEvent Processing Overview
Event Processing OverviewClifford Foster
 
Haydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn shaughnessy on banks and ecosystems
Haydn shaughnessy on banks and ecosystemsHaydn Shaughnessy
 
Computing for Human Experience and Wellness
Computing for Human Experience and WellnessComputing for Human Experience and Wellness
Computing for Human Experience and WellnessAmit Sheth
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsEdward Curry
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesNeil Chue Hong
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...Compuware APM
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Compuware APM
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Opher Etzion
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsSouleiman Hasan
 
Web 2.0
Web 2.0Web 2.0
Web 2.0gypsy
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatasciencelizliddy
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Benjamin Heitmann
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu Global
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetupOKFN-GR
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applicationsruyalarcon
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceBob Rhubart
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcaresetstanford
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesBlueFish
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Intel IT Center
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsDave Kellogg
 
Webinos Project
Webinos ProjectWebinos Project
Webinos ProjectGeorgios Gionis, PhD
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

More Related Content

Similar to Wayne Jackson's Presentation at RSA 2012

Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsEdward Curry
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesNeil Chue Hong
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...Compuware APM
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Compuware APM
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Opher Etzion
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsSouleiman Hasan
 
Web 2.0
Web 2.0Web 2.0
Web 2.0gypsy
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceBob Rhubart
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatasciencelizliddy
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Benjamin Heitmann
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu Global
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetupOKFN-GR
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applicationsruyalarcon
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceBob Rhubart
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcaresetstanford
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesBlueFish
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTERN Australia
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Intel IT Center
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsDave Kellogg
 

Similar to Wayne Jackson's Presentation at RSA 2012 (20)

Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous Events
 
Where does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositoriesWhere does it go from here? The role of software in digital repositories
Where does it go from here? The role of software in digital repositories
 
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
5 IT Trends That Reduce Cost And Improve Web Performance - A Forrester and Go...
 
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
Managing Complexity Across Today’s Application Delivery Chain:Six key indicat...
 
Debs Presentation 2009 July62009
Debs Presentation 2009 July62009Debs Presentation 2009 July62009
Debs Presentation 2009 July62009
 
Approximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous EventsApproximate Semantic Matching of Heterogeneous Events
Approximate Semantic Matching of Heterogeneous Events
 
Web 2.0
Web 2.0Web 2.0
Web 2.0
 
Innovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle CoherenceInnovations in Grid Computing with Oracle Coherence
Innovations in Grid Computing with Oracle Coherence
 
Jeff's what isdatascience
Jeff's what isdatascienceJeff's what isdatascience
Jeff's what isdatascience
 
Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...Transitioning web application frameworks towards the Semantic Web (master the...
Transitioning web application frameworks towards the Semantic Web (master the...
 
Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012 Fujitsu keynote at Oracle OpenWorld 2012
Fujitsu keynote at Oracle OpenWorld 2012
 
Soeren okfn greece meetup
Soeren okfn greece meetupSoeren okfn greece meetup
Soeren okfn greece meetup
 
A Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise ApplicationsA Resource Oriented Framework for Context-Aware Enterprise Applications
A Resource Oriented Framework for Context-Aware Enterprise Applications
 
Innovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle CoherenceInnovations in Data Grid Technology with Oracle Coherence
Innovations in Data Grid Technology with Oracle Coherence
 
Leadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in HealthcareLeadership Symposium on Digital Media in Healthcare
Leadership Symposium on Digital Media in Healthcare
 
Emc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo SlidesEmc World Evergreen Preso 5 16 07 With Demo Slides
Emc World Evergreen Preso 5 16 07 With Demo Slides
 
Tim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasetsTim Malthus_Towards standards for the exchange of field spectral datasets
Tim Malthus_Towards standards for the exchange of field spectral datasets
 
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
Driving Towards Cloud 2015: A Technology Vision to Meet the Demands of Cloud ...
 
Building Task-Aware Mobile Applications
Building Task-Aware Mobile ApplicationsBuilding Task-Aware Mobile Applications
Building Task-Aware Mobile Applications
 
Webinos Project
Webinos ProjectWebinos Project
Webinos Project
 

Recently uploaded

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Wayne Jackson's Presentation at RSA 2012

