Podcasts about sonatype

Eddie Knight, OSPO lead at Sonatype, discusses how the EU Cyber Resilience Act can help with improving your software project's security and in the same time to slow down the alarming acceleration of software supply chain attacks. Read a transcript of this interview: https://bit.ly/3RDMPVX Subscribe to the Software Architects' Newsletter for your monthly guide to the essential news and experience from industry peers on emerging patterns and technologies: https://www.infoq.com/software-architects-newsletter Upcoming Events: InfoQ Dev Summit Boston (June 9-10, 2025) Actionable insights on today's critical dev priorities. devsummit.infoq.com/conference/boston2025 InfoQ Dev Summit Munich (October 15-16, 2025) Essential insights on critical software development priorities. https://devsummit.infoq.com/conference/munich2025 QCon San Francisco 2025 (November 17-21, 2025) Get practical inspiration and best practices on emerging software trends directly from senior software developers at early adopter companies. https://qconsf.com/ QCon AI NYC 2025 (December 16-17, 2025) https://ai.qconferences.com/ The InfoQ Podcasts: Weekly inspiration to drive innovation and build great teams from senior software leaders. Listen to all our podcasts and read interview transcripts: - The InfoQ Podcast https://www.infoq.com/podcasts/ - Engineering Culture Podcast by InfoQ https://www.infoq.com/podcasts/#engineering_culture - Generally AI: https://www.infoq.com/generally-ai-podcast/ Follow InfoQ: - Mastodon: https://techhub.social/@infoq - Twitter: twitter.com/InfoQ - LinkedIn: www.linkedin.com/company/infoq - Facebook: bit.ly/2jmlyG8 - Instagram: @infoqdotcom - Youtube: www.youtube.com/infoq Write for InfoQ: Learn and share the changes and innovations in professional software development. - Join a community of experts. - Increase your visibility. - Grow your career. https://www.infoq.com/write-for-infoq

Send us a textGet up to speed with everything that mattered in cybersecurity this month. In this episode of The Cyberman Show, we break down March 2025's top cyber incidents, threat actor tactics, security product launches, and vulnerabilities actively exploited in the wild.Here's what we cover:

In this episode, Dave sits down with Megan Lueders (CMO at Sonatype), Ido Mart (CMO at ManyChat), and Kimberly Storin (CMO at Zayo) for a live CMO panel discussion at Exit Five's Austin marketing meetup. These marketing leaders share what's working what's not in B2B marketing today and how the role of the CMO is evolving.Dave, Megan, Ido, and Kimberly cover:What every new CMO needs to know about leading a marketing orgHow to align with CEOs, CFOs, and key stakeholders to drive business impactThe biggest marketing shifts happening right now (and what's no longer working)How to prove marketing's impact in the era of efficiencyTimestamps(00:00) - – Introduction to the CMO panel (03:31) - – The evolving role of the CMO in 2025 (06:57) - – The biggest challenges marketing leaders face today (10:04) - – How to align marketing with CEOs, CFOs, and key stakeholders (13:39) - – What every new CMO needs to know when stepping into the role (17:14) - – The marketing strategies that are working right now (and what's not) (21:01) - – Why B2B marketing is more emotional than most people realize (25:45) - – How to prove marketing's impact in a data-driven, efficiency-focused era (29:27) - – The shift from demand gen to brand-led growth (32:52) - – The role of storytelling and positioning in B2B marketing success (37:07) - – Building a high-performing marketing team and the skills CMOs need today (40:47) - – Key takeaways and final advice for marketing leaders Send guest pitches and ideas to hi@exitfive.comJoin the Exit Five Newsletter here: https://www.exitfive.com/newsletterCheck out the Exit Five job board: https://jobs.exitfive.com/Become an Exit Five member: https://community.exitfive.com/checkout/exit-five-membership***Today's episode is brought to you by Customer.io.You know that feeling when you open your inbox, and it's just… noise? Bad marketing. Spam. Most companies are out here just talking at customers, not talking to them.Marketing messages should do more than just land in an inbox – they should create impact and drive real engagement.Customer.io helps companies send smarter, more personalized messages using first-party data. Their platform enables brands to reach customers at the right time, in the right place, on the right channel—whether that's email, SMS, push notifications, or beyond.And the best part is that it's all automated, so you're not just blasting campaigns and hoping for the best. You're running a machine that delivers real, human engagement at scale.7,000+ brands already trust Customer.io to make their marketing feel less like noise and more like connection. Join them by visiting Customer.io to get started. ***Thanks to my friends at hatch.fm for producing this episode and handling all of the Exit Five podcast production.They give you unlimited podcast editing and strategy for your B2B podcast.Get unlimited podcast editing and on-demand strategy for one low monthly cost. Just upload your episode, and they take care of the rest.Visit hatch.fm to learn more

