CA Technologies: 3 DevOps Predictions for 2017
The hottest trends in DevOps aren't specifically about dev or ops
December 30, 2016

Aruna Ravichandran
CA Technologies

A lot of time, resources and energy has been invested over the past few years on de-siloing development and operations. And with good reason. DevOps is enabling organizations to more aggressively increase their digital agility, while at the same time reducing digital costs and risks.

But as 2017 approaches, the hottest trends in DevOps aren’t specifically about dev or ops. They’re about testing, security, and metrics.

1. Continuous testing becomes a top topic of interest in 2017

The rapid promotion of new code into production is a noble goal, but it can also be an express ticket to digital failure. DevOps success requires not just speed, but also quality—that means the rapid promotion of really, really good code. And the only way to ensure that your code is really, really good is to test it, continuously.

We all intuitively know the value of testing. But the accelerated pace of development that comes with successful DevOps practices place increased pressure on the testing function. Leaving testing as a single phase within the software development lifecycle (SDLC) is no longer sufficient.

As the business risk associated with less-than-perfect code increases, as customer expectations regarding digital experiences continue to escalate, and competitors also become more digitally adept, good-enough testing is ceasing to be good enough. Testing has to be more rigorous, and most importantly – it needs to be pervasive across the DevOps lifecycle. Testing can longer only be the domain of QA engineers. Developers need to have the ability to test code as it’s produced—what’s known as shift left testing. Testing has to be faster and more automated. And in addition to “shift left” testing, testing and test results also have to be made available to the operations.

Testing has become the main constraint when it comes to speed with quality at scale. So expect continuous testing to be a top topic of interest in 2017.

2. The unification of development, security and operations – DevSecOps

Another great way to undermine your digital business is to rapidly promote code that perfectly fulfills all of your functional requirements, that efficiently performs at scale … and that leaves you excessively vulnerable to cyber-malice.

So success requires not just speed, but also ensuring that quality, functional requirements AND security needs are met. This means another cultural shift must happen: making sure Security is engaged early with DevOps. Given the increasing intensity and sophistication of attackers — and how rapidly digital compromises turn into bad publicity and potentially irreparable brand damage — code cannot be good without being safe and deployed within a solid security architecture.

As microservices and SDKs evolve, it will be easier for developers to build in security from the start, without taking their focus off of a great user experience. But when it comes to testing and deploying the code, security validation should be viewed as a special case of testing as the requirements of security-related code testing are highly idiosyncratic and dynamic and will likely involve experts and constituencies (e.g. governance, risk and compliance teams) not normally part of the DevOps process.

3. 2017 will bring an increasing focus on metrics

It’s no surprise that until recently, very few IT organizations have paid attention to DevOps metrics. After all, for a number or organizations, it’s been tough enough just getting basic DevOps processes, tools, and culture in place. However, you can’t improve what you can’t measure. So as agile development and DevOps processes continue to expand, expect to see some real progress on both the adoption and the standardization of DevOps success metrics.

Now that there is a critical mass of successful DevOps implementations – as well as some organizations who are starting to evolve into Continuous Delivery — organizations will look to refine practices through iterative, metrics-driven management.

Metrics can help improve digital practices in several ways. Collective metrics can help discover process bottlenecks, optimize resource allocation, and better configure DevOps toolchains. Individual metrics can help pinpoint coaching needs and replicate the behaviors of top performers.

As success measurement becomes increasingly important for DevOps, we are likely to see the industry coalesce around a common set of metrics. While 2016 has seen the industry take steps in this direction — as evidenced by the formation of the DevOps Express consortium — expect to see some real progress on both the adoption and the standardization of DevOps success metrics.

So, yes, in 2017 we will still see focus to some degree on DevOps itself. But as DevOps increases in maturity, we’ll see organizations keep pushing the envelope with more rigorous test automation, more sophisticated pre-production security controls, and great management-by-objective discipline across the DevOps lifecycle.

Aruna Ravichandran is VP, Product & Solutions Marketing, DevOps, CA Technologies

The Latest

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

June 18, 2018

An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, according to Firewalls and the Cloud, a survey conducted by Barracuda Networks...

June 14, 2018

Despite the vast majority of cloud management decision-makers believing that DevOps and microservice enablement are important, very few believe that their organizations are capable of delivering them today — a gap that is costing the average enterprise $34 million per year, according to new report from the Ponemon Institute ...

Share this