SlideShare uma empresa Scribd logo

Integrating Black Duck into your Agile DevOps Environment

Black Duck by Synopsys
Black Duck by Synopsys

Organizations of all sizes using automation and agile methodologies to improve the speed and reliability of their software development initiatives. In this session we will provide an overview and demonstrations of the various ways you can integrate Black Duck Hub with your CI/CD tools to manage open source risks throughout development.

Tecnologia
1 de 21
Baixar para ler offline
Integrating Black Duck in your Agile DevOps Environment Utsav Sanghani Product Manager Black Duck Software
2Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
3Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
4Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC; APPLICATIONS SHIP WITH VULNERABILITIES
5Black Duck Customer Conference Continuous Build & Test Configure & Release Packaging THE PROCESS IS MANUAL & NON LINEAR WITH ADDED TIME IN QUEUE BEFORE RELEASE
How are Companies Managing Open Source Today? Not Well.HOW ARE COMPANIES MANAGING OPEN SOURCE TODAY? NOT WELL. TRACKING VULNERABILITIES • No single responsible entity • Manual effort and labor intensive • Unmanageable (11/day) • Match applications, versions, components, vulnerabilities SPREADSHEET INVENTORY • Depends on developer best effort or memory • Difficult maintenance • Not source of truth MANUAL TABULATION • Architectural Review Board • Occurs at end of SDLC • High effort and low accuracy • No controls VULNERABILITY DETECTION Run monthly/quarterly vulnerability assessment tools (e.g., Nessus, Nexpose) against all applications to identify exploitable instances
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 7Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 8Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 9Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing 3. REDUCED RISK Move checks to the left to facilitate higher remediation time with lower impact Dev Ops
10Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging FEEDBACK A FEEDBACK LINK BETWEEN CI & DEVELOPMENT IS NEEDED TO SHIP COMPLIANT AND SECURE PRODUCTS
BLACK DUCK PROVIDES FEEDBACK: CI/BUILD IS THE PLACE TO PLUG IN AUTOMATED CHECKS (CURRENTLY) 11Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging
WHAT SHOULD YOU ASK YOU BUILD/RELEASE TEAM? 12Black Duck Customer Conference • Does the build contain only approved open source components? • How secure is the build? Does it have any known security vulnerabilities? • Can we add diligence and remain agile? • Where are you deploying the production builds?
13Black Duck Customer Conference JENKINS DEMO (7-10 MINS)
OBTAIN COMPREHENSIVE RESULTS INCLUDING DEPENDENCIES FROM BUILD TOOLS LIKE MAVEN/GRADLE 14Black Duck Customer Conference
MANAGE CORRESPONDING ISSUES USING JIRA 15Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 16Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 17Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 18Black Duck Customer Conference
CONTINUOUS BUILD & INTEGRATION IS THE PLACE TO PLUG IN AUTOMATED CHECKS (2017) 19Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging 1 5 4 3 2
COMPLIANT AND SECURE BUILDS VIA JENKINS: CHECK 20Black Duck Customer Conference ALERT New Vulnerabilities Affecting You IDENTIFTY License Compliance Risks
21Black Duck Customer Conference THANK YOU

Recomendados

MongoDB Advanced Schema Design - Inboxes
MongoDB Advanced Schema Design - InboxesMongoDB Advanced Schema Design - Inboxes
MongoDB Advanced Schema Design - InboxesJared Rosoff
 
Agile-overview: Agile Manifesto, Agile principles and Agile Methodologies
Agile-overview: Agile Manifesto, Agile principles and Agile MethodologiesAgile-overview: Agile Manifesto, Agile principles and Agile Methodologies
Agile-overview: Agile Manifesto, Agile principles and Agile MethodologiesBalaji Sathram
 
Agile software development
Agile software developmentAgile software development
Agile software developmentRajesh Piryani
 
NLIDB(Natural Language Interface to DataBases)
NLIDB(Natural Language Interface to DataBases)NLIDB(Natural Language Interface to DataBases)
NLIDB(Natural Language Interface to DataBases)Swetha Pallati
 
Agile & SCRUM basics
Agile & SCRUM basicsAgile & SCRUM basics
Agile & SCRUM basicsArun R
 
Agile Methodology PPT
Agile Methodology PPTAgile Methodology PPT
Agile Methodology PPTMohit Kumar
 
MongoDB
MongoDBMongoDB
MongoDBAnthony Slabinck
 
A Java Microservices Spring Boot and Docker case study.
A Java Microservices Spring Boot and Docker case study.A Java Microservices Spring Boot and Docker case study.
A Java Microservices Spring Boot and Docker case study.Subramanyam Vemala
 