  • 1. From the authors of Maven, Nexus, m2eclipse and other leading technologies. The Sorry State of Application Security Wayne Jackson Chief Executive Officer Used by 80,000 organizations worldwide
  • 2. Central: Where Open Source Lives Sonatype
  • 3. Ecosystem Lacks Change Awareness WE DON’T KNOW ABOUT WE CAN BELIEVE IN 14,334 Components Were Updated in 2011 On Average, 400 Updates per Day
  • 4. Component Dependencies are Complex of modern software 80% is open source. The global 2000 average more than 1,000 unique components per month
  • 5. Issues are Viral… 1,447 projects contain the flawed component …the Fixes are NOT
  • 6. Houston, We Have a Problem! • In the Last Year… • 6,982 Organizations • Crypto Library • Level 10 Flaw • 3 Years After Fix
  • 7. Event-Driven Knowledge Engine License Detail Update Events Knowledge Project Detail Component Detail Consumption Events Consumption Metadata Events Flaw Update Correlation Detail Reason Creation The Central Repository Public & Private Component Usage Events Metadata Resources
  • 8. Delivering Knowledge. In Context. Sonatype Insight
  • 9. Sonatype: Transforming Software Integrity Started – Q3 2010 Insight Pre-Launch – Q4 2011 Insight Launch – RSA 2012 Already, more than 300 customers
  • 10. From the authors of Maven, Nexus, m2eclipse and other leading technologies. Thank You! Used by 80,000 organizations worldwide

Editor's Notes

  1. THAT AWARENESS IS VITAL, IN PART BECAUSE THE OPEN SOURCE ECOSYSTEM HAS NO NOTIFICATIONINFRASTRUCTURE. IMAGINE YOUR DESKTOP WITHOUT AUTO-UPDATE. IMAGINE DIGGING THROUGH THOUSANDS OF WEB SITES, SIFTING THROUGH RELEASE NOTES, SEARCHING FOR SECURITY BULLETINS, TRACKING DOWN CRITICAL FIXES.
  2. AND THE ECOSYSTEM AFFECTED BY THIS CONDITION IS VAST - MORE THAN 80% OF MODERN SOFTWARE IS OPEN SOURCE AND THE TYPICAL ORGANIZATION USES THOUSANDS OF THESE OFTEN COMPLEX COMPONENTS.
  3. THE COMPOUNDING REALITY IS THAT WHEN ISSUES DO ARISE, THE EFFECTS ARE VIRAL, WHILE THE FIXES ARE NOT. FOR EXAMPLE,PATCHING SPRING 2.5.6 DID NOTHING TO FIX THE 1,447 COMPONENTS THAT ITCOMPROMISEDOR THE UNTOLD NUMBERS OF DOWNSTREAMAPPLICATIONS THAT USED THEM.
  4. THE RESULT IS SITUATIONS LIKE THIS... 6,982 ORGANIZATIONS – INCLUDING GLOBAL FINANCIAL INSTITUTIONS AND THE DEPARTMENT OF HOMELAND SECURITY – ARE ACTIVELY USING A THREE YEAR OLD CRYPTO LIBRARY WITH A REMOTELY EXPLOITABLE, BAD AS IT GETS, SECURITY FLAW WITH PUBLISHED EXPLOIT CODE. <PAUSE TO LET THIS SINK IN>
  5. SONATPYE IS FOCUSED OBSESSIVELY ON CREATING ORDER AMIDST THIS CHAOS, DEVELOPING AN EXTRAORDINARY CAPACITY FOR BRIDGING CRITICAL AWARENESS GAPS. FIRST, BUILDING SOPHISTICATED INFRASTRUCTURE FOR MINING VIRTUALLY EVERYTHING KNOWABLE ABOUT A GIVEN SOFTWARE COMPONENT. AND, SECOND…
  6. A PLATFORM FOR DELIVERING KNOWLEDGE DIRECTLY INTO THE TOOLS THAT DEVELOPERS AND DEVELOPMENT MANAGERS USE EVERY DAY. THAT PLATFORM, SONATYPE INSIGHT, ENABLES ORGANIZATIONS TO GOVERN DEVELOPMENT PROCESSES, TO CONTINUOUSLY MONITOR THE HEALTH OF THEIR REPOSITORIES, AND TO RETRIEVE REAL-TIME ALERTS WHEN CRITICAL APPLICATIONS ARE AFFECTED BY NEWLY DISCOVERED THREATS.
  7. SO…TODAY, WE HAVE A VITAL, FRIGHTENINGLY COMPLEX ECOSYSTEM WITH VIRAL ISSUE PROPOGATION AND NO NOTIFICATION INFRASTRUCTURE… TOMORROW, WILL BE A LOT LESS FRIGHTENING. THE LAUNCH OF INSIGHTIS HAPPENING AS WE SPEAK. PRE-LAUNCH ACTIVITIES HAVE GENERATED MORE THAN 300 CUSTOMERS AND OVER THE NEXT FEW MONTHS, WE EXPECT THOUSANDS OF OTHERS TO JOIN THEM. A SIGNIFICANT ADVANCE, WE HOPE, IN THE STATE OF SOFTWARE INTEGRITY AND APPLICATION SECURITY.