Welcome!

DevOps Leadership Series

Derek Weeks

Subscribe to Derek Weeks: eMailAlertsEmail Alerts
Get Derek Weeks via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Derek Weeks

Analysis of 25,000 applications reveals 6.8% of packages/components used included known defects. Organizations standardizing on components between 2 - 3 years of age can decrease defect rates substantially. Open source and third-party packages/components live at the heart of high velocity software development organizations.  Today, an average of 106 packages / components comprise 80 - 90% of a modern application, yet few organizations have visibility into what components are used where. Use of known defective components leads to quality and security issues within applications. While developers save tremendous amounts of time by sourcing software components from outside their organizations, they often don't have time to check those component versions against known vulnerability databases or internal policies. In Sonatype's 2016 State of the Software Supply Chain repor... (more)

Java Deserialization: Running Faster Than a Bear | @CloudExpo #API #Java #Cloud

Software components that were once good can sour instantly when new vulnerabilities are discovered within them. When that happens, the bears are coming, and you have to respond quickly. Two men are walking through a forest. Suddenly, they see a bear off in the distance, running toward them. Adrenaline pumping, they start running away. But then one of them stops, takes some running shoes from his bag and starts putting them on. "Frank, what are you doing?" says the other man. "Do you think you will run faster than the bear with those?" "I don't need to run faster than the bear," ... (more)

Continuous Delivery The @Atlassian Way | @DevOpsSummit #DevOps #API

At the recent DEVNEXUS conference in Atlanta, Sonatype's Mark Miller (@TSWAlliance) caught up with Ian Buchanan (@devpartisan) for the latest segment in our 2016 DevOps Leadership Series. Ian discussed his experiences at Atlassian, including continuous delivery, ChatOps, and use of tools like Bamboo, Nexus, Puppet, and Datadog. Watch the full interview with Ian Buchanan - Atlassian Developer Advocate Ian Buchanan: I'm Ian Buchanan. I'm a Developer Partisan at Atlassian which is developer advocacy for our developer tools. Mark Miller: Ian, most people know Atlassian from solution... (more)

The DevOps Equation: Agility + Empathy = Quality | @DevOpsSummit #DevOps

I had the chance to catch up with Jeff Sussna ahead of his keynote address on continuous design, scheduled for DevOpsDays Atlanta, April 26-27. Jeff discussed the importance of designing for service, responding to the unexpected, and the importance of building empathy across teams. Derek Weeks: Today, I'm really happy that we have Jeff Sussna joining us for the latest in this series. Jeff, why don't you introduce yourself? Jeff Sussna: Sure. Thanks for having me. I'm an independent consultant. I've been around since rocks were young or the 80s, whichever is older. My particular b... (more)

Private Practice: Encryption Exposed | @CloudExpo #Cloud #Security #Encryption

In September 2014, Apple made encryption default with the introduction of the iPhone 6. Then, in February 2016, a Los Angeles judge issued an order to Apple to help break into the encrypted iPhone belonging to a terrorist involved in a mass shooting. Apple had used some of the strongest encryption technologies and practices to protect its users and their data.  The encryption technology did not discriminate between lawful and unlawful users.  While there were many sides to this issue, it surfaced many important debates on security, privacy, and civil rights. Peekaboo For develo... (more)