Continuous Deployment

Security in DevOps Is Lagging Despite Advantages and Opportunities

Source – bwcio.businessworld.in Synopsys Inc. has released new data that highlights the opportunities and challenges of DevSecOps, an emerging paradigm in which DevOps teams incorporate application security into their continuous integration and continuous delivery (CI/CD) workflows. The 451 Research report commissioned by Synopsys, DevSecOps Realities and Opportunities, analyses survey results from 350 enterprise decision-makers at large enterprises across a variety of industries. The study found that only half of CI/CD workflows include application security testing elements despite respondents citing awareness

Read more

Why software resilience should be the real goal of DevOps

Source – techtarget.com Years ago, I worked for an organization that prided itself on its internal controls for software. Using a work order, developers had to get every box checked and then outline the steps to move the code to production. If there was a problem, systems would be down, and any “fix” would require a similar rigorous — and documented — process. That single-minded focus on reliability meant we had to batch changes together into projects and roll out less often. It became a

Read more

The Two Key Ways to Monitor DevOps Projects

Source – itbusinessedge.com One of the chief challenges in monitoring DevOps projects is the fact that the resulting application or service is usually pushed out to the cloud or a mobile platform. In many cases, this involves third-party infrastructure and/or monitoring solutions, which can leave the enterprise blind to key performance data. To accommodate this, DevOps teams will need to incorporate two practices that aim to gauge performance across distributed architectures: synthetic monitoring and real user monitoring (RUM). The difference lies in the

Read more

DevSecOps: How to get your team on board

Source – enterprisersproject.com A funny thing happened as IT embraced DevOps and broke down longstanding silos between teams: Many organizations created new silos in their place, around security. “We found through our research that DevOps and security teams are already operating in silos, and the rush to the cloud is exacerbating this disconnect,” says Pete Cheslock, senior director at Threat Stack. “Teams are increasingly isolated, and they’re facing a steep learning curve.” This is why you’re increasingly hearing the term DevSecOps. You’re forgiven if you’re skeptical

Read more

What Are the Right Metrics for DevOps?

Source – itbusinessedge.com DevOps is not merely a technology upgrade but a change to business cultures, processes and models. So it shouldn’t come as a surprise that few organizations have a handle as to exactly what makes a successful transition. One of the biggest mistakes is thinking that traditional performance metrics can give you an idea of what is working, and what isn’t, in a DevOps environment. While it is true that things like resource utilization, network traffic patterns, storage consumption

Read more

Qualys brings web application security to DevOps

Source – helpnetsecurity.com Qualys announced new functionality in its web application security offerings that helps teams automate and operationalize global DevSecOps throughout the Software Development Lifecycle (SDLC), drastically reducing the cost of remediating application security flaws prior to production. Qualys Web Application Scanning (WAS) 6.0 now supports Swagger version 2.0, a new native plugin for Jenkins for automated vulnerability scanning of web applications, and the new Qualys Browser Recorder. New functionality Qualys WAS 6.0 and new capabilities include: Scanning of Swagger-based

Read more

The integration of DevOps and security

Source – jaxenter.com The cloud delivers to enterprises operational and management advantages by being agile, user friendly, and optimized to scale. It also enables IT teams to apply continuous integration/continuous deployment (CI/CD) methods to deliver applications and functionality more rapidly. By using the development and delivery methodology known as DevOps, the entire organization can be more responsive to customer and market needs and deliver innovation continuously. Speed is the essence of DevOps; the idea is to iterate, iterate, iterate, and get

Read more

DevOps success: Why continuous is a key word

Source – enterprisersproject.com “Customers are dropping off our website. Do we need to work on our load times?” “Users can’t open the camera function on our mobile app. How can we fix it?”  “Twitter and Snapchat are down. How can we make sure our web and mobile applications don’t experience the same technical glitches?” Do any of these sound familiar to your organization’s developers? Today’s consumers want bigger and better technologies, tools and features, and they want them now. For most

Read more

GitLab collaborates with Google Cloud on app deployment

Source – sdtimes.com GitLab announced a new collaboration with Google Cloud to offer native integration into Google Kubernetes Engine (GKE). This new integration aligns with GitLab’s vision of Auto DevOps. Auto DevOps is GitLab’s way of automating DevOps and delivering ideas to production faster. It consists of a collection of build, test and deployment features. The new integration aims to simplify the complexity of setting up and deploying to a Kubernetes cluster. It will also automatically configure CI/CD pipelines to build,

Read more

Secdevops or devsecops or devops next-generation (NG) – What is your take on devops?

