The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...
DEVOPSdigest is establishing a tradition with the annual list of DevOps Predictions. DevOps experts — analysts and consultants, users and the top vendors — offer thoughtful, insightful, often controversial and sometimes contradictory predictions on how DevOps and related technologies will evolve and impact business in 2017.
Some of these predictions may actually come true next year, while others may be just as valid but take several years to be realized. Still others may be wishful thinking or unnecessary fears. But taken collectively, this list of predictions offers an insider's look at what the DevOps experts are thinking about, planning, expecting and hoping for next year.
The predictions unveil some very specific expected changes that reflect how DevOps is growing and changing, making this year's list especially interesting. Some of the predictions have a positive outlook, while others foresee challenges on the DevOps horizon. Many of the predictions even contradict each other. No matter who ends of being right or wrong, these predictions are all thoughtful and serious visions of the future of DevOps.
While some of the predictions reappear from last year's list, there are many new ideas, and new ways to look at old ideas. For example, this year's list departs from last year by delving deeply into the cloud, which was barely mentioned in the list of 2016 predictions. The 2017 predictions cover Cloud Native, IaaS, PaaS, Serverless, Hybrid and more.
In addition, the 2017 predictions expand on the discussion of microservices and containers started last year. For 2017, an entire installment is devoted to containers and microservices.
On only the second annual list of predictions, DEVOPSdigest will be posting double the number of predictions compared to last year's list. This speaks not only to the momentum of DEVOPSdigest, but also the accelerated growth and importance of DevOps, which is earning its position as the critical connection between development, operations and the business.
This extensive and exciting list of predictions will be posted in 6 parts over the next week.
Part 1, the first installment, takes a look at the big picture for DevOps in 2017.
1. DEVOPS AT SCALE
If 2016 was the year of DevOps going mainstream, 2017 will mark the emergence of DevOps at scale. We're seeing huge numbers for initial adoption, over 85 percent, but this year will represent the timeframe when enterprises actively seek to drive DevOps across the entirety of their software delivery lifecycle. For example, there's huge interest in expanding Continuous Testing across the entire app delivery spectrum as it not only enables enterprises to shift testing left, engaging it earlier in the SDLC, but it also helps them shift right, leveraging the same processes throughout staging and production.
VP of DevOps Solution Marketing and Management, CA Technologies
Read Aruna Ravichandran's blog: 3 DevOps Predictions for 2017
2. DEVOPS BECOMES MISSION-CRITICAL
DevOps will make major strides from being a niche operating model to simply "the way things are done" in modern IT.
Lucas A. Welch
Director of Communications, Chef
Read Lucas A. Welch's blog: ALDO - Agile Lean DevOps Outcomes
2016 saw increasing adoption of DevOps in the enterprise, as it shifts from an experimental approach to a mission-critical one. In 2017 we predict a greater expansion of DevOps, including a greater focus on shifting security to the left (SecDevOps) and including digital business priorities into the end-to-end culture transformation that DevOps represents (BizDevOps).
As we move into 2017, DevOps principles will start to have much greater impact for large enterprises, with the true value of this methodology being identified through a new approach. Faced with a production environment that differs substantially from the development environment, many large enterprises already depend on the DevOps methodology. However, as development velocity increases, and the scale of the enterprise also increases, these businesses will develop a much greater reliance on DevOps principles in order to rein in the chaos associated with continuous development that's being spurred on by automation.
Area VP, Strategic Marketing, NetScout
3. DEVOPS AS COMPETITIVE ADVANTAGE
The ROI of a DevOps transformation has been established, and companies now understand that in order to stay competitive they have to get better at delivering software – where DevOps comes in.
CEO, Electric Cloud
In 2017 we will see the emergence of DevOps as a significant competitive advantage as new service roll-outs accelerate innovative offerings to market and consumers of these services begin to expect rapid and iterative improvements to address their evolving requirements. As consumer expectations change to adapt to the pace and flexibility of orchestrated and DevOps driven services, providers at the forefront of this innovation will experience a competitive advantage in capturing new business and significant monetization of their investments.
Director, Product Line Management, Ciena
4. DEVOPS FAILURES
In 2017 we will continue to see the term "DevOps" overloaded, overused, and misunderstood. Enterprise buyers will continue to believe that technology investments will fix cultural, organizational, and talent shortcomings resulting in failed projects.
