Continuous Acceleration: Why Continuous Everything Needs a Supply Chain Approach

A session at LISA15

Wednesday 11th November, 2015

4:00pm to 4:45pm (EST)

With continuous development, we write less code and consume more re-usable open source code. Innovation is accelerated and so is application complexity. Complexity is the enemy of quality. Poor quality creates unplanned/unscheduled work. Re-work creates a drag on development speed. It’s a continuous loop. While Agile and DevOps have made us faster and more efficient, they can only take us so far... and worse, the year of OpenSource attacks we've just had commands better practices.

What if we could deliver applications on-time (even faster), on-budget (even more efficiently) and with a natural byproduct of more acceptable quality and risk?

The good news: other industries have figured this out with supply chain management. Applying supply chain approaches to software raises the bar on continuous goals.

A few of the patterns we can take from the rigor of things like the Toyota Supply Chain:

  • Scrutinize the number and quality of your “suppliers”
  • Manage out avoidable risk, complexity, and code bloat
  • Improve traceability and visibility
  • Ensure prompt agile responses when things go wrong

Pending legislation with the Cyber Supply Chain Transparency Act makes this a particularly important topic for Federal Agencies and the ISVs and SIs who provide software to them. This session will also provide background on this act and provide practical guidance on how respond to and benefit from it.

Joshua Corman is a Founder of I am The Cavalry (dot org) and the CTO for Sonatype. Corman has served key research and strategy roles at Akamai Technologies, The 451 Group, and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. Josh's unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He is an adjunct faculty for Carnegie Mellon’s Heinz College and Advisor to DHS S&T. Josh received his bachelor's degree in philosophy, graduating summa cum laude, from the University of New Hampshire.

About the speaker

This person is speaking at this event.
Joshua Corman

Security Strategist/Ex-Analyst/Knowledge Seeker/Zombie Killer/Co-Founder of http://RuggedSoftware.org / Statements are mine & may not reflect Akamai's bio from Twitter

Next session in Thurgood Marshall West

4:45pm Software Patent Litigation: What Have We Learned? by Deb Nicholson

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 4:00pm4:45pm EST

Date Wed 11th November 2015


Thurgood Marshall West, Washington Marriott Wardman Park

Session Hash Tag


Short URL


View the schedule


See something wrong?

Report an issue with this session