2017 DevOps Live Kickoff - DevOpsSec Lessons Learned From Toyota To Deming...

Public group

Location visible to members


We're kicking off 2017 with an amazing speaker who has studied the patterns and practices exhibited by 3000 high-performance software development organizations, and he's coming to Dallas to share the results.

This year, software development teams around the world are consuming BILLIONS of open source and third-party components. The good news: they are accelerating time to market. The bad news: 1 in 17 components they are using include known security vulnerabilities. Ugh.

This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 2016 State of the Software Supply Chain Report -- a blend of public and proprietary data with expert research and analysis. Attendees in this session will learn:

- What our analysis of 25,000 applications reveals about the quality and security of software built with open source components

- How organizations like Mayo Clinic, Exxon, Capital One, the U.S. FDA and Intuit are utilizing the DevOps principles of software supply chain automation

- Why avoiding open source components over 3 years old might be a really good idea

- How to balance the need for speed with quality and security -- early in the development lifecycle

Attend this session and leverage the insights to understand how your organization's application DevOpsSec practices compare to others. We'll share the industry benchmarks to take back and discuss with your DevOps and development teams.


Derek E. Weeks
VP and DevOps Advocate

After flying to 40 countries and racing through a half-Ironman competition, Derek woke up one morning on the top of Kilimanjaro and saw the world in a new light. Soon after, Derek become a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He currently serves as vice president and DevOps advocate at Sonatype, creators of the Nexus repository manager and the global leader in solutions for software supply chain automation.

Derek is a co-organizer for the All Day DevOps conference on November 15, 2016. This year and last, Derek led the largest research project on the use of open source software components across 3,000 high performance development organizations -- publishing the results as part of Sonatype's annual State of the Software Supply Chain Report.

If you don't get a chance to attend my session at LASCON, Derek would be happy to come and speak at your local OWASP event. As a 20+ year veteran of the software industry, Derek has advised leading businesses on IT performance improvement practices covering continuous delivery, business process management, systems and network operations, service management, capacity planning and storage management.

Follow Derek on Twitter at: @weekstweets (https://twitter.com/weekstweets)
Find Derek on LinkedIn at: http://www.linkedin.com/in/derekeweeks
Read more about Derek at: http://www.sonatype.org/nexus/author/d-weeks/