<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 https://www.facebook.com/tr?id=1127487224079104&amp;ev=PageView&amp;noscript=1 ">

What We Learned from Studying 36,000 OSS Projects | Press Release

Book Signings

Pick up a copy of Epic Failures or Feedback Loops: Voices of All Day DevOps, Volume 1, and get it signed by the authors!
Stop by the Sonatype Booth (#1302) during the following times: 


Epic Failures Book Signing
Wednesday, 8/14/19
12:00 PM - 1:30 PM 

Feedback Loops: Voices of All
Day DevOps, Volume 1 Signing

Wednesday, 8/14/19
 5:30 PM - 7:30 PM 

Add to Calendar

Our Customers Speaking at Jenkins World

Sheshagiri Rao - Headshot-1

Sheshagiri (Giri) Rao
Technical Leader,
Discover Financial Services

OSS for Enterprises: Procure Secure Components Faster with Superior Developer Experience

Wednesday 8/14 | 2:45 PM - 3:30 PM | Room 2002

Open Source is an integral part of Application Development today. Although most of it is good, some are malicious and vulnerable. How do you automatically and contextually enforce policies (Security, License & Architecture) across the entire software development lifecycle and manage risk better without compromising the developer experience?


Mykle Alvis
Array Consulting, LLC

Developing for Deterministic Deliveries

Thursday 8/15 | 11:30 AM - 12:15 PM | Room 2000

The practice of engineering the processes of a development effort are often ad hoc. While that can work well for trivial things, it tends to be under-clubbed for larger efforts. This talk deals with the happy medium, but leaning more towards enterprise efforts and the results that are usually expected. We’ll talk about and demonstrate elements of a consistent build lifecycle, why you need one, and discuss what happens when you don’t.

Who from Sonatype is speaking?

Curtis Yanko-2019

Curtis Yanko
Director Global Alliances

DevSecOps Workshop: Security at a DevOps Speed
Tuesday 8/13 | 8:00 AM - 12:00 PM | Room 3020

Join Curtis Yanko and DJ Schleen for a hands-on workshop, as they share tips and best practices for building better software, faster. Learn how to easily set up a Jenkins pipeline to automatically scan, detect, understand, and remediate known-vulnerable open source components. 

DJ Schleen - Headshot
DJ Schleen
Sr. Technical Ambassador

Diving into a DevSecOps Reference Architecture
Wednesday 8/14 | 10:30 - 10:45 AM | Room 2011

As DevOps practices are maturing rapidly, elite organizations are automating security earlier in the development lifecycle and managing software supply chains as a critical differentiator to their competitors. But, not all DevSecOps practices need to be, or should be, the same. There are many ways to reach the same goal. Understand what tools, communication flows, stakeholders, and policies your peers are using as they implement DevSecOps practices. Attendees will receive a model DevSecOps reference architecture to modify and adjust to their own organization’s requirements.

DJ Schleen - Headshot
DJ Schleen
Sr. Technical Ambassador

Blue is the New Green
Wednesday 8/14 | 1:45 - 2:30 PM  | Room 3014

Blue/Green deployments can reduce downtime and risk when pushing applications to production. Join DJ as he introduces the technique of operating with Blue/Green pipelines, how to use infrastructure as code to create them, experimentation with security toolsets and the architectural concerns that need to be considered when utilizing this approach to reduce the risk of pipeline breaks.

Justin Young - Headshot
Justin Young
Product Owner

Identifying Security Vulnerabilities at Scale: Venture Inside a Jenkins Pipeline
Thursday 8/15 | 1:45 - 2:00 PM | Room 2011

Automatically scan, detect, understand, and remediate known vulnerable open source components in your Jenkins pipeline. Witness a live attack against the Struts2 open source vulnerability (the same one that impacted Equifax). Then see how a DevOps pipeline using Jenkins, Nexus and other popular tools is used to eliminate such vulnerabilities. Justin will also reveal how Sonatype’s Nexus solution can help DevOps teams apply automation to accelerate remediation of open source components that go bad long after they had been deployed into production.

Derek Weeks
Derek Weeks
VP & DevOps Advocate

10 Attributes of the DecSecOps Elite
Thursday 8/15 | 2:45 - 3:45 PM | Room 2008

Come participate in this session where we will share the 10 habits practiced by the DevSecOps Elite that you can then apply to -- or further mature within -- your own organization.  We will also uncover what our analysis revealed about securing CI/CD pipelines, including what popular Jenkins plug-ins are used for security. 


Be our guest at the
DevOps World afterparty!

Tuesday, August 13 2019 | Moscone Center

Join us for DevOps & Hops at the North American DevOps Group's
2nd Annual DevOps World Afterparty following the opening reception.

Register Now

See Us at Other Events