SlideShare a Scribd company logo

Integrating Black Duck into your Agile DevOps Environment

Black Duck by Synopsys
Black Duck by Synopsys

Organizations of all sizes using automation and agile methodologies to improve the speed and reliability of their software development initiatives. In this session we will provide an overview and demonstrations of the various ways you can integrate Black Duck Hub with your CI/CD tools to manage open source risks throughout development.

Technology
1 of 21
Download to read offline
Integrating Black Duck in your Agile DevOps Environment Utsav Sanghani Product Manager Black Duck Software
2Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
3Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
4Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC; APPLICATIONS SHIP WITH VULNERABILITIES
5Black Duck Customer Conference Continuous Build & Test Configure & Release Packaging THE PROCESS IS MANUAL & NON LINEAR WITH ADDED TIME IN QUEUE BEFORE RELEASE
How are Companies Managing Open Source Today? Not Well.HOW ARE COMPANIES MANAGING OPEN SOURCE TODAY? NOT WELL. TRACKING VULNERABILITIES • No single responsible entity • Manual effort and labor intensive • Unmanageable (11/day) • Match applications, versions, components, vulnerabilities SPREADSHEET INVENTORY • Depends on developer best effort or memory • Difficult maintenance • Not source of truth MANUAL TABULATION • Architectural Review Board • Occurs at end of SDLC • High effort and low accuracy • No controls VULNERABILITY DETECTION Run monthly/quarterly vulnerability assessment tools (e.g., Nessus, Nexpose) against all applications to identify exploitable instances
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 7Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 8Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing
IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 9Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing 3. REDUCED RISK Move checks to the left to facilitate higher remediation time with lower impact Dev Ops
10Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging FEEDBACK A FEEDBACK LINK BETWEEN CI & DEVELOPMENT IS NEEDED TO SHIP COMPLIANT AND SECURE PRODUCTS
BLACK DUCK PROVIDES FEEDBACK: CI/BUILD IS THE PLACE TO PLUG IN AUTOMATED CHECKS (CURRENTLY) 11Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging
WHAT SHOULD YOU ASK YOU BUILD/RELEASE TEAM? 12Black Duck Customer Conference • Does the build contain only approved open source components? • How secure is the build? Does it have any known security vulnerabilities? • Can we add diligence and remain agile? • Where are you deploying the production builds?
13Black Duck Customer Conference JENKINS DEMO (7-10 MINS)
OBTAIN COMPREHENSIVE RESULTS INCLUDING DEPENDENCIES FROM BUILD TOOLS LIKE MAVEN/GRADLE 14Black Duck Customer Conference
MANAGE CORRESPONDING ISSUES USING JIRA 15Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 16Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 17Black Duck Customer Conference
MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 18Black Duck Customer Conference
CONTINUOUS BUILD & INTEGRATION IS THE PLACE TO PLUG IN AUTOMATED CHECKS (2017) 19Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging 1 5 4 3 2
COMPLIANT AND SECURE BUILDS VIA JENKINS: CHECK 20Black Duck Customer Conference ALERT New Vulnerabilities Affecting You IDENTIFTY License Compliance Risks
21Black Duck Customer Conference THANK YOU

Recommended

Shift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBMShift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBMIBM UrbanCode Products
 
Shift left - find defects earlier through automated test and deployment
Shift left - find defects earlier through automated test and deploymentShift left - find defects earlier through automated test and deployment
Shift left - find defects earlier through automated test and deploymentClaudia Ring
 
Tcoe team
Tcoe teamTcoe team
Tcoe teamAnkita Mohanty
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suitejeff cheng
 
DevOps - A Gentle Introduction
DevOps - A Gentle IntroductionDevOps - A Gentle Introduction
DevOps - A Gentle IntroductionGanesh Samarthyam
 
Agile Testing: The Role Of The Agile Tester
Agile Testing: The Role Of The Agile TesterAgile Testing: The Role Of The Agile Tester
Agile Testing: The Role Of The Agile TesterDeclan Whelan
 
