DEVOPSdigest

CloudBees announced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.

The platform is built on Tekton, uses a GitHub Actions style domain-specific language (DSL), and adds feature flagging, security, compliance, pipeline orchestration, analytics and value stream management (VSM) into a fully-managed single-tenant SaaS, multi-tenant SaaS or on-premise virtual private cloud instance.

This new platform is an open and extensible DevSecOps platform, with the ability to orchestrate any tool in your software development toolchain. It also redefines DevSecOps by addressing the challenges associated with delivering better, more secure and compliant cloud native software at a faster pace than ever.

The CloudBees platform empowers organizations to simplify complex cloud native development and deployment processes across all the tools in the DevOps tool chain, thereby accelerating innovation velocity. It is designed to provide a seamless journey from code development to successful deployment, with an unwavering focus on the following imperatives:

- Developer-centric experience: Enhances the developer experience by minimizing cognitive load and making DevOps processes nearly invisible, using concepts of blocks, automations and golden paths.

- Open and extensible: Embraces the DevOps ecosystem of tools, starting with Jenkins. This flexibility to orchestrate any other tool enables organizations to protect the investments they have already made in tooling. Teams can continue to use their preferred technologies simply by plugging them into the platform.

- Self-service model: Enables platform engineering to customize the platform, thus providing autonomy for development teams. For example, platform engineers can design automations and actions that are then consumed in a self-service mode by developers. Developers focus on what they do best: create innovation. No waiting for needed automations, actions, or resources.

- Security and compliance: Centralizes security and compliance. The CloudBees platform comes with out-of-the-box workflow templates containing built-in security. Sensitive information, like passwords and tokens, are abstracted out of the pipeline, significantly enhancing security and compliance throughout the software development life cycle. Automated DevSecOps is baked in, with best-of-breed checks across source code, binaries, cloud environments, data and identity, all based on Open Policy Agent (OPA). Continuous compliance just happens, with out-of-the box regulatory frameworks for standards such as FedRamp, SOC2 and automated evidence collection for the auditors.

"Today we are announcing the most open and extensible platform on the market, architected for cloud scale and the problems developers and platform teams face today,” said Shawn Ahmed, chief product officer, CloudBees. “Over the past 24 months we have listened, crafted, iterated, and developed a solution based on thousands of unique points of feedback. Time and time again, customers highlight the challenges in going fast, staying secure and improving developer experience. “The CloudBees platform is the culmination of our commitment to reshaping the DevSecOps landscape. Our new platform empowers developers, unifies teams, and accelerates innovation while offering unprecedented flexibility and choice."

The new CloudBees platform will be available on November 1, 2023.