Recomendados

MongoDB Advanced Schema Design - Inboxes
MongoDB Advanced Schema Design - InboxesMongoDB Advanced Schema Design - Inboxes
MongoDB Advanced Schema Design - InboxesJared Rosoff
 
Agile-overview: Agile Manifesto, Agile principles and Agile Methodologies
Agile-overview: Agile Manifesto, Agile principles and Agile MethodologiesAgile-overview: Agile Manifesto, Agile principles and Agile Methodologies
Agile-overview: Agile Manifesto, Agile principles and Agile MethodologiesBalaji Sathram
 
Agile software development
Agile software developmentAgile software development
Agile software developmentRajesh Piryani
 
NLIDB(Natural Language Interface to DataBases)
NLIDB(Natural Language Interface to DataBases)NLIDB(Natural Language Interface to DataBases)
NLIDB(Natural Language Interface to DataBases)Swetha Pallati
 
Agile & SCRUM basics
Agile & SCRUM basicsAgile & SCRUM basics
Agile & SCRUM basicsArun R
 
Agile Methodology PPT
Agile Methodology PPTAgile Methodology PPT
Agile Methodology PPTMohit Kumar
 
MongoDB
MongoDBMongoDB
MongoDBAnthony Slabinck
 
A Java Microservices Spring Boot and Docker case study.
A Java Microservices Spring Boot and Docker case study.A Java Microservices Spring Boot and Docker case study.
A Java Microservices Spring Boot and Docker case study.Subramanyam Vemala
 
Technology Stack
Technology StackTechnology Stack
Technology StackSV.CO
 
Maven Introduction
Maven IntroductionMaven Introduction
Maven IntroductionSandeep Chawla
 
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVMState: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVMJonas Bonér
 
Scrum methodology
Scrum methodologyScrum methodology
Scrum methodologyHansi Thenuwara
 
Mutiny + quarkus
Mutiny + quarkusMutiny + quarkus
Mutiny + quarkusEdgar Domingues
 
Integrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect FrameworkIntegrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect Frameworkconfluent
 
Agile Methodology in Software Development
Agile Methodology in Software DevelopmentAgile Methodology in Software Development
Agile Methodology in Software DevelopmentRaghav Seth
 
Agile project kick off from the trenches
Agile project kick off from the trenchesAgile project kick off from the trenches
Agile project kick off from the trenchesGeorge Stamos
 
Overview of Agile Methodology
Overview of Agile MethodologyOverview of Agile Methodology
Overview of Agile MethodologyHaresh Karkar
 
Scalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsScalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsJonas Bonér
 
Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2Cloudera, Inc.
 
The Basics of MongoDB
The Basics of MongoDBThe Basics of MongoDB
The Basics of MongoDBvaluebound
 
Agile Scrum Methodology
Agile Scrum MethodologyAgile Scrum Methodology
Agile Scrum MethodologyRajeev Misra
 
Understanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring BootUnderstanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring BootKashif Ali Siddiqui
 
DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素Takahiro YAMADA
 
Microservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویسMicroservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویسAmir Mahjoorian
 
Introduction To Agile
Introduction To AgileIntroduction To Agile
Introduction To AgileKnoldus Inc.
 
Sprint review presentation
Sprint review presentationSprint review presentation
Sprint review presentationBernhardBoennemann
 
[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on KubernetesBruno Borges
 
Deep dive into SoapUI
Deep dive into SoapUIDeep dive into SoapUI
Deep dive into SoapUIAndrey Oleynik
 
Starting and Scaling Devops
Starting and Scaling Devops Starting and Scaling Devops
Starting and Scaling Devops Jules Pierre-Louis
 
Starting and Scaling DevOps
Starting and Scaling DevOpsStarting and Scaling DevOps
Starting and Scaling DevOpsJules Pierre-Louis
 

Mais conteúdo relacionado

Mais procurados

Technology Stack
Technology StackTechnology Stack
Technology StackSV.CO
 
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVMState: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVMJonas Bonér
 
Integrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect FrameworkIntegrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect Frameworkconfluent
 
Agile Methodology in Software Development
Agile Methodology in Software DevelopmentAgile Methodology in Software Development
Agile Methodology in Software DevelopmentRaghav Seth
 
Agile project kick off from the trenches
Agile project kick off from the trenchesAgile project kick off from the trenches
Agile project kick off from the trenchesGeorge Stamos
 
Overview of Agile Methodology
Overview of Agile MethodologyOverview of Agile Methodology
Overview of Agile MethodologyHaresh Karkar
 
Scalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsScalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsJonas Bonér
 
Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2Cloudera, Inc.
 
