DevSecOps for a Dollar or Less

By Derek Weeks on October 07, 2019 OWASP

3 minute read time

The DevSecOps Maturity Model (DSOMM) helps you analyze your organization's development pipeline to see where you need to improve.
Read More...

DevOps and Opportunities in Software Supply Chain Governance

By Wayne Jackson on February 09, 2017 open source governance

4 minute read time

Governance has been an evil word for software developers but new approaches unlock massive gains in productivity, reductions in cost, improvements in quality.
Read More...

DevSecOps: Better Software, Faster

By Derek Weeks on February 08, 2017 repository health check

3 minute read time

1 in 16 open source and third-party components downloaded last year included a known vulnerability.
Read More...

All Day DevOps: Practitioner-to-Practitioner

By Derek Weeks on October 30, 2016 Continuous Delivery

2 minute read time

All Day DevOps will deliver 57 practitioner-led sessions over 15 hours and 15 time zones. No vendor pitches are allowed.
Read More...

All Day DevOps Conference: Bringing DevOps to the World

By Derek Weeks on September 08, 2016 Continuous Delivery

4 minute read time

November 15, 2016 will see the first truly global, online DevOps Conference: All Day DevOps. 15 hours, 15 time zones, 54 sessions, 3 keynotes.
Read More...

Government Asks: What’s in Your Software?

5 minute read time

Top performing development organizations embrace supply chain management best practices, including use of a Software Bill of Materials (BOM).
Read More...

An Insider's View: Analyzing Software Supply Chains

5 minute read time

2016 state of the software supply chain report reveals the volume of open source component usage and quantifies the presence of known vulnerabilities.
Read More...

Rugged DevOps: Survival is Not Mandatory

By Derek Weeks on January 25, 2016 Nexus solutions

4 minute read time

Deming, the patron saint of DevOps once advised, “It is not necessary to change. Survival is not mandatory.
Read More...

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 Software Supply Chain

1 minute read time

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket.
Read More...