Machines making software: paving and maintaining the road with zero trust open source
Are we staking our future on a pace we haven’t yet learned to secure?
In a year long collaboration with Gene Kim and Dr. Stephen Magill, we objectively examined and empirically documented software release patterns and cybersecurity hygiene practices across 48,000 commercial development teams and open source projects. Our research uncovered different development and cybersecurity hygiene behaviors across open source software that we categorized as Exemplars, Laggards, Features First, and Cautious.
In this session, I will reveal the insights we uncovered. Attendees will learn which techniques, team structures and release patterns exemplary development teams have been championed at large enterprises and open source project alike. I’ll then share observations of exemplary DevSecOps practices that deliver 50% more commits, release new code 2.4X faster, and remediate security vulnerabilities 2.9X faster.
Finally, I will point toward where these practices will intersect with AI to enable machines to build better applications themselves.