Welcome!

DevOps Leadership Series

Derek Weeks

Subscribe to Derek Weeks: eMailAlertsEmail Alerts
Get Derek Weeks via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Derek Weeks

Multiple agencies across the U.S. government are paying closer attention to the software they are buying.  More specifically, they want to know what open source and third party components were used to build the software applications.  The report notes: U.S. Food and Drug Administration (FDA) wants to know what open source components are being used in medical devices. U.S. Department of Defense (DOD) is introducing new procurement language for software purchases to ensure it is free of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the software. U.S. Federal Trade Commission (FTC) is filing complaints against businesses offering software with known vulnerabilities. Similar moves by the National Institute of Standards and Technology (NIST), Underwriters Laboratories (UL), and the U.S. General Services Administration's (GSA) 1... (more)

Interview with @CaCorriere | @DevOpsSummit #DevOps #ContinuousDelivery

What do dependency resolution, situational awareness, and superheroes have in common? Meet Chris Corriere, a DevOps/Software Engineer at Autotrader, speaking on creative ways to maximize usage of all of the above. Mark Miller, Community Advocate and senior storyteller at Sonatype caught up with Chris to learn more about what his team is up to. Chris: I'm Chris Corriere, and I'm a Dev Ops engineer at AutoTrader. Mark: Can you give us an overview on how you're using Nexus? Chris: We use Nexus for dependency resolution. Part of that is to insulate our enterprise infrastructure from ... (more)

An Interview with @JPaulReed | @DevOpsSummit #DevOps #ContinuousDelivery

Intersections: DevOps, Release Engineering, and Security Derek: Good morning, Paul. There's a lot those pursuing DevOps can learn from Release Engineering practices. I know you've got a lot of experience to share, so let's get started. J. Paul Reed: Good morning, it's good to be here. My background is release engineering, although these days I am actually called a DevOps consultant. I have about 15 years' experience doing that. That's what my presentation is about: sort of the intersection between DevOps, Rugged DevOps, and release engineering and wanting to explore that with the... (more)

Software Supply Chain Report | @DevOpsSummit #DevOps #ContinuousTesting

Analysis of 25,000 applications reveals 6.8% of packages/components used included known defects. Organizations standardizing on components between 2 - 3 years of age can decrease defect rates substantially. Open source and third-party packages/components live at the heart of high velocity software development organizations.  Today, an average of 106 packages / components comprise 80 - 90% of a modern application, yet few organizations have visibility into what components are used where. Use of known defective components leads to quality and security issues within applications. Wh... (more)

Introducing the Nexus Jenkins Plugin | @DevOpsSummit #DevOps #Jenkins #Containers

As a long time Java developer, I've always depended on the Maven build process to automatically publish my artifacts to a Nexus Repository Manager.  This automated process was made possible thanks to some very useful plugins - specifically, the Maven plugin for Nexus staging and the Maven Deploy plugin.  Both made publishing of artifacts to Nexus Repository Managers remarkably simple as the final step of a Maven build. Introducing the Nexus Jenkins Plugin However, in today's continuous-everything world, build processes are increasingly complicated and resemble a highly dynamic su... (more)