VP of Market Development and Insights, AppDynamics
Despite being mainstream, DevOps adoption will continue to be a struggle for many organizations due to the cultural changes necessary to make it succeed.
Principal Analyst, Ovum
We'll start to hear a few horror stories of enterprises that didn't achieve the results they expected from DevOps. These stories often begin with the fact they bought the tools, but didn't really embrace the practices of lean, collaboration and continuous improvement – which are core to DevOps. Simply having Jenkins and automation is not sufficient enough to achieve delivering faster without sacrificing quality. My advice is to listen and learn from the failure stories. I expect the root cause of many of these stories will be attempts to take short cuts, avoiding the hard work of really transforming delivery.
Head of the Software Digital Research Team, Hewlett Packard Enterprise
5. DIGITAL TRANSFORMATION GOES MAIN STREAM
2017 will be the year when digitization initiatives go mainstream (compete online or die) and the pressure to implement business processes in software will become unrelenting for all mainstream enterprises. Application teams will want to ignore the infrastructure upon which their applications run, but will continue to get jerked back to reality by impacts of the infrastructure (no matter how outsourced) upon their applications and transactions.
6. BIZDEVOPS: GETTING DOWN TO BUSINESS
In 2017, organizations will rely on DevOps to bring software development teams, operations teams and processes into closer alignment with the business. DevOps will continue to rise in importance to the enterprise as it helps accelerate software development and drives innovation. Adoption of DevOps practices will further improve teamwork between Development and other groups. DevOps tools will also deliver comprehensive views of software release cycles combined with operational data to help teams make better-informed decisions. KPI data will come into play, providing a key link between the SDLC and the business. Fundamentally, DevOps will change in 2017 to usher in those advances and others that connect software development to the heart of the enterprise.
Read Flint Brenton's blog: Software Development, the Enterprise and 20/20 Vision: Getting a Clear Picture with Next-Gen DevOps
Organizations have started to realize the benefits of their Agile and DevOps transformations, but these benefits have largely been local optimizations. Agile development teams have become more responsive and adaptive in the way they deliver "done increments" from their backlog, but often still struggle to extend their collaboration beyond their scrum teams. And DevOps initiatives have done outstanding work in using automation to create an environment that enables continuous delivery. But the dream of unifying these initiatives into a single software development and delivery value stream has largely eluded the vast majority of organizations. In 2017, this will start to change as CIOs increase their demands for visibility into the business value that their delivery teams create and the tools that enable a unified value stream become easier to use.
VP Industry Strategy, Tasktop Technologies
7. BUSINESS-CENTRIC AGILE
2017 - Year of Business Centric Agile: Now that DevOps teams are starting to show strides in the art of possible via collaboration with each other – it is time to move up the stack to the line of business buyer and user. Many talk about the need to select just one development methodology. That is only because they have either never had to plan a datacenter from the slab up or an application from the user down. The key is finding common ground through an agile business requirements document to build the blueprint that supports the business objectives while balancing the pipes and plumbing. This approach will become more critical to the continuous integration and continuous delivery process in 2017. This is because companies will face new regulations such as Privacy Shield coming in 2018, balancing the demands for omni-channel experience for today's buyers, and technical debt. DevOps and Transformation experts will really quickly have to create a centralized strategy to automate non-critical functions so the best and brightest can focus on agility, cost, and compliance as they migrate to the cloud to optimize business results.
Author and Strategist, iSpeak Cloud
To download a complimentary template for a Business Centric BRD visit www.ispeakcloud.com
8. DEVOPS EXPANDS ACROSS IT
DevOps is maturing quickly, and IT leaders will realize they need to spread the DevOps love more evenly. Areas such as security, testing and database management will garner more attention and budget as they are creating the biggest bottlenecks to application release.
CTO and Co-founder, Datical
Read Robert Reeves' blog: Why DevOps for the Database Needs to be Part of Your IT Budget
9. MONITORING IN DEVOPS
2017 will be the year of monitoring in DevOps. Up till now, almost all of the tools focus has been on the pre-production provisioning process, but with increasingly mature DevOps programs in many enterprises, the requisite post-deploy feedback loop will now receive greater attention. Taken together with new application architectures such as microservices, we'll see new monitoring technologies as well as pricing models also introduced.
Research VP, IT Operations, Gartner
Read 2017 DevOps Predictions - Part 2, covering development and testing.