Developer, Sony discussed on Software Engineering Daily


So why is this of concern to you guys. Maybe could say a bit about who you are and what you do. Yeah so in the realm of developer interest in cybersecurity developer interest in application or infrastructure security. This ties a lot to the work that we do everyday at type. Sony type has been around for well over a decade now helping developers create better code In managed code better in terms of open source packages and binary as that developer using every day developer using more and more of those we help developers store those packages or manage those packages locally and things like sony attack nexus repository but it became very apparent to us eight years ago or so that developers just didn't want to have a better way to manage. Well what packages are we using. And can we use those consistently across the organization but we need to know about the quality of these things because if you look at the software supply chain report that i publish each year. Depending on the development language anywhere between ten and forty percent of open source packages. That developers would use whether they're javascript. Java ruby roscoe packages what what have you those have known vulnerabilities in them so then it becomes if we can use all of these open source component are we using the best ones.

Coming up next