Why Your Code is My Code with Sonatype’s Vice President Derek Week’s

Play episode

Or listen in your favorite podcast app

Apple Podcasts  /  Google Podcasts Spotify

Derek Weeks has spent his entire career teaching, educating, and fostering relationships. From his first job with Atari teaching people how to use its consoles, to his role today as a Vice President and DevOps advocate at Sonatype, Derek works to educate others. Derek joined IT Visionaries for a conversation centered on the growth of the DevOps industry and how he is helping to grow that community through All Day DevOps, an online 24-hour conference featuring more than 100 speakers.

Key Takeaways

  • A Growing Industry: Five years ago if 1,000 people attended a developer’s conference it was considered a success. Now, more than 40,000 developers routinely attend All Day DevOps conferences.
  • More Widely-Adopted, But Not Flawless: The use of open-source code continues to rise in popularity due to its velocity and efficiency, but it’s not without vulnerabilities, downloads that included encrypted code, or malware 
  • Seeking Clarity: Many companies still fail to understand exactly what DevOps is, where DevOps can be used, and the benefits of the DevOps industry. Therefore, a lot of education still needs to happen internally as well as externally. 


For a more in-depth look at this episode, check out the article below.

Derek Weeks remembers the day fondly — the one when his dream of working in the technology industry actually came true. He was only a teenager, but he was presented the opportunity to work at one of the revolutionary companies, Atari, teaching people how to use technology.

“It was funny because I’m in ninth grade and I’m teaching adults how to use personal computers at the time,” he said. “I’m sure they were looking cross-eyed at me.”

Weeks was afforded this chance with Atari by tapping into characteristics that would serve him for years to come — persistence and curiosity. Today, Weeks serves as aVice President and DevOps Advocate of Sonatype. He is also the co-founder of All Day DevOps, an online 24-hour virtual conference geared toward the DevOps community. Weeks joined IT Visionaries and dove into how the conference came to fruition, the state of DevOps, and the importance of open-source coding.

Sonatype, the leading provider of DevSecOps provides tools that automate management of modern software supply chains, and according to Weeks, more than 10 million software developers rely on Sonatype to innovate faster while mitigating security risks inherent in open-source code.

“Sonatype feeds off activity that is happening within the software developer environment,” Weeks said. “We do a variety of things to help software developers build better quality code, build it faster, build it more reliably.” 

According to Weeks one of the main reasons developers choose to use open-source code instead of building their own is the efficiency and reliability of the components his team can provide.

The rise of open-source materials has been stark. Weeks mentioned when he arrived at Sonatype nearly seven years ago, the company saw 13 million requests annually for open-source components. Nearly a decade later, that number has skyrocketed to 246 billion downloads in 2019.

“While the consumption of open source components is increasing dramatically, it’s accelerating innovation and allowing businesses to deliver more value faster,” Weeks said. “What we do know is not all of these components are created equal.”

One way that components remain on unequal footing is the security risks that come with these downloads. According to Weeks, 10 percent of all downloads are vulnerable from the beginning. That number rises to 40-50% when those components like JavaScript rely on other variables.

“It’s a matter of helping organizations understand what are the good parts that they’re using and what arethe bad parts,” Weeks said. “And it’s about helping them quickly understand when they’re choosing to use a bad part, that there are good alternatives. It comes down to helping organizations manage their software supply chains.”

To help companies and industry leaders better serve that mission, Weeks helped launch the All Day DevOps conference. The ideation process occurred while Weeks was shuffling from conference to conference across the globe, interacting with the same individuals every stop of the way. He began to wonder about the employees back at their company headquarters who weren’t afforded the same insights he was privy to.

So Weeks turned his attention to creating an online conference with the hopes of getting  1,000 people to participate.

“Five years ago in the DevOps market, a thousand people showing up to a conference would be the biggest DevOps conference in the industry,” he said. 

The first conference was attended by 13,000 people, ran for 24 hours and included more than a 100 speakers. Very quickly, it became the most attended DevOps conference in the world. Since then those numbers have continued to climb, with their last conference welcoming in more than 40,000 participants.

“[The number of attendees] really speaks to the rise of DevOps as an important critical piece of infrastructure,” Weeks said. “There are some organizations that have really strong DevOps practices and cultures, and they are benefiting dramatically from those in terms of the ability for people to work together, for people to have fun, and enjoy the work that they’re doing for them to meet customer demands faster than the organization has ever been before for them to be more competitive in the industry than ever before.” 

While DevOps practices continue to rise in popularity and awareness, Weeks mentioned there is still an issue with companies understanding the areas DevOps encompasses and the importance of the segment. 

“There’s a lot of misunderstanding of what DevOps is and is not, especially for the people that are just getting into the space and want to use it as a buzzword,” he said. “The biggest misconception is people try to understand DevOps as increased velocity of development. It’s not just about velocity or automation. It’s more about feedback loops.”

To hear the entire discussion, tune into IT Visionaries here



Episode 201