What Goes in Must Come Out: Hidden Defects in your Software Application

“Build quality in” is a core mantra of DevOps practices, yet development practices are blindly building defects into their applications en masse.

You see, every software development organization on the planet has a software supply chain that is consuming a massive volume of open source and third-party components.  In 2015, 11 million developers consumed over 30 billion components.  The use of these components is accelerating innovation while at the same time introducing elective risks and costly rework.

In June, Sonatype released its 2016 State of the Software Supply Chain Report.  It is a deep analysis of development practices across 3,000 development organizations consuming and 25,000 applications.   While the average organization in the study consumed 229,000 open source and third party software components, the study revealed:

• 6.8% of components consumed included known security flaws, impacting the integrity of operations
• Costs to remediate 10% of vulnerabilities across a large application portfolio can exceed $7,000,000
• Older components have a 3x higher defect density

But this discussion is not intended as a platform to shed light on bad practices; it is bringing greater awareness of building quality in.  Attendees will gain new visibility as to what’s happening in their own software supply chains, receive industry benchmarks driving enhanced quality and security, and discover three core principles that can be applied to improving their DevOps practices.