Author Archives: Derek Weeks

About Derek Weeks

In 2015, I led the largest and most comprehensive analysis of software supply chain practices to date across 106,000 development organizations. I am a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies, reduce costs, and sustain long-lasting competitive advantages. As a 20+ year veteran of the software industry, I have advised leading businesses on IT performance improvement practices covering continuous delivery, business process management, systems and network operations, service management, capacity planning and storage management. As the VP and DevOps Advocate for Sonatype, I am passionate about changing the way people think about software supply chains and improving public safety through improved software integrity. Follow me here @weekstweets, find me here www.linkedin.com/in/derekeweeks, and read me here http://blog.sonatype.com/author/weeks/.

Rugged DevOps: Solving Big Problems


January 27, 2016 By
Derek Weeks
Screen Shot 2016-01-27 at 10.39.16 AM

In part one of this series, “Rugged DevOps: Survival is Not Mandatory”, I shared news that 1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,000 components annually. These components are electively downloaded by development teams, often unaware of the vulnerabilities that come with them.

Continue reading...

Rugged DevOps: Survival is Not Mandatory


January 25, 2016 By
Derek Weeks
Rugged Devops

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.” To survive, application development teams are constantly pressured to deliver software even faster. But fast is not enough. The best organizations realize that security, quality and integrity at velocity are mandatory for survival. Hence, DevOpsSec

Continue reading...

Why CEO’s Choose Harry


January 15, 2016 By
Derek Weeks
HARRY

We are excited to see GrowthCap just announced NEA’s Harry Weller as their Investor of the Year.  Harry and our CEO, Wayne Jackson, started working together in 1998 when he invested in Riverbed Technologies, followed by an investment in SourceFire, and most recently teaming up for the third time with Sonatype.  We’re honored to be partnered […]

Continue reading...

Getting Rugged DevOps Right


December 3, 2015 By
Derek Weeks
Screen Shot 2015-12-03 at 12.28.19 PM

Two Perspectives Jack, an accomplished application security pro, tells me, “The developers won’t talk to us.  It’s like we speak a different language.  They are releasing new builds so fast, how could they check each one for security vulnerabilities?  We can’t move as fast as they do.” Then in the next moment, Diane, a DevOps […]

Continue reading...

Improving Container Security: Docker and More


November 12, 2015 By
Derek Weeks
Screen Shot 2015-11-12 at 2.02.09 PM

This blog was contributed by Chenxi Wang, Chief Strategy Officer at Twistlock.   Earlier this week, Sonatype announced a strategic partnership with Twistlock.  The relationship is incredibly important to furthering automation and security across the software supply chain as it relates to container technologies.  For this reason, we invited Chenxi Wang, Chief Strategy Officer from […]

Continue reading...

Q&A: Running Docker in Production


November 11, 2015 By
Derek Weeks
oss free

On October 29, Sonatype hosted a discussion about the upcoming release of Nexus 3.  This release will provide support for Docker images as a private Docker registry.  A full recording of discussion is available on YouTube.   While we covered Q&A during the webinar, there were many questions that we did not get to answer […]

Continue reading...

Why Nexus Rocketed Beyond 60,000 Installs


November 5, 2015 By
Derek Weeks
GROWTH

Another BIG Milestone Active Nexus repository manager instances have grown to another record high.  As of today, we surpassed the milestone of 60,000 active Nexus installations!  And, YOU, our user community made it happen. With Nexus at the heart of software supply chains and everything continuous, we are excited about all of the great work being done […]

Continue reading...

Please Containerize Your Excitement: Nexus 3 Milestone 5 Release


September 22, 2015 By
Derek Weeks
Screen Shot 2015-09-22 at 11.50.56 AM

We, on the Nexus team, are pleased to announce the arrival of the Nexus 3 Milestone 5 release! Our focus in this milestone release was; hosting and proxying Docker registries, browsing and searching Docker images, browsing components and assets that belong to any repository format. Docker format capabilities in Nexus 3 are brand new and we are excited to have it going out into the wild so we can hear your feedback.

Continue reading...

28 DevOps and Continuous Delivery Reference Architectures (Vol. 2)


September 8, 2015 By
Derek Weeks
Screen Shot 2015-09-01 at 6.45.25 PM

People want to get going with DevOps or Continuous Delivery, but need a place to start.  Others are already on their way, but need some validation of their choices.  In April, I published the first volume of DevOps and Continuous Delivery reference architectures which has now been viewed over 37,000 times on SlideShare (it’s free […]

Continue reading...