Brian Fox discusses findings from a recent Sonatype report about the growing challenge of malicious packages in open source repositories. At the time of recording there are now over 820,000 malware packages in public repositories. Brian explains why certain ecosystems are more vulnerable than others and how behavioral detection methods can identify suspicious packages, and the challenge in solving this problem. The blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-03-oss_malware_brian_fox/

In this episode, David Rubinstein interviews Brian Fox, co-founder and CTO of Sonatype. They discuss the company's 10th annual State of the Software Supply Chain report. Key talking points include: The rapid growth of malicious open-source componentsThe increasing length of time needed to remediate vulnerabilitiesHow regulations impact supply chain securityNote: This will be the final episode of What The Dev released in 2024. We'll be back in early January 2025! 

Josh and Kurt talk to Brian Fox from Sonatype and Donald Fischer from Tidelift about their recent reports as well as open source. There are really interesting connections between the two reports. The overall theme seems to be open source is huge, everywhere, and needs help. But all is no lost! There's some great ideas on what the future needs to look like. Show Notes Donald Fischer Brian Fox Tidelift Sonatype The 2024 Tidelift state of the open source maintainer report Sonatype State of the Software Supply Chain Anchore 2024 Software Supply Chain Security Report OpenSSF TAC issue 101

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss the top 3 tips for reducing software supply chain risk. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss software transparency. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Join us this week on the AWS Developers podcast as we dive deep into CodeArtifact, AWS's fully managed artifact repository service. In this insightful discussion with the team behind CodeArtifact, we explore what makes this service essential for developers. Discover the myriad benefits it offers in terms of availability, security, and cost-efficiency. Did you know that 83% of Maven's public server bandwidth is consumed by just 1% of its client IP addresses? Utilizing a private artifact repository like CodeArtifact not only optimizes your workflows but also contributes to a more sustainable internet infrastructure. We'll also share expert insights and best practices for deploying CodeArtifact at scale, ensuring you get the most out of this powerful service. Tune in to enhance your development process and learn how to be a responsible internet citizen. With Carl Lewis and Derek Tam, Software Development Manager, AWS Links - AWS CodeArtifact https://docs.aws.amazon.com/codeartifact/latest/ug/welcome.html - Recent blog posts I wrote about CodeArtifact https://aws.amazon.com/blogs/aws/category/developer-tools/aws-code-artifact/ - 83% of maven servers bandwidth is consumed by 1% of its client IP addresses, the Sonatype blog post. https://www.sonatype.com/blog/maven-central-and-the-tragedy-of-the-commons - Carl Lewis on Linked In https://www.linkedin.com/in/carlglewis/ - Derek Tam on Linked In https://www.linkedin.com/in/derek-tam-3548987/

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss what CISOs and security teams should look for when buying IoT or OT products. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss what CISOs and security teams should look for when buying cloud products. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

In this episode of the podcast, Grizz and Eddie Knight of Sonatype return to our FINOS Debrief episodes that wrap up the past month or so in the FINOS Ecosystem - and look forward to the next month and beyond. Attend the London Open Source in Finance Forum 26 June 2024: ⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-london/⁠⁠ 2023 State of Open Source in Financial Services Download: ⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2023⁠⁠⁠ FINOS Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - more show notes to come Eddie's Info | ⁠https://www.linkedin.com/in/knight1776/ Grizz's Info | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org⁠

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss who is vulnerable to software supply chain attacks. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss whether open source code is a risk. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

This week on The Business of Open Source, I spoke with Brian Fox, co-founder and CTO of Sonatype. In addition to having a really interesting discussion about the usual topic of how to build a business around open source software, we also had a good conversation about security — it was hard to avoid, because we recorded this right after the xz backdoor discovery, and software supply chain security is kind of Brian's thing. Business-wise, though, we also covered some really cool topics. Including: The tension between an open source project that's “too good” and yet the need for the sales team to close dealsIn some ways, the fully commercial, closed-source products in Sonatype's product line are more straightforward… but there are challenges that go along with a pure closed-source approach, too, especially for a DevTool company. Choosing your relationship with open source depending on who your target user / target buyer isPivoting to a top-down sales motion because the bottoms-up motion just didn't work; and how that means the features that sell aren't always the features that get usedWhat Sonatype gets out of it's relationship with Apache Maven and open source NexusHow do we solve real problems, and how do we solve them for real? Keeping in mind that no one buys what they need; they only buy what they want. Check out the full episode, and come to Open Source Founders Summit if you want more opportunities to talk about about business and open source. 

