Author Archives: Derek Weeks

What’s Happening in the Land of Open Source Components


November 27, 2013 By
Derek Weeks

We continue to see exponential growth in requests from the Central Repository. In fact, there were 8 Billion requests in 2012 – and it is looking like this year will total up to 13 Billion requests.Given these trends, the time seemed right for a series of blog posts that address recent activity in the area of open source governance and security

Continue reading...

Component-Capable Release Management is Key to DevOps


November 18, 2013 By
Derek Weeks

Part 3  —   Part 4 Component-Capable Release Management is Key to DevOps  – Part 5 Up Next  DevOps conversations are dominated by release management and production deployment. These are the primary topics at the DevOps conferences that we have attended in Atlanta, New York, Vancouver, Portland, Barcelona and London. This concerns me at some […]

Continue reading...

PCI 3.0 – Secure Payment Requires Secure Components


November 14, 2013 By
Derek Weeks

Well there is nothing like an updated specification that drives action or interest in a topic. We’re seeing that with the introduction of PCI 3.0. While there are several key updates to the specification, the one I find most interesting reflects the reality of how applications are constructed today – from components. It’s great to […]

Continue reading...

Yes, Policies Can Actually Speed Development


October 31, 2013 By
Derek Weeks

CONTROL, ENFORCEMENT, APPROVALS, POLICIES These concepts run counter to fast, agile, based-development. These words make developers cringe, they are “4 letter words”. Could it be that the problems with these concepts is not what they are trying to accomplish, but how they are implemented? They are intended to ensure that applications developers create are trusted, […]

Continue reading...

Atlanta DevOps Days Recap: Next Up NYC, Vancouver & Portland


October 17, 2013 By
Derek Weeks

We have been participating in the devopsdays events by presenting an ignite talk on how DevOps need to be aligned with how applications are constructed today – with open source components. The ignite presentation style is really interesting – you have 5 minutes to present 20 slides that advance automatically every 15 seconds. I started […]

Continue reading...

(ISC)² Global InfoSec Study – App Vulnerabilities are #1 Concern


September 30, 2013 By
Derek Weeks

The (ISC)2 Global Information Workforce Study CXO Report was recently released. The report found some interesting and troubling data on application security. While security executives noted that application vulnerabilities were their top concern, this did not translate into how their security team invested their time – in fact, focusing on software development was at the […]

Continue reading...

Using Your Repository Manager to Optimize Component Usage


September 24, 2013 By
Derek Weeks

We constantly receive inquiries about how organizations can get the most out of their repository manager. We thought it would be good to address this topic in a series of webinars. While preparing for the webinars, we looked at problems that afflicted organizations who aren’t using a repository manager. Developers Waste Time downloading a massive […]

Continue reading...

Agile, Component Development & DevOps – A Natural Match


September 23, 2013 By
Derek Weeks

Can you think of a technology concept that is more hyped than DevOps? We’ve moved past cloud & virtualization, and while not as hyped as Big Data or mobile, everyone on the development and operations side is talking about DevOps, not to mention DevOpsSec.  Using several blog posts, I’m going to layout the vision for […]

Continue reading...