Four pillars of DevOps - John Shaw - Agile Cambridge 2014
Four pillars of DevOps - John Shaw - Agile Cambridge 2014Four pillars of DevOps - John Shaw - Agile Cambridge 2014
Four pillars of DevOps - John Shaw - Agile Cambridge 2014johnfcshaw
 
Devops
DevopsDevops
DevopsDaniel Fikre
 

Recommended

Shift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBMShift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBMIBM UrbanCode Products
 
Shift left - find defects earlier through automated test and deployment
Shift left - find defects earlier through automated test and deploymentShift left - find defects earlier through automated test and deployment
Shift left - find defects earlier through automated test and deploymentClaudia Ring
 
Tcoe team
Tcoe teamTcoe team
Tcoe teamAnkita Mohanty
 
BlackDuck Suite
BlackDuck SuiteBlackDuck Suite
BlackDuck Suitejeff cheng
 
DevOps - A Gentle Introduction
DevOps - A Gentle IntroductionDevOps - A Gentle Introduction
DevOps - A Gentle IntroductionGanesh Samarthyam
 
Agile Testing: The Role Of The Agile Tester
Agile Testing: The Role Of The Agile TesterAgile Testing: The Role Of The Agile Tester
Agile Testing: The Role Of The Agile TesterDeclan Whelan
 
Four pillars of DevOps - John Shaw - Agile Cambridge 2014
Four pillars of DevOps - John Shaw - Agile Cambridge 2014Four pillars of DevOps - John Shaw - Agile Cambridge 2014
Four pillars of DevOps - John Shaw - Agile Cambridge 2014johnfcshaw
 
Devops
DevopsDevops
DevopsDaniel Fikre
 
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Edureka!
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptxSatwik Bhupathi Raju
 
BizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at ScaleBizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at ScaleQASymphony
 
Tour of Azure DevOps
Tour of Azure DevOpsTour of Azure DevOps
Tour of Azure DevOpsCallon Campbell
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | EdurekaEdureka!
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and AlertingKhairul Zebua
 
What is Shift Left Testing.pdf
What is Shift Left Testing.pdfWhat is Shift Left Testing.pdf
What is Shift Left Testing.pdfTestbytes
 
Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.Worksoft
 
Azure DevOps AI
Azure DevOps AIAzure DevOps AI
Azure DevOps AIAayushAayush16
 
End to end testing - strategies
End to end testing - strategiesEnd to end testing - strategies
End to end testing - strategiesanuvip
 
Chris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing workChris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing workChris O'Brien
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...Simplilearn
 
Azure devops
Azure devopsAzure devops
Azure devopsMohit Chhabra
 
Testing Centralization
Testing CentralizationTesting Centralization
Testing CentralizationCognizant
 
DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)Brad Appleton
 
DevOps 101
DevOps 101DevOps 101
DevOps 101Ernest Mueller
 
Complete guide to manual testing@uma
Complete guide to manual testing@umaComplete guide to manual testing@uma
Complete guide to manual testing@umaUma Sapireddy
 
Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)Randal Schwartz
 
Getting Started with Azure DevOps
Getting Started with Azure DevOpsGetting Started with Azure DevOps
Getting Started with Azure DevOpsJessica Deen
 
V model
V modelV model
V modelReti Yulvenia
 
Starting and Scaling Devops
Starting and Scaling Devops Starting and Scaling Devops
Starting and Scaling Devops Jules Pierre-Louis
 
Starting and Scaling DevOps
Starting and Scaling DevOpsStarting and Scaling DevOps
Starting and Scaling DevOpsJules Pierre-Louis
 

More Related Content

What's hot

Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Edureka!
 
BizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at ScaleBizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at ScaleQASymphony
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | EdurekaEdureka!
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and AlertingKhairul Zebua
 
What is Shift Left Testing.pdf
What is Shift Left Testing.pdfWhat is Shift Left Testing.pdf
What is Shift Left Testing.pdfTestbytes
 
Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.Worksoft
 
End to end testing - strategies
End to end testing - strategiesEnd to end testing - strategies
End to end testing - strategiesanuvip
 
Chris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing workChris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing workChris O'Brien
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...Simplilearn
 
Testing Centralization
Testing CentralizationTesting Centralization
Testing CentralizationCognizant
 
DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)Brad Appleton
 
Complete guide to manual testing@uma
Complete guide to manual testing@umaComplete guide to manual testing@uma
Complete guide to manual testing@umaUma Sapireddy
 
Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)Randal Schwartz
 
Getting Started with Azure DevOps
Getting Started with Azure DevOpsGetting Started with Azure DevOps
Getting Started with Azure DevOpsJessica Deen
 

What's hot (20)

Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
Jenkins Pipeline Tutorial | Continuous Delivery Pipeline Using Jenkins | DevO...
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptx
 
BizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at ScaleBizDevOps – Delivering Business Value Quickly at Scale
BizDevOps – Delivering Business Value Quickly at Scale
 
Tour of Azure DevOps
Tour of Azure DevOpsTour of Azure DevOps
Tour of Azure DevOps
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | Edureka
 
DevOps Monitoring and Alerting
DevOps Monitoring and AlertingDevOps Monitoring and Alerting
DevOps Monitoring and Alerting
 
What is Shift Left Testing.pdf
What is Shift Left Testing.pdfWhat is Shift Left Testing.pdf
What is Shift Left Testing.pdf
 
Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.Shift Left Quality Assurance: How to do it. Why it matters.
Shift Left Quality Assurance: How to do it. Why it matters.
 
Azure DevOps AI
Azure DevOps AIAzure DevOps AI
Azure DevOps AI
 
End to end testing - strategies
End to end testing - strategiesEnd to end testing - strategies
End to end testing - strategies
 
Chris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing workChris OBrien - Azure DevOps for managing work
Chris OBrien - Azure DevOps for managing work
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
 
Azure devops
Azure devopsAzure devops
Azure devops
 
Testing Centralization
Testing CentralizationTesting Centralization
Testing Centralization
 
DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)DevOps - an Agile Perspective (at Scale)
DevOps - an Agile Perspective (at Scale)
 
DevOps 101
DevOps 101DevOps 101
DevOps 101
 
Complete guide to manual testing@uma
Complete guide to manual testing@umaComplete guide to manual testing@uma
Complete guide to manual testing@uma
 
Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)Native mobile application development with Flutter (Dart)
Native mobile application development with Flutter (Dart)
 
Getting Started with Azure DevOps
Getting Started with Azure DevOpsGetting Started with Azure DevOps
Getting Started with Azure DevOps
 
V model
V modelV model
V model
 

Similar to Integrating Black Duck into your Agile DevOps Environment

ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTIndium Software
 
From Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsFrom Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsLuca Minudel
 
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMAMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMMatt Wright
 
TMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasTMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasKJR
 
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Simon Storm
 
Harman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationHarman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationXebia India
 
Agile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAgile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAdam Stephensen
 
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs
 
Dev ops culture and practices
Dev ops culture and practicesDev ops culture and practices
Dev ops culture and practicesAnkaraCloud
 
Things To Unlearn In Software Development
Things To Unlearn In Software DevelopmentThings To Unlearn In Software Development
Things To Unlearn In Software DevelopmentAlexey Krivitsky
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinarAlgoSec
 
Software Testing - Online Guide
Software Testing - Online GuideSoftware Testing - Online Guide
Software Testing - Online Guidebigspire
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesCollabNet
 
Leading the Transformation
Leading the TransformationLeading the Transformation
Leading the TransformationXebiaLabs
 
Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Jean-Philippe Briend
 
Release Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRelease Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRainya Mosher
 
