Brian is VP of Product Management at Sonatype, with extensive open source experience as a member of the Apache Software Foundation for the past 7 years and former Chair of the Apache Maven project. Brian has provided significant development contributions to the Maven ecosystem, including the maven-dependency-plugin and maven-enforcer-plugin. He has over 15 years of experience driving the vision behind, as well as developing and leading the development of software for organizations ranging from startups to large enterprises. Brian holds a Bachelor of Science degree in Computer Science from Daniel Webster College.

Removing the security and legal bottlenecks in a continuous world

Agile, lean and the emerging practices around DevOps combined with the vast array of open source software that is available are changing the way we build and release software. Techniques, discovered in the 1800’s, facilitated the industrial revolution changing the course of history. The challenges and risks in software today have striking similarities. Can we learn from history and build better software faster and more efficiently by thinking about software development as a supply chain problem?

In this session, Brian Fox will explain how the current practices for building software have created an opportunity for additional efficiencies and cost savings along with better control of risk.

Our approach to developing software has radically changed in the last 15 years. Where we used to write most of the code in an application from scratch, we now might only write 10%, with the balance pulled from the world of open source and other third parties. However, our techniques for managing Security, Legal and Quality risk have not kept pace with these changes, leading to interdepartmental conflict and exposure.

Upon leaving this session, you’ll have a deeper understanding of how modern software development has changed, what the implications are, and how we can learn from other industries that go fast and manage risk.