Joshua Corman, CTO, Sonatype (@joshcorman)
With continuous development, we write less code and consume more re-usable open source code. Innovation is accelerated and so is application complexity.
Complexity is the enemy of quality. Poor quality creates unplanned break-fixes. Break-fixes create a drag on development speed. It’s a continuous loop. What if we could deliver applications on-time (even faster), on-budget (even more efficiently) and with a natural byproduct of less risk?
The good news: other industries have with supply chain management. Applying supply chain approaches to software raises the bar on continuous goals. Get practical tips from the software supply chain playbook to: -Scrutinize the number and quality of your “suppliers” -Manage out avoidable risk and bloat -Improve traceability and visibility -Ensure prompt agile responses when things go wrong
The potential of new legislation with the Cyber Supply Chain Transparency & Remediation Act makes this a particularly important topic for Federal Agencies and the ISVs and SIs who provide software to them. This session will also provide background on this act and provide practical guidance on how respond to and benefit from it.