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss software supply chain security risk, and how development teams can reduce it. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss challenges in achieving secure-by-design or secure-by-default products. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

This week, I had a dilemma: should I prioritize the episode where I spoke with one of the MariaDB co-founders, in which we discuss setting up a foundation as a way to ensure that the project continues to be open source in the future, no matter what (relevant given the Redis announcement); or should I prioritize the conversation with one of the founders of Sonatype, one of the oldest companies in the software supply chain security space, in which we talk about the xz debacle. I went with Patrick Backman, general partner at OpenOcean and co-founder of MariaDB, because it's a little more in my lane. (The conversation with Brian Fox will have to wait for next week!). One of the main things we discussed was the relationship between the MariaDB foundation and the MariaDB company. Including: Why they decided to put MariaDB open source in a foundation, and why they created a separate foundation instead of putting it in an existing foundation The relationship between MariaDB foundation and company today, including the financial relationshipMariaDB was founded by the founders (and some key employees) at MySQL; we also discussed the lessons learned at MySQL that the team then applied at MariaDB. And we talked about customer acquisition, one of the things that Patrick thinks the team had learned at MySQL and therefore had pretty well figured it out at MariaDB. Patrick's co-founder Monty Widenius is one of the speakers at Open Source Founders Summit — if you want to go into more details on with the lessons from MySQL and MariaDB, as well as lessons from being an investor at OpenOcean, join us in Paris May 27th and 28th at Open source Founders Summit. 

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss important aspects of a secure development lifecycle. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss how organizations can implement software supply chain security. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss software supply chain security regulations, including whether there are any laws or standards in the industry. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Brian Fox, co-founder and CTO at Sonatype, joins host Steve Morgan to discuss software supply chain management and security. They also delve into the founding of Sonatype, the company's operations, and other related topics. Sonatype is a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Steve Morgan to discuss software supply chain security, including what it is and why it's important. Supply Chain Q&A is sponsored by Sonatype, a leader in enterprise software supply chain management. To learn more about our sponsor, visit https://sonatype.com.

In this supper club episode of Syntax, Wes and Scott talk with Darcy Clarke about his career path in tech, working with Wes back in the day, why he decided to build vlt volt, and the biggest sick pick list yet! Show Notes 00:32 Welcome 01:38 Building a tweet wall back in the day 08:54 How did you land at npm? npm 19:40 Why do we need another package manager and registry? 22:11 What is vlt volt? vlt: a new home for open source vlt /vōlt/ (@vltpkg) / X Shipping ESM with Mark Erikson Bun Yarn Nx 27:18 Do you see a future where we don't pre-compile before shipping? 29:32 Why would pnpm be faster than npm? 31:14 What are the problems with symlinking? 33:08 What's happening with Yarn? Verdaccio Cloudsmith jfrong Sonatype socket.dev Snyk.io Dependency Confusion 37:42 What do you think about config files? antfu Config of File Nesting for VS Code The massive bug at the heart of the npm ecosystem WebTorrent 41:02 VS Code tip - file nesting patterns 41:59 How does on-prem registry work? 47:29 Where does Socket.dev and Snyk security fit? 52:46 Sick Picks 04:41 How did you get vlt.sh? 05:30 How did you get @Darcy? Sick Picks Flat Coat Goldendoodle Scientific American Nespresso BlackBerry (2023) - IMDb BlackBerry (2023) Letterboxd Matthias Wandel Blink-182 Official Site Moneen Bring Me The Horizon Shameless Plugs vlt: a new home for open source Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads

In this episode of the podcast, Grizz sits down with Cortney Stauffer (Head of UX Practice) & Chuck Danielsson (Head of Practice, Web/UI), both from Adaptive. They talk about UX, UI, FDC3, and why things should just work. Cortney Stauffer: https://www.linkedin.com/in/cortstauffer/ Chuck Danielsson: https://www.linkedin.com/in/chuck-danielsson-2141b058/ NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠⁠⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Connectifi, Discover, Enterprise DB, FinOps Foundation, Fujitsu, instaclustr, Major League Hacking, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Percona, Sonatype, StormForge, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠⁠⁠⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠⁠⁠⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org⁠

