CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
How Do You Solve a Problem Like DevOps? - Part 2
There is a rhythm and proper flow to achieving DevOps in the enterprise
June 20, 2016
DevOps emerged to help organizations improve their software delivery and better address the challenges put on IT by the Business to accelerate software releases. How are technology leaders conducting and directing their business’ DevOps transformation to make sure they’re on the right track?
Start with How Do You Solve a Problem Like DevOps? - Part 1
These Are a Few of My Favorite Things
As you look to scale your DevOps adoption across the organization, you will need to analyze and (re)design your end-to- end software delivery pipeline. When doing this, take a system-wide approach and consider: “How do I scale this across all teams, applications, releases and environments?” – so that everyone can reap the benefits and play a part in the success of DevOps.
For example, software development organizations may not be aware of the entire path their code takes from check-in, through build, testing, deployment across environments, etc. Be sure to interview all the different teams and stakeholders until you have a detailed documentation of your cross-functional pipeline(s), including all the tools, technologies, infrastructures and processes involved.
Next, take a look at the bottlenecks. For example: waiting on VMs, builds, configuration drifts between environments, failed tests, bugs making it to production, failed releases, errors or lags due to manual handoffs between teams or tools.
As your organization redesigns its software delivery pipelines to eliminate friction points, here are some of my favorite things to consider on your journey – in order to strengthen your DevOps practices that support stability and scalability:
■ Make it a priority to orchestrate and automate the entire software delivery pipeline.
■ Ensure security access controls and approval gates at critical points along the software delivery process.
■ Incorporate security and compliance tests as part of your DevOps processes to ensure code is checked as it is promoted through the pipeline and into production.
■ Guarantee visibility and auditability so there is real-time reporting of the state of each task along the software delivery process and a record of exactly who did what/where/when.
■ Standardize on toolchains, technology and processes to normalize your software delivery pipelines to allow reusability across teams and applications.
■ Do this, while enabling extensibility and flexibility to support different needs across various teams or variants of the application.
■ Make sure to support bi-modal IT, enabling traditional release practices and support for legacy apps, as well as more modern container/microservices architectures and CD pipelines.
■ Support both linear release pipelines, as well as complex releases that require coordination of many inter-dependent applications and components into many environments.
■ Future-proof your solutions to make them flexible enough to be able to plug-in any new technology stack, tool, or processes as the needs arise.
■ When scaling, make sure your initial design and implementation can support the velocity that your expect across the organization.
■ Address the problem of onboarding not just one, but thousands of applications into a software delivery pipeline.
How Do You Hold a Moonbeam in Your Hand?
The biggest issues IT professionals face today are the very challenges that DevOps aims to alleviate. The fact is, enterprises need to adapt the way they serve their customers at scale. As you adopt DevOps and continue to optimize your processes, you’ll find that you are adjusting – and evolving – your practices to foster the right environment for success. You’ll do this along the lines of culture and leadership and organizational design, processes and technologies, compliance checks and balances, and more.
In this second act, DevOps is an enterprise-wide mindset. While speed and innovation are still as important as ever, companies cannot sacrifice control, visibility and compliance – which are vital to the long-term health of the organization. And balancing speed and risk is what DevOps is all about.
Taking an end-to-end approach to DevOps requires more initial planning and taking all stakeholder’s needs and processes into account, but it saves a lot of time, effort and duplicated work in the long run, and gives organizations confidence as code is being promoted through the Pipeline. The song that needs to be sung now resonates further – it has a larger choir, larger orchestra, and a bigger impact!
Industry News
April 16, 2025
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
April 15, 2025
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
April 14, 2025
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
April 14, 2025
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
April 14, 2025
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
April 10, 2025
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
April 10, 2025
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
April 10, 2025
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
April 09, 2025
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
April 09, 2025
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
April 09, 2025
Akamai Technologies introduced App & API Protector Hybrid.
April 09, 2025
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
April 09, 2025
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
April 08, 2025
Check Point® Software Technologies Ltd.(link is external) has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.
