Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

We Lack Building Codes for Building Software Code [VIDEO]

June 15, 2015 By Mark Miller

At Josh Corman’s presentation during AppSecEU 2015, he brought up the analogy of buildings codes, those laws and regulations that mandate how architectural buildings are built. It’s the reason earthquakes in some regions of the world are so devastating, while even stronger ones in other areas cause minimal damage.

Josh’s question is a simple one: Why do we lack building codes for building software code? What laws and regulations are in place that mandate secure, quality software that won’t “collapse” when under attack?

You can view Josh’s entire presentation, Continuous Acceleration: Why Continuous Everything Requires A Supply Chain Approach, on YouTube thanks to the good folds at AppSecEU.

Tags: Software Supply Chain, codes, AppSec, Nexus Repository, 2015, Open Source, Application Security, Rugged DevOps

Written by Mark Miller

Mark Miller serves as the Senior Storyteller and DevOps Advocate at Sonatype. He speaks and writes extensively on DevSecOps and Security, hosting panel discussions, podcasts, and webinars on tools and processes within the Software Supply Chain.