DevOps Leadership Series

Derek Weeks

Subscribe to Derek Weeks: eMailAlertsEmail Alerts
Get Derek Weeks: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Derek Weeks
Lambda is the eleventh letter of the Greek alphabet, and it is also the name of the Amazon Web Services (AWS) service that lets you run code without actually configuring a server. Amazon chose the name Lambda because - well, okay, I have no idea. Comment here if you know. Thankfully, ...
Need to brush up your knowledge of CI/CD, automated security, modern infrastructure, or cultural transformations?
In DevOps, those who can’t keep pace are often left behind. For many people leading DevOps initiatives over the past few years, this led to a painful choice of leaving security by the wayside. Many Waterfall-native approaches to security could not keep pace with their new DevOps-native...
Snowflakes are beautiful, unique creations. But, let's keep them in nature. They don't belong in our server infrastructure. Snowflake servers, where every configuration is just a little different, can introduce unnecessary security vulnerabilities and complications. While common in IT ...
The DevOps pipeline is constantly changing. Therefore relevant security controls must be applied contextually. We want to be secure, but I think all of us would rather spend our time developing and deploying software. Keeping up with server updates and all of the other security tasks ...
We all know the story: a farm, a kid, a Commodore 64, and a modem maxing out at 300 bps. A few unexpected phone bills later, and young Ian Allison is figuring out how to game the system so he can keep using his newfound gateway to the world of tech. According to Ian, that is where he ...
When you have a billion users, people notice. That’s where our story about DevOps and Yahoo! starts. For Kishore Jalleda and Gopal Mor, both engineers at Yahoo!, when something goes wrong on a Yahoo! page, people will notice. Correction: a lot of people will notice. Of course, Yaho...
True Story. Over the past few years, Fannie Mae transformed the way in which they delivered software. Deploys increased from 1,200/month to 15,000/month. At the same time, productivity increased by 28% while reducing costs by 30%. But, how did they do it? During the All Day DevOps con...
Ed was demoralized. He had just heard a speaker who would change his life. He knew he needed to change, and he knew what the end goal was. He just didn't know how to get there. He needed fresh air. He needed endorphins. What better way to do that than go on a 6-hour run through some of...
Another Struts 2 Remote Code Exploit (RCE) was recently released, leaving some worried about their security. What steps can you take to protect data?
In September 2014, Apple made encryption default with the introduction of the iPhone 6. Then, in February 2016, a Los Angeles judge issued an order to Apple to help break into the encrypted iPhone belonging to a terrorist involved in a mass shooting. Apple had used some of the stronges...
When building DevOps or continuous delivery practices you can learn a great deal from others. What choices did they make, what practices did they put in place, and how did they connect the dots? At Sonatype, we pulled together a set of 21 reference architectures for folks building con...
With emerging ideas, innovation, and talents, the lines between DevOps, release engineering, and even security are rapidly blurring. I invite you to sit down for a moment with Principle Consultant, J. Paul Reed, and listen to his take on what the intersection between these once individ...
Multiple agencies across the U.S. government are paying closer attention to the software they are buying. More specifically, they want to know what open source and third party components were used to build the software applications. The report notes: U.S. Food and Drug Administrati...
As a long time Java developer, I've always depended on the Maven build process to automatically publish my artifacts to a Nexus Repository Manager. This automated process was made possible thanks to some very useful plugins - specifically, the Maven plugin for Nexus staging and the Ma...
Free Birds, Free Coffee, and Free Willy. Software development is hard enough, so we’re making it easier. You see, a few years ago Sonatype made a promise that Nexus Repository should provide universal component support for free. This month, we are continuing to live up to that promi...
I recently caught up with Paula Thrasher, Application Delivery Lead at CSC and DevOps pioneer in government circles. In our conversation, we discussed a number of important topics including cross-functional teams, software supply chains, paying down technical debt, and her search for p...
“Being able to take needless work out of the system is more important than being able to put more work into the system.” This is one of my favorite quotes from Gene Kim’s book, The Phoenix Project, and it plays directly into why we're announcing the DevOps Express initiative today. Tr...
Analysis of 25,000 applications reveals 6.8% of packages/components used included known defects. Organizations standardizing on components between 2 - 3 years of age can decrease defect rates substantially. Open source and third-party packages/components live at the heart of high velo...
What do dependency resolution, situational awareness, and superheroes have in common? Meet Chris Corriere, a DevOps/Software Engineer at Autotrader, speaking on creative ways to maximize usage of all of the above. Mark Miller, Community Advocate and senior storyteller at Sonatype, cau...
When building DevOps or continuous delivery practices you can learn a great deal from others. What choices did they make, what practices did they put in place, and how did they connect the dots? At Sonatype, we pulled together a set of 21 reference architectures for folks building ...
Software components that were once good can sour instantly when new vulnerabilities are discovered within them. When that happens, the bears are coming, and you have to respond quickly. Two men are walking through a forest. Suddenly, they see a bear off in the distance, running toward...
You might already know them from theagileadmin.com, but let me introduce you to two of the leading minds in the Rugged DevOps movement: James Wickett and Ernest Mueller. Both James and Ernest are active leaders in the DevOps space, in addition to helping organize events such as DevOpsD...
Wow, if you ever wanted to learn about Rugged DevOps (some call it DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps and ...
Call it DevOps or not, if you are concerned about releasing more code faster and at a higher quality, the resulting software delivery chain and process will look and smell like DevOps. But for existing development teams, no matter what the velocity objective is, getting from here to th...
Sonatype's Mark Miller catches up with Ian Buchanan at Atlassian to discuss DevOps leadership, ChatOps, and usage of tools in the continuous delivery pipeline. Ian discussed his experiences at Atlassian, including continuous delivery, ChatOps, and use of tools like Bamboo, Nexus, Puppe...
Deming, the patron saint of DevOps once advised, "It is not necessary to change. Survival is not mandatory." To survive, application development teams are constantly pressured to deliver software even faster. But fast is not enough. The best organizations realize that security, qual...
Imagine that you are designing the 2017 Ford Mustang. Like all gas-powered vehicles, each one needs an exhaust muffler. Ford has already vetted and narrowed in on a preferred provider of mufflers. But imagine what would happen if the designers and factory line workers could pick from a...
People want to get going with DevOps or Continuous Delivery, but need a place to start. Others are already on their way, but need some validation of their choices. A few months ago, I published the first volume of DevOps and Continuous Delivery reference architectures which has now b...