Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

Derek Weeks

Derek serves as vice president and DevOps advocate at Sonatype and is the co-founder of All Day DevOps -- an online community of 65,000 IT professionals.

Securing Software Supply Chains and Dependency Confusion — An Industry Perspective

By Derek Weeks on March 08, 2021 featured
We sat down with experts from The Linux Foundation, Atlantic Council and Sonatype's own CTO to discuss recent software supply chain attacks, dependency confusion and security concerns.
Read More...

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain
Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.
Read More...

The SolarWinds Software Supply Chain Attack: How Developers Can Protect Applications

By Derek Weeks on December 22, 2020 vulnerabilities
The SolarWinds software supply chain attack has made it clear that open source developers need to act now and intelligently manage third party dependencies to protect their apps.
Read More...

Introducing our 2020 State of the Software Supply Chain Report

By Derek Weeks on August 12, 2020 Software Supply Chains
Sonatype's 2020 State of the Software Supply Chain Report shows that faster innovation and better risk management do not have to be mutually exclusive.
Read More...

Money Doesn’t Buy Happiness, But Happy Developers Protect Money

By Derek Weeks on June 26, 2020 devsecops
Developers in mature DevOps practices are 1.2x happier than their grumpy peers in the financial sector. This impacts software security, and your wallet.
Read More...

UPDATE: 21 SaltStack Breaches with 2,900 Still Vulnerable

By Derek Weeks on May 31, 2020 vulnerabilities
When a vulnerability is announced in an open source project, ask immediately: have we ever used that open source component, and (if yes) where is it?
Read More...

Free DevOps: Hatched in Response to COVID-19

By Derek Weeks on April 11, 2020 all day devops
All Day DevOps | Spring Break required organizing an online DevOps conference in 30 days for 4,000 people. It launches this Friday and is free to attend.
Read More...

Happy Developers Produce More Secure Software, Better Business Outcomes

By Derek Weeks on April 07, 2020 vulnerabilities
The 2020 DevSecOps Community Survey confirms correlations between DevSecOps culture and practices, and their influence on motivation and job satisfaction.
Read More...

Continuous Delivery For All

By Derek Weeks on December 24, 2019 Continuous Delivery
Jez Humble addresses the four reasons he consistently hears why continuous delivery won't work in their organization -- and busts all the myths.
Read More...