The Basics of MongoDB
The Basics of MongoDBThe Basics of MongoDB
The Basics of MongoDBvaluebound
 
Agile Scrum Methodology
Agile Scrum MethodologyAgile Scrum Methodology
Agile Scrum MethodologyRajeev Misra
 
Understanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring BootUnderstanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring BootKashif Ali Siddiqui
 
DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素Takahiro YAMADA
 
Microservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویسMicroservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویسAmir Mahjoorian
 
Introduction To Agile
Introduction To AgileIntroduction To Agile
Introduction To AgileKnoldus Inc.
 
[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on KubernetesBruno Borges
 

Mais procurados (20)

Technology Stack
Technology StackTechnology Stack
Technology Stack
 
Maven Introduction
Maven IntroductionMaven Introduction
Maven Introduction
 
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVMState: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
State: You're Doing It Wrong - Alternative Concurrency Paradigms For The JVM
 
Scrum methodology
Scrum methodologyScrum methodology
Scrum methodology
 
Mutiny + quarkus
Mutiny + quarkusMutiny + quarkus
Mutiny + quarkus
 
Integrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect FrameworkIntegrating Apache Kafka and Elastic Using the Connect Framework
Integrating Apache Kafka and Elastic Using the Connect Framework
 
Agile Methodology in Software Development
Agile Methodology in Software DevelopmentAgile Methodology in Software Development
Agile Methodology in Software Development
 
Agile project kick off from the trenches
Agile project kick off from the trenchesAgile project kick off from the trenches
Agile project kick off from the trenches
 
Overview of Agile Methodology
Overview of Agile MethodologyOverview of Agile Methodology
Overview of Agile Methodology
 
Scalability, Availability & Stability Patterns
Scalability, Availability & Stability PatternsScalability, Availability & Stability Patterns
Scalability, Availability & Stability Patterns
 
Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2Introduction to YARN and MapReduce 2
Introduction to YARN and MapReduce 2
 
The Basics of MongoDB
The Basics of MongoDBThe Basics of MongoDB
The Basics of MongoDB
 
Agile Scrum Methodology
Agile Scrum MethodologyAgile Scrum Methodology
Agile Scrum Methodology
 
Understanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring BootUnderstanding MicroSERVICE Architecture with Java & Spring Boot
Understanding MicroSERVICE Architecture with Java & Spring Boot
 
DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素DB設計でこだわりたい三つの要素
DB設計でこだわりたい三つの要素
 
Microservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویسMicroservice architecture - معماری مایکروسرویس
Microservice architecture - معماری مایکروسرویس
 
Introduction To Agile
Introduction To AgileIntroduction To Agile
Introduction To Agile
 
Sprint review presentation
Sprint review presentationSprint review presentation
Sprint review presentation
 
[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes
 
Deep dive into SoapUI
Deep dive into SoapUIDeep dive into SoapUI
Deep dive into SoapUI
 

Semelhante a Integrating Black Duck into your Agile DevOps Environment

ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTIndium Software
 
From Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsFrom Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsLuca Minudel
 
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMAMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMMatt Wright
 
TMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasTMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasKJR
 
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Simon Storm
 
Harman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationHarman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationXebia India
 
Agile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAgile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAdam Stephensen
 
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs
 
Dev ops culture and practices
Dev ops culture and practicesDev ops culture and practices
Dev ops culture and practicesAnkaraCloud
 
Things To Unlearn In Software Development
Things To Unlearn In Software DevelopmentThings To Unlearn In Software Development
Things To Unlearn In Software DevelopmentAlexey Krivitsky
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinarAlgoSec
 
Software Testing - Online Guide
Software Testing - Online GuideSoftware Testing - Online Guide
Software Testing - Online Guidebigspire
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesCollabNet
 
Leading the Transformation
Leading the TransformationLeading the Transformation
Leading the TransformationXebiaLabs
 
Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Jean-Philippe Briend
 
Release Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRelease Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRainya Mosher
 
Starting the DevOps Train
Starting the DevOps TrainStarting the DevOps Train
Starting the DevOps TrainCisco DevNet
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Eturnti Consulting Pvt Ltd
 

Semelhante a Integrating Black Duck into your Agile DevOps Environment (20)

Starting and Scaling Devops
Starting and Scaling Devops Starting and Scaling Devops
Starting and Scaling Devops
 
Starting and Scaling DevOps
Starting and Scaling DevOpsStarting and Scaling DevOps
Starting and Scaling DevOps
 
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
 
From Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsFrom Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOps
 
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMAMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
 
TMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasTMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael Palotas
 
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
 
Harman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationHarman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformation
 
Agile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAgile & DevOps - It's all about project success
Agile & DevOps - It's all about project success
 
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
 
Dev ops culture and practices
Dev ops culture and practicesDev ops culture and practices
Dev ops culture and practices
 
Things To Unlearn In Software Development
Things To Unlearn In Software DevelopmentThings To Unlearn In Software Development
Things To Unlearn In Software Development
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar
 
Software Testing - Online Guide
Software Testing - Online GuideSoftware Testing - Online Guide
Software Testing - Online Guide
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering Practices
 
Leading the Transformation
Leading the TransformationLeading the Transformation
Leading the Transformation
 
Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?
 