In this episode of the podcast, Grizz sits down with Jon Gottfried, Co-Founder of Major League Hacking. They talk about hackathons in finance, and developer/engineering talent, from both the individual and hiring manager perspectives. Jon Gottfried: https://www.linkedin.com/in/jonmarkgo/ MajorLeagueHacking: https://sponsor.mlh.io/ NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Connectifi, Discover, Enterprise DB, FinOps Foundation, Fujitsu, instaclustr, Major League Hacking, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Percona, Sonatype, StormForge, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠⁠⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠⁠⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org

In this episode of the podcast, our FINOS COO, Jane Gavronsky sits down with Adrian Dale of ISLA and David Shone of ISDA to discuss the associations contribution and backing of the FINOS CDM, Common Domain Model to the FINOS open source community. CDM: https://cdm.finos.org/ On GitHub: https://github.com/finos/common-domain-model Adrian Dale, Head of Regulation & Markets, ISLA - https://www.linkedin.com/in/adrian-dale-27942314/ David Shone, Director of Product - Data & Digital, ISDA - https://www.linkedin.com/in/david-shone/ Jane Gavronsky, COO, FINOS - https://www.linkedin.com/in/janegavronsky/ NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Connectifi, Discover, Enterprise DB, FinOps Foundation, Fujitsu, instaclustr, Major League Hacking, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Percona, Sonatype, StormForge, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org

Josh and Kurt talk about Sonatype's 9th Annual State of the Software Supply Chain. There's a ton of data in the report, but the thing we want to talk about is the statistic that only 11% of open source is actually being maintained. Do we think that's true? Does it really matter? Show Notes Sonatype report ecosyste.ms GNOME libcue flaw Reality 2.0 supply chain episode

In this episode of the podcast, Grizz sits down with Peter Smulovics, Executive Director at Morgan Stanley about.. well, just about everything. We hit his developer journey, metaverse, XR, spatial computing, Big Boost Mondays, autism hackathons, and painting fences. He is currently Executive Director for Windows and .NET develop practices and spatial computing and metaverse development practices at Morgan Stanley, and co-chair for Open Source Readiness ( https://osr.finos.org ) and Emerging Technologies ( https://zenith.finos.org ) at The Linux Foundation / FINOS. He will be speaking at the Open Source in Finance Forum on November 1st in New York: ⁠⁠⁠https://sched.co/1PzH7⁠ ⁠⁠⁠⁠⁠⁠⁠ Peter Smulovics LinkedIn: ⁠https://www.linkedin.com/in/smulovicspeter/ FSI Hack for Autism - 2023: https://fsi-hack4autism.github.io/ Zenith Emerging Technologies: https://zenith.finos.org/ Open Source Readiness: https://osr.finos.org/ NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Red Hat, Sonatype, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org

In this episode of the podcast, Grizz sits down with Anna McDonald, Technical Voice of the Customer at Confluent to talk about her OSFF talk: "Enabling Real Time Regulatory Compliance with Kafka Streams and Morphir". We talk about Kafka Streams, Morphir, Open Regulation, and what it's like to figure out your passion for coding at 5 years old. She will be speaking at the Open Source in Finance Forum on November 1st in New York: ⁠⁠https://sched.co/1PzH7 ⁠⁠⁠⁠⁠ Anna McDonald LinkedIn: https://www.linkedin.com/in/jbfletch/ NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Red Hat, Sonatype, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠⁠Get In Touch: info@finos.org

We pick back up with Joshua Corman, founder of grass roots organization I Am the Cavalry, for part two of our discussion. Josh shares insights from his many years on the healthcare cyber front lines and provides both a captivating and sobering perspective on the state of healthcare security today. And while there have been many strides forward, we still have a long way to go. Audra and I learned so much during our discussion including themes such as cyber asbestos, the emerging care desert, dependency on undependable things, recalibrating the cost of connected medicine, if you can't protect it/can't connect it, the Omnibus Appropriations Act, and actionable insights on what we can do right now, as individuals and collectively, to make a difference.   Joshua Corman is the founder of I Am the Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. He was formerly chief strategist of CISA's COVID Task Force, where he advised on the pandemic response, provided cybersecurity expertise on healthcare infrastructure, and supported control systems and life safety initiatives. Prior to CISA, Josh was SVP and chief security officer at PTC, where he accelerated cyber safety maturity across industries. Previously, he served as director of the Atlantic Council's Cyber Statecraft Initiative, on the Congressional Task Force for Healthcare Industry Cybersecurity, and in leadership roles at Sonatype, Akamai, IBM, and the 451 Group. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e248

