Think of the DevSecOps (Continuous Integration/Continuous Delivery or CI/CD) pipeline as the highway. Think of containers as a Tesla. A logical person would never dream of having a concrete mixer work on their new Tesla. Nor would they ask their Tesla mechanic to lay the foundation for the road in front of their home. So why do some believe that Site Reliability Engineering can solve all the diverse set of challenges for DevSecOps? ...
BIZDEVOPS Blog
The purpose of this blog series is to debunk some of the current myths created by marketing hype, lack of understanding of containers, and lack of understanding of how businesses function across DevSecOps to enable overcoming some of the common challenges that are causing failure ...
Complexity kills innovation, there, I've said it. Back in the days of Waterfall methodologies, processes would be bogged down in over-specified requirements and exhausting test regimes. No wonder software development gurus looked to return to the source (sic) and adopt the JFDI approach that remains prevalent today. Trouble is, complexity never went away: it just moved along the pipeline ...
With superior customer experiences becoming arguably the most critical deliverable for a software development company, the traditional way of development-testing-delivery in the value chain needed a change. The result was in the form of enabling Agile and DevOps testing where development and testing are not separate silo-driven processes ...
In the modern software delivery landscape, success comes to those businesses that can keep up with an aggressive release schedule and respond to consumer feedback by implementing new features and fixing issues in a matter of days. The quicker the team can push new code into production, the sooner it can start bringing value. On the other hand, teams can't afford to compromise on quality — updates that make it harder to use the solution leave users frustrated and push them into the arms of competitors ...
There is a story that must be told since it uncovers an injustice visited upon a piece of IT equipment called a mainframe computer. These, like many such situations displaying bigotry and ignorance, are put forward by people who do not understand the butt of their criticism ...
Before releasing a software application to the end customers, it must be measured against parameters like robustness, scalability, speed, responsiveness, interoperability, throughput, and stability under different load conditions. To ensure the fulfillment of these requirements, the application should undergo performance testing under reasonable load conditions ...
At its heart, cybersecurity is about either identifying, or mitigating weaknesses — a raft of vulnerability management products already exist that can scan infrastructure, network connections, software stacks, and indeed, applications and code, and can potentially recommend fixes, or even apply instrumentation and patches. Note however, that use of these tools doesn't deliver DevSecOps ...
DevSecOps inserts security principles and practices into the DevOps lifecycle, squeezing security into the terminology of development and deployment with all the subtlety of a crowbar. The fact that this needs to happen deserves some exploration, not least because of what it suggests: that DevOps left in the wild, doesn't take cybersecurity into account. So, did the creators of DevOps just fall asleep in that lecture, or is something more fundamental going on? What is the relationship between cybersecurity in general and DevOps, and most importantly, what do organizations need to do about it? ...
There is no such thing as a zero-downtime system. All systems fail and all software systems definitely fail. Sometimes the failure is serious enough that the system or some of its services will be down. Think about zero downtime as a best-effort distributed system design. The plan for zero downtime is as follows ...
For business leaders to justify their software investments, software teams in product organizations, in IT and externally must have a track record of quickly and reliably delivering mission-critical capabilities and features important to the business and its customers. Software must deliver the expected value in the market and internally, with the ability to course-correct based on learnings and results. Leaders must have confidence in their software organizations' ability to experiment, fail, recover from failure and then pivot quickly to deliver needed results. Software Delivery Management (SDM) provides a framework, strategy and discipline to benchmark progress, track and manage resources and ultimately deliver results ...
DevOps is something that happens in pockets. Smaller, newer businesses have the benefit of a lack of scale, which means things can happen fast out of the gate. Keeping things small, against all odds, is a route to success: on one software project I was involved in, with hundreds of developers, I wished I could take ten of the people involved and hide them away. That way, I thought, they could build the product everyone else was working on, which ultimately was never delivered ...
Salesforce app development is different from the rest of the software world. This is because the Salesforce applications are tightly bound to the Salesforce platform. Salesforce app developers are keenly focused on the developments within the confines of the ecosystem. While some are happy to stick to the tried and tested, there are those developers who push the boundaries and look to adopt the best development practices from the larger world of software development. They find themselves at an interesting intersection called Salesforce DevOps, or DevOps for Salesforce ...
My researches into the world of development best practice have led me to two conclusions. First that there's a great deal of good stuff going on, but that can sometimes obscure missing elements that have always been necessary — hence my realization that best practice needed an overhaul. It looks like I wasn't alone, as Value Stream Management (VSM) has recently emerged as a front runner as a concept to fill the gaps. VSM essentially considers process efficiency (what's causing slowness and bottlenecks) and process effectiveness (how to ensure the results are beneficial) ...