Source – csoonline.com I recently had the opportunity to attend and present at the Advanced Technology Academic Research Center (ATARC) Devops Summit last month. There was, as expected given the topic, a huge turn-out of US federal, commercial and public-sector participants looking to learn, connect and share lessons from adopting and implementing devops in their organizations. A key moment at the summit conference was an informal survey of over 200 participants by Tom Suder, the President of ATARC. Tom pulsed the

Read more

Developer Report Compares Agile vs. DevOps

Source – techtarget.com One interesting aspect of the new developer report from GitLab Inc. — a company based on the open source GitLab project — is a comparison of two popular development approaches Agile and DevOps. The GitLab project’s Community Edition provides a complete open source software development platform featuring built-in version control, issue tracking, code review and Continuous Integration/Continuation Delivery (CI/CD). In its new “2018 Global Developer Report” based on a survey, GitLab Inc. covered a wide range of

Read more

Integrate DevOps and containers with simple tool adjustments

Source – techtarget.com Organizations adopt DevOps methodologies to reduce application development time and improve code quality, consistency and security. They adopt containers for many of the same reasons. A typical implementation pulls together multiple tools for development and deployment tasks in a chain. It must be flexible enough to accommodate: different programming languages, such as C, Python and Go; application targets, both mobile and web; and diverse deployment platforms, including virtual servers, cloud services and containers. Given the ever-increasing popularity of

Read more

Database automation drives DevOps into the persistence layer

Source – theserverside.com The adoption of highly scriptable cloud-based technologies, along with the emergence of continuous integration (CI) and continuous deployment (CD) tools, has created an environment in which every operations process should be scriptable and all manual processes targeted for automation. Organizations with a DevOps approach to application lifecycle management should automate every process imaginable, but they often hit a wall when they reach the persistence layer. Emerging technologies have the potential to make that limitation disappear. Apply DevOps lessons

Read more

Three Keys to Aligning Digital and DevOps

Source – news.sys-con.com On first glance, Digital Transformation and DevOps seem to be separate, disconnected endeavors – especially once you realize that Digital Transformation is more about aligning the organization with changing customer needs and desires, rather than software. DevOps, in contrast, appears to be all about the code – how to build, maintain, and update it more quickly. Yet this view of DevOps also misses the bigger picture, as the movement is more of a cultural and organizational change that

Read more

How DevOps Principles Are Being Applied to Networking

Source – infoq.com Practices from the DevOps world are being adopted into managing networking services. Vendor hardware, configuration tools and deployment modes have eased programmable configuration and automation of network devices and functions. Some recommendations on how to adopt network automation practices include looking at networks-as-code (along the lines of infrastructure-as-code), orchestration as part of CI/CD pipelines, using network functions that can be deployed in smaller units like containers, applying chaos engineering principles to network services delivery, and measuring and predicting

Read more

Security Strategies for DevOps, APIs, Containers and Microservices

Source – securityboulevard.com More and more IT professionals see DevSecOps, a practice which integrates security measures earlier in the development process to improve production code quality, as a mainstay for future application development. Much of this stems from the growing trend towards speeding up application development through adopting architectures using DevOps, containers and microservices, as well as supporting automation toolchains and frameworks. This trend presents an opportunity for cybercriminals, who are increasingly turning their attention to security gaps and vulnerabilities in

Read more

What is DevSecOps? Developing more secure applications

Source – itworld.com The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to automate core security tasks by embedding security controls and processes early in the DevOps workflow (rather than being bolted on at the end). For example, this could be the case when migrating to

Read more

New Jenkins plugin tackles DevOps pipelines and app maintenance

Source – sdtimes.com Infostretch has announced a free Jenkins plugin and service intended to assist enterprises with streamlining DevOps development. The plugin will significantly decrease the time needed to code DevOps pipelines and migrate to Jenkins 2.0. It will be able to auto-convert about 90 percent of freestyle Jenkins jobs. Now, instead of developers having to go through thousands of jobs to understand tools, configurations, or parameters, the plugin can just generate the appropriate code for them, the company said. “DevOps

Read more

Weave Cloud for GKE aims to simplify DevOps pipeline

Source – rcrwireless.com Weaveworks announced free tier of Weave Cloud for Google Cloud Platform users. The platform is intended to make it easier to develop, deploy and oversee container-based applications. Weave Cloud is a software-as-a-service leveraged by app developers. It is made to alleviate challenges within the container-production pipeline. The platform can be integrated with CNCF Kubernetes, Docker Swarm/UCP, AWS ECS, Apache Mesos and Mesosphere DC/OS. To reap the benefits of the container-managed platform Kubernetes, DevOps teams have to combine various

Read more

5 programming languages you need to know for DevOps

Source – jaxenter.com How can we make sure our DevOps adoption is a success? Are there certain languages that fit DevOps better than others? Today, we take a look at different programming languages to see which is the best approach for DevOps. Quick caveat: if your favorite programming language isn’t on this list, that doesn’t mean it isn’t the bee’s knees. DevOps is a state of mind and a methodological process for technology, not an ironclad one-size-fits-all tech approach. If you’re

Read more
1 5 6 7 8