Event Description

On November 16 in Arlington, VA, Federal and industry IT leaders are invited to an interactive work group to explore best practices within cyber risk measurement, including the latest research, federal and commercial case studies and IT policy updates. Geared towards those with a mission to lead enterprise governance and measurement programs as well as practitioners working in business critical software, this bi-annual seminar offers pragmatic approaches to automated software measurement.



CAST Software is the U.S. Government leader in enterprise and mission software risk measurement. CAST currently supports many DOD, IC, Civilian, State and local IT organizations to assess and benchmark risk in software developed and sustained. Leveraging ISO, NIST, SEI, OMG, CISQ and other standards, CAST enables program managers, acquisition organizations and OCIO’s with independent, automated measurement. Integrating cleanly into Agile/DevSecOps, Waterfall, Spiral or hybrid delivery methods CAST analytics are used to modernize, secure, cloud enable systems while enabling the IT and acquisition workforce to continuously improve execution.

 sonatype logo.jpg

Sonatype is the leading provider of DevOps-native tools to automate modern software supply chains. As the creators of Apache Maven, the Central Repository, and Nexus Repository, Sonatype pioneered componentized software development and has a rich history of supporting open source innovation. Today, more than 120,000 organizations depend on Sonatype’s Nexus platform to govern the volume, variety, and quality of open source components flowing into modern software applications. Learn more at www.sonatype.com.



  • New Software Standards to Support your Acquisition Process
  • State of the Software Supply Chain
  • Leveraging DevOps to Manage Enterprise Software Risk 
  • The DevOps Smart Road: Integrating AI Into DevOps
  • CGI’s Software Risk Measurement Journey: Leveraging CAST AIP for Enterprise and Team Visibility
  • Development Efficiency and Agile Analytics: An Introduction to CAST Highlight
  • Don't Be the Next Equifax: An Overview of Sonatype Technology
  • Introduction to the Common Language for Software Quality (CQEs)
  • Customer Power Sessions
    • Update on Fannie Maes AIP Automation Journey - Barry Snyder, Senior Product Manager, Fannie Mae
    • GDPR Use Case: Private Data Tracing using CAST Architecture Checker - Paul, Global Program Director for Software Quality Center of Excellence, CGI
    • 8.3 Release Overview - John Chang, Director of Solution Delivery, CAST
    • Product Roadmap and Feedback Session - John Chang, Director of Solution Delivery, CAST
    • CAST Extend - John Livingstone, Technical Expert, CAST 



Check-in opens at 7:30 a.m. and the workshop will be held from 8 a.m. - 3 p.m.
There is no fee to attend. The breakfast and lunch are sponsored by CAST. Attendees are responsible for the costs of hotel accommodations, airfare, cabs and other incidentals incurred outside of the official program.


Spring 2017 Registrants



Hyatt Arlington

Address: 1325 Wilson Blvd, Arlington, VA 22209
Tel: 703.525.1234

Website: Hyatt Arlington

Just minutes from Washington, DC and only steps to the Rosslyn Metro, the Hyatt Arlington offers a variety of flexible accommodations including inventive cuisine and attentive service all poised at the edge of the capital in the heart of Arlington, VA.