Starting the DevOps Train
Starting the DevOps TrainStarting the DevOps Train
Starting the DevOps TrainCisco DevNet
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Eturnti Consulting Pvt Ltd
 

Similar to Integrating Black Duck into your Agile DevOps Environment (20)

Starting and Scaling Devops
Starting and Scaling Devops Starting and Scaling Devops
Starting and Scaling Devops
 
Starting and Scaling DevOps
Starting and Scaling DevOpsStarting and Scaling DevOps
Starting and Scaling DevOps
 
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENTROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
ROLE OF iSAFE/iMobi IN SEAMLESS INTEGRATION OF THE DEVOPS ENVIRONMENT
 
From Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOpsFrom Continuous Integration to Continuous Delivery and DevOps
From Continuous Integration to Continuous Delivery and DevOps
 
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPMAMIS 25: DevOps Best Practice for Oracle SOA and BPM
AMIS 25: DevOps Best Practice for Oracle SOA and BPM
 
TMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael PalotasTMF2014 CI-CD Workshop Michael Palotas
TMF2014 CI-CD Workshop Michael Palotas
 
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
Agile and Continuous Delivery for Audits and Exams - DC Continuous Delivery M...
 
Harman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformationHarman deepak v - agile on steriod - dev ops led transformation
Harman deepak v - agile on steriod - dev ops led transformation
 
Agile & DevOps - It's all about project success
Agile & DevOps - It's all about project successAgile & DevOps - It's all about project success
Agile & DevOps - It's all about project success
 
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
XebiaLabs & codecentric Webinar: Deploy Higher Quality Applications Faster (G...
 
Dev ops culture and practices
Dev ops culture and practicesDev ops culture and practices
Dev ops culture and practices
 
Things To Unlearn In Software Development
Things To Unlearn In Software DevelopmentThings To Unlearn In Software Development
Things To Unlearn In Software Development
 
2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar2018 07-24 network security at the speed of dev ops - webinar
2018 07-24 network security at the speed of dev ops - webinar
 
Software Testing - Online Guide
Software Testing - Online GuideSoftware Testing - Online Guide
Software Testing - Online Guide
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering Practices
 
Leading the Transformation
Leading the TransformationLeading the Transformation
Leading the Transformation
 
Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?Continuous Delivery: why ? where to start ? how to scale ?
Continuous Delivery: why ? where to start ? how to scale ?
 
Release Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack ProjectRelease Engineering Downstream of an OpenStack Project
Release Engineering Downstream of an OpenStack Project
 
Starting the DevOps Train
Starting the DevOps TrainStarting the DevOps Train
Starting the DevOps Train
 
Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....Agile Relevance in the age of Continuous Everything ....
Agile Relevance in the age of Continuous Everything ....
 

More from Black Duck by Synopsys

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubFLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubBlack Duck by Synopsys
 
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...Black Duck by Synopsys
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...Black Duck by Synopsys
 
Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideBlack Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub Black Duck by Synopsys
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Black Duck by Synopsys
 
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Black Duck by Synopsys
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Black Duck by Synopsys
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Black Duck by Synopsys
 
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Black Duck by Synopsys
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Black Duck by Synopsys
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsBlack Duck by Synopsys
 

More from Black Duck by Synopsys (20)

Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
 
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
FLIGHT WEST 2018 Presentation - Continuous Monitoring of Open Source Componen...
 
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck HubFLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
FLIGHT WEST 2018 Presentation - Open Source License Management in Black Duck Hub
 
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
FLIGHT WEST 2018 - Presentation - SCA 101: How to Manage Open Source Security...
 
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
FLIGHT WEST 2018 Presentation - Integrating Security into Your Development an...
 
Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018Open-Source- Sicherheits- und Risikoanalyse 2018
Open-Source- Sicherheits- und Risikoanalyse 2018
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
 
FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
 
Open Source Rookies and Community
Open Source Rookies and CommunityOpen Source Rookies and Community
Open Source Rookies and Community
 
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
Open Source Insight: Who Owns Linux? TRITON Attack, App Security Testing, Fut...
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
 
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Integrating Black Duck into your Agile DevOps Environment

  • 1. Integrating Black Duck in your Agile DevOps Environment Utsav Sanghani Product Manager Black Duck Software
  • 2. 2Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
  • 3. 3Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC
  • 4. 4Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging CONVENTIONAL CHECKS HAPPEN VERY LATE IN THE SDLC; APPLICATIONS SHIP WITH VULNERABILITIES
  • 5. 5Black Duck Customer Conference Continuous Build & Test Configure & Release Packaging THE PROCESS IS MANUAL & NON LINEAR WITH ADDED TIME IN QUEUE BEFORE RELEASE
  • 6. How are Companies Managing Open Source Today? Not Well.HOW ARE COMPANIES MANAGING OPEN SOURCE TODAY? NOT WELL. TRACKING VULNERABILITIES • No single responsible entity • Manual effort and labor intensive • Unmanageable (11/day) • Match applications, versions, components, vulnerabilities SPREADSHEET INVENTORY • Depends on developer best effort or memory • Difficult maintenance • Not source of truth MANUAL TABULATION • Architectural Review Board • Occurs at end of SDLC • High effort and low accuracy • No controls VULNERABILITY DETECTION Run monthly/quarterly vulnerability assessment tools (e.g., Nessus, Nexpose) against all applications to identify exploitable instances
  • 7. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 7Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs
  • 8. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 8Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing
  • 9. IT IS IMMENSELY ADVANTAGEOUS TO MOVE LEFT 9Black Duck Customer Conference 1. REDUCED COSTS Avoid human overhead costs 2. REDUCED TIME TO MARKET In process automation checks over post processing 3. REDUCED RISK Move checks to the left to facilitate higher remediation time with lower impact Dev Ops
  • 10. 10Black Duck Customer Conference Continuous Build & Test Code Assimilatio n Development Configure & Release Packaging FEEDBACK A FEEDBACK LINK BETWEEN CI & DEVELOPMENT IS NEEDED TO SHIP COMPLIANT AND SECURE PRODUCTS
  • 11. BLACK DUCK PROVIDES FEEDBACK: CI/BUILD IS THE PLACE TO PLUG IN AUTOMATED CHECKS (CURRENTLY) 11Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging
  • 12. WHAT SHOULD YOU ASK YOU BUILD/RELEASE TEAM? 12Black Duck Customer Conference • Does the build contain only approved open source components? • How secure is the build? Does it have any known security vulnerabilities? • Can we add diligence and remain agile? • Where are you deploying the production builds?
  • 13. 13Black Duck Customer Conference JENKINS DEMO (7-10 MINS)
  • 14. OBTAIN COMPREHENSIVE RESULTS INCLUDING DEPENDENCIES FROM BUILD TOOLS LIKE MAVEN/GRADLE 14Black Duck Customer Conference
  • 15. MANAGE CORRESPONDING ISSUES USING JIRA 15Black Duck Customer Conference
  • 16. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 16Black Duck Customer Conference
  • 17. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 17Black Duck Customer Conference
  • 18. MANAGING THE ENTIRE POST BUILD AUTOMATION ACROSS CI PLATFORMS 18Black Duck Customer Conference
  • 19. CONTINUOUS BUILD & INTEGRATION IS THE PLACE TO PLUG IN AUTOMATED CHECKS (2017) 19Black Duck Customer Conference Continuou s Build & Test Configure & Release Packaging 1 5 4 3 2
  • 20. COMPLIANT AND SECURE BUILDS VIA JENKINS: CHECK 20Black Duck Customer Conference ALERT New Vulnerabilities Affecting You IDENTIFTY License Compliance Risks
  • 21. 21Black Duck Customer Conference THANK YOU