Release Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRelease Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack Project
 
Starting the DevOps Train
Starting the DevOps TrainStarting the DevOps Train
Starting the DevOps Train
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....
 

Mais de Black Duck by Synopsys

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubFLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubBlack Duck by Synopsys
 
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...Black Duck by Synopsys
 
Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideBlack Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub Black Duck by Synopsys
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Black Duck by Synopsys
 
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Black Duck by Synopsys
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Black Duck by Synopsys
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Black Duck by Synopsys
 
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Black Duck by Synopsys
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Black Duck by Synopsys
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsBlack Duck by Synopsys
 

Mais de Black Duck by Synopsys (20)

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
 
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
 
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubFLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
 
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
 
Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
 
FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
 
Open Source Rookies and Community
Open Source Rookies and CommunityOpen Source Rookies and Community
Open Source Rookies and Community
 
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
 
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
 

Último

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Último (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Integrating Black Duck into your Agile DevOps Environment

  • 1. Integrating Black Duck in your Agile DevOps Environment Utsav Sanghani Product Manager Black Duck Software
  • 2. 2Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
  • 3. 3Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
  • 4. 4Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC; APPLICATIONS SHIP WITH VULNERABILITIES
  • 5. 5Black Duck Customer Conference Continuous Build & Test Configure & Release Packaging THE PROCESS IS MANUAL & NON LINEAR WITH ADDED TIME IN QUEUE BEFORE RELEASE
  • 6. How are Companies Managing Open Source Today? Not Well.HOW ARE COMPANIES MANAGING OPEN SOURCE TODAY? NOT WELL. TRACKING VULNERABILITIES • No single responsible entity • Manual effort and labor intensive • Unmanageable (11/day) • Match applications, versions, components, vulnerabilities SPREADSHEET INVENTORY • Depends on developer best effort or memory • Difficult maintenance • Not source of truth MANUAL TABULATION • Architectural Review Board • Occurs at end of SDLC • High effort and low accuracy • No controls VULNERABILITY DETECTION Run monthly/quarterly vulnerability assessment tools (e.g., Nessus, Nexpose) against all applications to identify exploitable instances
  • 7. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 7Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs
  • 8. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 8Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing
  • 9. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 9Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing 3. REDUCED RISK Move checks to the left to facilitate higher remediation time with lower impact Dev Ops
  • 10. 10Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging FEEDBACK A FEEDBACK LINK BETWEEN CI & DEVELOPMENT IS NEEDED TO SHIP COMPLIANT AND SECURE PRODUCTS
  • 11. BLACK DUCK PROVIDES FEEDBACK: CI/BUILD IS THE PLACE TO PLUG IN AUTOMATED CHECKS (CURRENTLY) 11Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging
  • 12. WHAT SHOULD YOU ASK YOU BUILD/RELEASE TEAM? 12Black Duck Customer Conference • Does the build contain only approved open source components? • How secure is the build? Does it have any known security vulnerabilities? • Can we add diligence and remain agile? • Where are you deploying the production builds?
  • 13. 13Black Duck Customer Conference JENKINS DEMO (7-10 MINS)
  • 14. OBTAIN COMPREHENSIVE RESULTS INCLUDING DEPENDENCIES FROM BUILD TOOLS LIKE MAVEN/GRADLE 14Black Duck Customer Conference
  • 15. MANAGE CORRESPONDING ISSUES USING JIRA 15Black Duck Customer Conference
  • 16. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 16Black Duck Customer Conference
  • 17. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 17Black Duck Customer Conference
  • 18. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 18Black Duck Customer Conference
  • 19. CONTINUOUS BUILD & INTEGRATION IS THE PLACE TO PLUG IN AUTOMATED CHECKS (2017) 19Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging 1 5 4 3 2
  • 20. COMPLIANT AND SECURE BUILDS VIA JENKINS: CHECK 20Black Duck Customer Conference ALERT New Vulnerabilities Affecting You IDENTIFTY License Compliance Risks
  • 21. 21Black Duck Customer Conference THANK YOU