In this episode of the podcast, Grizz sits down with Brian Douglas, CEO, of OpenSauced to talk about his OSFF talk: "Data-Driven Decisions: Uncovering the Key Metrics Shaping Success in OSS". We talk about his developer evangelist journey, open source project analytics, accessing talent, and a little Steph Curry. He will be speaking at the Open Source in Finance Forum on November 1st in New York: ⁠https://sched.co/1PzGI ⁠⁠⁠ LinkedIn: https://www.linkedin.com/in/brianldouglas/ OpenSauced: https://opensauced.pizza/ Podcast & Videos: https://www.youtube.com/@OpenSauced/videos NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠⁠ All Links on Current Newsletter Here: ⁠⁠⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠⁠⁠ - more show notes to come A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsors: Databricks, where you can unify all your data, analytics, and AI on one platform. And Red Hat - Open to change—yesterday, today, and tomorrow. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Red Hat, Sonatype, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠⁠sponsorships@linuxfoundation.org⁠⁠⁠. Grizz's Info | ⁠⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠⁠ ►► ⁠⁠⁠⁠⁠Get In Touch: info@finos.org

We had so much to talk about with this week's guest that we made it a two-part episode! Joining us this week, and next week, is Joshua Corman, founder of grass roots organization I Am the Cavalry. Josh shares insights from his many years on the healthcare cyber front lines and provides both a captivating and sobering perspective on the state of healthcare security today. And while there have been many strides forward, we still have a long way to go. Audra and I learned so much during our discussion including themes such as cyber asbestos, the emerging care desert, dependency on undependable things, recalibrating the cost of connected medicine, if you can't protect it/can't connect it, the Omnibus Appropriations Act, and actionable insights on what we can do right now, as individuals and collectively, to make a difference. Joshua Corman is the founder of I Am the Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. He was formerly chief strategist of CISA's COVID Task Force, where he advised on the pandemic response, provided cybersecurity expertise on healthcare infrastructure, and supported control systems and life safety initiatives. Prior to CISA, Josh was SVP and chief security officer at PTC, where he accelerated cyber safety maturity across industries. Previously, he served as director of the Atlantic Council's Cyber Statecraft Initiative, on the Congressional Task Force for Healthcare Industry Cybersecurity, and in leadership roles at Sonatype, Akamai, IBM, and the 451 Group. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e247

In this episode of the podcast, Grizz sits down with Varsha Sundar, VP of Cloud FinOps at Chubb Insurance to talk about her OSFF talk: "Cloud Financial Management Strategy". We talk about her journey, what FInOps is, and why it's important. She will be speaking at the Open Source in Finance Forum on November 1st in New York: https://sched.co/1Q2n3 ⁠ LinkedIn: https://www.linkedin.com/in/varsha-sundar-b751b326/ FinOps Foundation: https://www.finops.org/ All Links on Current Newsletter Here: ⁠⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠⁠ - more show notes to come NYC November 1 - Open Source in Finance Forum: ⁠⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠ A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsor: Databricks, where you can unify all your data, analytics, and AI on one platform. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Red Hat, Sonatype, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠⁠sponsorships@linuxfoundation.org⁠⁠. Grizz's Info | ⁠⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠⁠ | ⁠⁠⁠⁠grizz@finos.org⁠⁠⁠⁠ ►► ⁠⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠⁠ ►► ⁠⁠⁠⁠Get In Touch: info@finos.org

ElasticSearch, Akka, Hashicorp, and Red Hat are starting to change their licensing models. What used to be considered open source (Apache, GPL, MIT) is morphing (with an asterisk) for the large open source projects that we know and love.  But what does that mean? Is open source over? or are we transitioning to a new reality? Is legislation going to help or hinder (like the EU CRA proposed laws)? Come take a listen as we dive deep into the open source ecosystem and how is it changing right before our eyes! https://www.javaoffheap.com/datadog We thank DataDogHQ for sponsoring this podcast episode DO follow us on twitter @offheap https://www.twitter.com/offheap Java Specialist Newsletter (hi Dr. Heinz!) https://www.javaspecialists.eu/ Netbeans 18 https://github.com/apache/netbeans/releases Corretto is most popular JVM https://devclass.com/2023/05/02/amazon-now-the-most-popular-java-development-kit-vendor-for-production-according-to-observability-survey/ Layoffs at Redhat  https://wraltechwire-com.cdn.ampproject.org/c/s/wraltechwire.com/2023/04/24/red-hat-cutting-hundreds-of-jobs-ceo-says-in-letter-to-employees/?amp=1, Sonatype https://www.theregister.com/2023/05/10/sonatype_job_cuts/ Videos for KotlinConf 2023 https://blog.jetbrains.com/kotlin/2023/05/kotlinconf-2023-recordings/?_ga=2.192371426.99327395.1684372006-290954218.1684372006&_gl=1*131l38a*_ga*MjkwOTU0MjE4LjE2ODQzNzIwMDY.*_ga_9J976DJZ68*MTY4NDM3MjAwNi4xLjAuMTY4NDM3MjAwNi4wLjAuMA.. SpringOne @ Explore Las Vegas (Aug 21-24) https://springone.io/ Community Over Code (Apache) in Halifax (Oct 7-10) https://communityovercode.com/  

