Session Name: For Better Security, Stop Wasting Developer Time
The current economic climate has the entire industry asking, how can we save time and money? For any organization focused on software, that question translates to - how can we reduce technical debt and developer waste? In this talk, I will present results from the latest Sonatype State of the Software Supply Chain report, which, simply put, answers this question. Hint - it’s not just the introduction of AI. By exploring open source consumption behavior, we see development practices are still widely inconsistent - ultimately creating more risk, unproductive developers, and loss of time and money. I’ll provide an update on open source usage and best security practices based on a year’s worth of data from Maven Central and hundreds of survey responses - and what we can all learn from stopping unnecessary waste in our development practices.
Speaker Bio:
Dr. Stephen Magill was the CEO and co-founder of MuseDev and is now VP of Product Innovation at Sonatype. He has spent his career developing tools to help developers identify errors, gauge code quality, and detect security issues. Stephen has led multiple large-scale research initiatives including DARPA projects on privacy, security, and code quality. He also served as research lead for the 2020 and 2021 State of the Software Supply Chain reports. Dr. Magill earned his Ph.D. in CS from Carnegie Mellon University and his BS from the University of Tulsa. He is a member of the University of Tulsa Industry Advisory Board and has served on numerous program committees and funding panels.