Skip Navigation

Derek Weeks

Derek serves as vice president and DevOps advocate at Sonatype and is the co-founder of All Day DevOps -- an online community of 65,000 IT professionals.

Securing Software Supply Chains and Dependency Confusion — An Industry Perspective

By Derek Weeks on March 08, 2021 featured

28 minute read time

We sat down with experts from The Linux Foundation, Atlantic Council and Sonatype's own CTO to discuss recent software supply chain attacks, dependency.

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain

2 minute read time

Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.

The SolarWinds Software Supply Chain Attack: How Developers Can Protect Applications

By Derek Weeks on December 22, 2020 vulnerabilities

7 minute read time

The SolarWinds software supply chain attack has made it clear that open source developers need to act now and intelligently manage third party dependencies to.

Introducing Our 2020 State of the Software Supply Chain Report

2 minute read time

Sonatype's 2020 State of the Software Supply Chain Report shows that faster innovation and better risk management do not have to be mutually exclusive.

Money Doesn’t Buy Happiness, but Happy Developers Protect Money

By Derek Weeks on June 26, 2020 devsecops

4 minute read time

Developers in mature DevOps practices are 1.2x happier than their grumpy peers in the financial sector. This impacts software security, and your wallet.

UPDATE: 21 SaltStack Breaches with 2,900 Still Vulnerable

By Derek Weeks on May 31, 2020 vulnerabilities

6 minute read time

When a vulnerability is announced in an open source project, ask immediately: have we ever used that open source component, and (if yes) where is it?

Free DevOps: Hatched in Response to COVID-19

By Derek Weeks on April 11, 2020 all day devops

2 minute read time

All Day DevOps | Spring Break required organizing an online DevOps conference in 30 days for 4,000 people. It launches this Friday and is free to attend.

Happy Developers Produce More Secure Software, Better Business Outcomes

By Derek Weeks on April 07, 2020 vulnerabilities

3 minute read time

The 2020 DevSecOps Community Survey confirms correlations between DevSecOps culture and practices, and their influence on motivation and job satisfaction.

Continuous Delivery For All

By Derek Weeks on December 24, 2019 Continuous Delivery

4 minute read time

Jez Humble addresses the four reasons he consistently hears why continuous delivery won't work in their organization -- and busts all the myths.