In this episode of the podcast, we break down the newly released schedule from the Open Source in Finance Forum (OSFF). Plus - we return to our FINOS Debrief episodes that wrap up the past month in the FINOS Ecosystem - and look forward to the next month and beyond. All Links on Current Newsletter Here: ⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠ - more show notes to come NYC November 1 - Open Source in Finance Forum: ⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠ 2023 State of Open Source in Financial Services Survey: https://www.research.net/r/NX3VVXM⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠ A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠that will take place this November 1st at the New York Marriott Marquis This event wouldn't be possible without our sponsors. A special thank you to our Leader sponsor: Databricks, where you can unify all your data, analytics, and AI on one platform. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, Open Mainframe Project, OpenJS Foundation, OpenLogic by Perforce, Orkes, Red Hat, Sonatype, and Tidelift. If you would like to sponsor or learn more about this event, please send an email to ⁠sponsorships@linuxfoundation.org⁠. Grizz's Info | ⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠ | ⁠⁠⁠grizz@finos.org⁠⁠⁠ ►► ⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠ ►► ⁠⁠⁠Get In Touch: info@finos.org

Free access to “It's 5:05!” on your favorite podcast platforms: bit.ly/its505-free-access-on-all-podcast-platforms Edwin Kwan: Highly Accurate Acoustic Keylogger Attack

In this episode of the podcast, we discuss the formation of a new major project in FINOS around common cloud controls for financial services. Get involved now here: https://www.finos.org/common-cloud-controls-project Read the Press Release here: https://www.finos.org/press/finos-announces-formation-of-common-cloud-controls US Dept of Treasury Cloud Report: https://home.treasury.gov/system/files/136/Treasury-Cloud-Report.pdf UK HMT Critical 3rd Party Finance Sector Policy Statement: https://www.gov.uk/government/publications/critical-third-parties-to-the-finance-sector-policy-statement European Council DORA: https://www.consilium.europa.eu/en/press/press-releases/2022/11/28/digital-finance-council-adopts-digital-operational-resilience-act/ Monetary Authority of Singapore Cloud Advisory: https://www.mas.gov.sg/-/media/MAS/Regulations-and-Financial-Stability/Regulatory-and-Supervisory-Framework/Risk-Management/Cloud-Advisory.pdf All Links on Current Newsletter Here: ⁠⁠⁠https://www.finos.org/newsletter⁠⁠⁠ - more show notes to come NYC November 1 - Open Source in Finance Forum: ⁠⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠⁠ 2023 State of Open Source in Financial Services Survey: https://www.research.net/r/NX3VVXM⁠https://www.research.net/r/NX3VVXM⁠ 2022 State of Open Source in Financial Services Download: ⁠⁠⁠https://www.finos.org/state-of-open-source-in-financial-services-2022⁠⁠⁠ A huge thank you to all our sponsors for Open Source in Finance Forum New York ⁠https://events.linuxfoundation.org/open-source-finance-forum-new-york/⁠that will take place this November 1st at the New York Marriott Marquis, especially to our Leader sponsor: Databricks. And our Contributor and Community sponsors: Adaptive/Aeron, Discover, FinOps Foundation, instaclustr, mend.io, OpenJS, Open Mainframe Project, Perforce, Red Hat, Sonatype, and Tidelift. Registration is now open and early bird pricing is available till August 18th. Join us in NYC! If you would like to sponsor or learn more about this event, please send an email to ⁠sponsorships@linuxfoundation.org⁠. Grizz's Info | ⁠⁠⁠https://www.linkedin.com/in/aarongriswold/⁠⁠⁠ | ⁠⁠⁠grizz@finos.org⁠⁠⁠ ►► ⁠⁠⁠Visit FINOS www.finos.org⁠⁠⁠ ►► ⁠⁠⁠Get In Touch: info@finos.org

