Breakfast Briefing: Security at the Speed of Development

Wednesday, April 16, 2014
Sheraton Palo Alto, 8:30am – Noon

Sponsored by:

Are your security and risk management practices prepared to scale with your development practices?

With the move towards agile development and continuous delivery – comes a dramatic increase in the use of third party and open source components to fuel innovation and speed development. In fact, Gartner predicts that by 2015 ninety-nine percent of mission critical applications in global 2000 companies will use open source components.

As a result organizations have to rethink their security and risk management strategies to account for these new complexities. Whether you are responsible for Application Development, Application Security or Risk Management this breakfast briefing will open your eyes to new approaches.

Register today for this complimentary breakfast briefing to learn, network and get your questions answered.

SONATYPE CUSTOMERS – Don't miss the Inaugural Bay Area User Group Luncheon for roadmap updates on Nexus and CLM from 12:00 - 1:00.

Count Me In

AGENDA

8:30 – 9:30 am Networking Breakfast  
9:30 – 10:00 am Securing the New Software Supply Chain

Today software runs the things that run our world. Just like automobile manufacturers, software “manufacturers” need to apply supply chain management principles for both efficiency and quality. They need to be prepared to conduct a rapid and comprehensive “recall” when a defect is found. And they need to be able to ensure they are using quality “parts” from the start.

Today’s modern development practices – agile and component-based development - make this challenging to say the least. In this session, Wayne will discuss strategies and best practices to unite your security and development practices in a way that is:
  • Easy for developers and effective throughout the entire software lifecycle
  • Highly accurate and produce evidence that it is working
  • Continuous to address ongoing threats in real-time, ensuring sustaining trust

Wayne Jackson
CEO
Sonatype
10:00 – 10:15 Break  
10:15 – 11:00 On the Road to Security at the Speed of Development

We are excited to have Gil Clark, Software Architect at Intuit, joining us to share his first-hand experiences for how with little effort the Intuit Payments Division is having a big impact on managing the risks associated with use of open source and third-party components in their applications
Gil Clark
Gil Clark
Software Architect
Intuit
11:00 – 11:45 Got Vulnerabilities? You Need Visibility

Let's face it, Web Application security is a complex task and understanding the risk to your web and mobile environments is absolutely critical. Developers and Information Security professionals constantly struggle with the ability to properly assess their applications for vulnerabilities, as well as gain visibility into the open source components being used to add key functionality. This lack of visibility presents several risk factors for the organization – both technical and legal.

During this presentation, we will discuss the Fortify On Demand assessment process and how our integration with Sonatype delivers a new level and depth of visibility to our Customer’s critical software applications.
Andrew Ringlein
Practice Principal
HP Fortify on Demand
11:45 – Noon Open Discussion  
Noon – 1:00 pm Sonatype Bay Area User Group Luncheon
Wayne Jackson, CEO Sonatype

Join us of the inaugural Sonatype Bay Area user group to meet other Sonatype customers and be the first to hear the future product strategy and see the roadmap for Nexus Pro, Nexus Pro CLM Edition and Sonatype Component Lifecycle Management (CLM) to support your ongoing requirements.

Wayne Jackson
CEO
Sonatype


Matthew Barker
Technical Director
Sonatype