Derek E. Weeks
DevOps.com
United States
Contact Derek
Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.
| Recent: |
|
| Past: |
|
Past articles by Derek:
State of the Software Supply Chain: Secure Coding Takes Spotlight
The 2019 State of the Software Supply Chain report analyzes the attributes of exemplary development practices, especially secure coding practices. → Read More
Reducing Risk in Applications Using Docker Containers
It seems like in this day and age you are either using Docker containers or you are going to use them. If you are thinking about adding containers but have concerns about their security, read on. → Read More
200 Billion Downloads Can't Be Wrong
Research has shown that 5.5 percent (1 in 18) of component downloads by repository managers had known security vulnerabilities. → Read More
Challenges in Leading a DevOps Team at a Fortune 100 Company
This All Day DevOps discussion with Uldis Karlovs-Karlovskis focused on how managers can implement DevOps in large organizations, especially where culture and organizational change hamper efforts. → Read More
It’s time to regulate: The U.S. must make software companies liable for breaches
The software industry has failed to sufficiently protect the public from data theft and misuse. It’s time for the U.S. government to get serious about regulation. → Read More
DevSecOps: Don't Invest In Hope
Many organizations are considering their approach to DevSecOps. They are moving beyond hope to strategy. They are choosing action over indifference. → Read More
Software Liability Goes Global
Organizations failing to manage software supply chains, who are unwittingly releasing vulnerable applications into production, will face increased liability due to gross negligence. → Read More
DevSecOps: Digging into Root Cause Analysis
Root cause analysis focuses on what went wrong, and how we can prevent it from happening again. But it doesn’t provide for enough complexity and its natural focus is blame, which can undermine a positive DevOps culture. → Read More
DevSecOps: If You Build It, They Will Come
I recently watched the presentation, “Build It and They Will Come-pliant: DevSecOps in the Real World,” from All Day DevOps. Here is a summary of what I learned. → Read More
Continuous Delivery: No Excuses
During his speak at All Day DevOps, Jez Humble addressed the four reasons he consistently hears from organizations on why continuous delivery won’t work in their organization. → Read More
DevOps Heals at NIH
How is the National Cancer Institute, a government agency attached to the National Institutes of Health, using DevOps to help find a cure for cancer? → Read More
FDA: DevSecOps and Nobody Dies
Dr. Suzanne Schwartz, CDRH Associate Director for Science and Strategic Partnerships at the Food and Drug Administration (FDA), recently released a blog to update us on the FDA’s role in medical device cybersecurity. Cybersecurity risks in medical devices are nothing new. As far back as 2012, Sonatype published warnings of security risks in pacemakers that could lead to … → Read More
Learn DevOps from 57 Experts for Free
Need to brush up your knowledge of continuous integration/continuous delivery (CI/CD), automated security, modern infrastructure or cultural transformations? All Day DevOps just released its Summer School program offering 57 online sessions delivered by DevOps practitioners. Every session is free to watch, and absolutely no registration is required. Watch as many or as few sessions as … → Read More
Scaling DevOps at Pearson
Pearson might be one of the more influential companies you have never heard of. Its footprint in the educational publishing marketplace is expansive, and its scope was just one challenge when it made the move to DevOps. Sean D. Mack (@SeanDMackNYC) is formerly the VP of Operations and Application for Pearson. To give you an idea of … → Read More
Characterizing and Contrasting Container Orchestrators
Lee Calcote discussed four open-source container orchestrators: Nomad, Swarm, Kubernetes and Mesos-Marathon at the 2016 All Day DevOps event. → Read More
Speaking for the Dead: Are 'Agile' and 'Monolithic' Actually Good?
What if Agile is the product of getting bored at work, microservices are the result of us needing a challenge and scrums are the result of an obsessive project manager? Do we all think waterfall development is a dinosaur whose extinction is deserved because of what we have been told and not because of reality? … → Read More
Liberty Mutual: Taking an Organic Approach to DevOps
Some people are directors, managers, and administrators. Others are disrupters. Eddie Webb (@edwardawebb) is an IT disrupter for Software Development Platforms at Liberty Mutual and was a presenter at the 2016 All Day DevOps conference. His talk, “Organically DevOps: Building Quality and Security into the Software Supply Chain at Liberty Mutual,” looked at Liberty Mutual’s transformation to… → Read More
DevOps and Security is Like Smoking Meat
It isn’t everyone who thinks, “Doesn’t Ubuntu remind you of wild boar?” Or labors over his pit of slow-roasted pork shoulder while contemplating containers. Or dwells on e2e testing while mesquite smoke permeates spareribs. But, Apollo Clark (@apolloclark) does. Apollo is a foodie of smoked meats (is that a meatie or smokie?), working to master the craft: understanding … → Read More
Securing Immutable Servers in a Serverless World
Snowflakes are beautiful, unique creations. But, let’s keep them in nature. They don’t belong in our server infrastructure. Snowflake servers, where every configuration is just a little different, can introduce unnecessary security vulnerabilities and complications. While common in IT infrastructure, in the DevOps realm they are gradually becoming ancient history. At All Day DevOps 2016, Erlend… → Read More
Government Legislation Aims to Secure IoT
The U.S. Senate is making moves to protect consumer interests, data, and privacy with regard to the internet of things (IoT). Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-WA) and Steve Daines (R-MT), recently introduced bipartisan legislation called the Internet of Things Cybersecurity … → Read More