It IS time...and everyone is talking about it! With the new Large Language Models like OpenAI and Github Copilot, and Bard (and all the others), what does it mean for developers? Is it an existential threat? a doomsday scenario? or is all being blown out of proportion? Well, we start diving into the question on this episode with the usual suspects! Come, listen to this episode before we are all replaced by generative AI! (This podcast recording is human certified!) https://www.javaoffheap.com/datadog We thank DataDogHQ for sponsoring this podcast episode DO follow us on twitter @offheap https://www.twitter.com/offheap Netbeans 18 https://github.com/apache/netbeans/releases Corretto is most popular JVM https://devclass.com/2023/05/02/amazon-now-the-most-popular-java-development-kit-vendor-for-production-according-to-observability-survey/ Layoffs at Redhat  https://wraltechwire-com.cdn.ampproject.org/c/s/wraltechwire.com/2023/04/24/red-hat-cutting-hundreds-of-jobs-ceo-says-in-letter-to-employees/?amp=1, Sonatype https://www.theregister.com/2023/05/10/sonatype_job_cuts/ Videos for KotlinConf 2023 https://blog.jetbrains.com/kotlin/2023/05/kotlinconf-2023-recordings/?_ga=2.192371426.99327395.1684372006-290954218.1684372006&_gl=1*131l38a*_ga*MjkwOTU0MjE4LjE2ODQzNzIwMDY.*_ga_9J976DJZ68*MTY4NDM3MjAwNi4xLjAuMTY4NDM3MjAwNi4wLjAuMA.. SpringOne @ Explore Las Vegas (Aug 21-24) https://springone.io/ Community Over Code (Apache) in Halifax (Oct 7-10) https://communityovercode.com/  

Prepare for an insightful discussion with Java Champions Erin Schnable, Emily Jiang, Mary Gygleski, and Holly Cummins at Devnexus 2023. They sit down with Sonatype's Kadi Grigg and Theresa Mammarella for an unforgettable conversation about making an impact in the tech community. They cover topics like: Their unique journeys in tech Embracing the mindset of a lifelong learner The power of goal setting for personal growth  The essential qualities of a great leader Why conference talks, like this one, fuel their passion and drive Don't miss this chance to learn from some of the brightest minds in the industry.

We are at it again! We went to DevNexus in Atlanta, and we have the WHOLE GANG showing up! It has been great catching up in person and oh boy, there's so much tech to talk about! For this episode we have Brian Fox (@Brian_Fox), CTO of Sonatype talk about the importance of security across the supply chain. With new legislation coming regulating security and software pipelines it is the right time to discuss what is our role as developers in this.  An incredibly fun episode, with a quiz at the end (Powered by none other than ChatGPT) is an episode you don't want to miss! https://www.javaoffheap.com/datadog We thank DataDogHQ for sponsoring this podcast episode DO follow us on twitter @offheap https://www.twitter.com/offheap  

We are at it again! We went to DevNexus in Atlanta, and we have the WHOLE GANG showing up! It has been great catching up in person and oh boy, there's so much tech to talk about! For this episode we have Brian Fox (@Brian_Fox), CTO of Sonatype talk...

Hey, it's Alex from Remote Work Life... On today's episode of the Remote Work Life Business Spotlight, I'm featuring yet another top remote business called, Sonatype !.

Hi, Spring fans! Welcome to another installment of a Bootiful Podcast! In this installment, recorded at Devnexus in Atlanta, GA, I talk to newcomer to the show Steve Poole, from Sonatype, and returning guest Justin Reock, from Gradle, about improving developer productivity without comprising on things like security. - I wrote an e-book on AOT and GraalVM support in Spring Boot 3 https://bit.ly/springboot3-graalvm-ebook - Check out this roving 1 hour tour of Spring Boot 3 over on the Jetbrains channel https://www.youtube.com/watch?v=Y2gZz8-yK7Y - I did a 6m video looking at Spring Boot 3 for the impatient on my channel https://www.youtube.com/watch?v=WJutdzX9hl0

A proven executive and entrepreneur with over 25 years experience developing high-growth software companies, Matt serves as Virtu's CMO and leads all aspects of the company's go-to-market motion within the data protection and Zero Trust security ecosystems. Prior to Virtru, Matt served 6 years as SVP and CMO at Sonatype where he designed, built, and led global marketing and demand generation for a pioneer in software supply chain management and DevOps automation. Earlier in his career, Matt co-founded, developed, and successfully sold two software companies. He also led sales and marketing at USinternetworking (acquired by AT&T) and Groove Networks (acquired by Microsoft). Matt holds a Bachelor of Arts degree from The George Washington University and a Master of Arts from George Mason University.     Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/   Support the show on Patreon:  https://patreon.com/mspradio/   Want our stuff?  Cool Merch?  Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com   Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/      

In our latest episode, we sit down with Steve Poole (Leader of London JUG | Director, Developer Relations, Sonatype), Frank Greco (Founder of NYJavaSIG | Director, Technology and Strategy, Crossroads Technologies), and Sharat Chander (Sr. Director, Java and Cloud Native Product Management and Developer Relations, Oracle). Java user groups (JUGs) have seen changes over the years due to the growing prominence of Java and a continuously maturing audience. We'll be revisiting the late 90s/early 2000s when JUGs first started appearing. Listen in for answers to questions like: What was their purpose?  What are they now? Why are JUGs a valuable community resource? How has the pandemic changed them? Check out the resources for this episode on the blog.

On March 2, 2023 the Biden-Harris administration made a historic move with the release of the National Cybersecurity Strategy. This is the first time the US government has taken a stance on product liability with regard to software. In this episode, Jeff Wayman–Conduit of Goodness at Sonatype–takes the mic to speak with Sonatype's Co-founder and CTO, Brian Fox. Listen in as they break down important details of this historic new strategy, its meaning, and how it impacts you and your organization. Check out the resources for this episode on the blog.

In this episode of the podcast, we sit down with Eddie Knight of Sonatype and Colin Griffin of Krumware. We talk about views on open source in financial services from the developer side, contributor side, and maintainer side. Plus we look at how open source consumption and contribution has changed over the years, and what we see driving the future... security is a big part of all of this. We hope you enjoy! Eddie's Info: https://www.linkedin.com/in/knight1776/ Colin's Info: https://www.linkedin.com/in/colin-e-griffin/ 2022 State of Open Source in Financial Services Download: https://www.finos.org/state-of-open-source-in-financial-services-2022 OSFF NYC Videos & Pics: https://resources.finos.org/znglist/osff-new-york-2022/?c=cG9zdDo5OTA5Njk%3D Grizz's Info | https://www.linkedin.com/in/aarongriswold/ | grizz@finos.org ►► Visit FINOS www.finos.org ►► Get In Touch: info@finos.org

Picture this: an auto manufacturer with no clue what parts are in its supply chain, where those parts come from and no ability to recall those parts if vulnerabilities are discovered.That's not a reality consumers would accept. So why do organizations (and manufacturers!) tolerate it when it comes to software? On this week's episode of Dev Interrupted, Brian Fox, co-founder & CTO, and Stephen Magill, VP of Product Innovation, join us to talk about Sonatype's State of the Software Supply Chain Report. Listen as Brian and Stephen explain the ins and outs of open source risk management, how companies that aren't open source maintainers can do a better job protecting themselves and why cybercrime is like “VC funds for the bad guys.” Show Notes8th Annual State of the Software Supply Chain Report Learn about the power of Continuous Merge with gitStream Join the Dev Interrupted Discord Want to try LinearB? Book a LinearB Demo and use the "Dev Interrupted Podcast" discount code.

Shy of having a crystal ball to predict the future, venture capitalists have to rely on other skills to determine what companies to fund. With a decade of experience, Insight Partners Managing Director Thomas Krane knows how to spot innovative startups that are bringing a significant value-add to the market. Just as importantly, he's also looking for CEOs that understand the market value and how to make their product profitable. Learn more about the next generation of software VC!Tune in to learn:About How Insight Partners has grown in the last decade (08:43)Where the best innovation are in new startups for security, DevOps, or automation (15:09) How 10x is the standard improvement rate for NextGen Cybersecurity development (22:06)What factor is enabling the break-neck speed of tech innovation (28:22)About Thomas' career hop from the astronomy lab to venture capital (34:14)Where Thomas looks to find the next big thing to invest in (39:40)Mentions:“The Biggest Mistakes Companies Make With Cybersecurity—and How to Avoid Them” (article in The Wall Street Journal)Why Your Code is My Code with Sonatype's Derek Weeks (prior podcast episode of IT Visionaries)IT Visionaries is brought to you by Salesforce Platform. If you love the thought leadership on this podcast, Salesforce has even more meaty IT thoughts to chew on. Take your company to the next level with in-depth research and trends right in your inbox. Subscribe to a newsletter tailored to your role at Salesforce.com/newsletter.Mission.org is a media studio producing content for world-class clients. Learn more at mission.org.