Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
To better align business and IT objectives, enterprise organizations should focus on the core "problems" that individual business units face today in driving out real consumer value. Until the roadblocks and inhibitors — and, ultimately, the resultant technical debt — are removed from the equation, large enterprise organizations will continue struggling to succeed in real transformation initiatives.
Three components to the problem — business, development, IT — were outlined in Part 1 of this blog, and a 3-pronged plan is required to strategically align business goals with IT solutions. To effectively eliminate process inefficiencies and technical debt, internal stakeholders need to collaborate on an IT solution that meets the business goal of releasing quality enhancements for applications that directly impact customers. To meet this strategic need, IT must adopt a plan to modernize applications using stateless microservices, adoption of a CICD pipeline (incorporating a code-based approach to QA and security), and a hybrid cloud infrastructure model to meet the flexible, scalable demands of the business.
Start with Technical Debt: Your Hidden DevOps Nightmare - Part 1
1. Microservices
The easiest way to kick-start application modernization is through stateless microservices. Stateless means that microservices and underlying processes have no underlying dependencies, eliminating the need for shared data repositories and resource sharing across services. By moving to a microservices model, changing an aspect of a single service or application function will not impact other services or functions, which is a major inhibitor to DevOps. It also allows for more rapid change and a higher release frequency, giving developers the ability to realistically keep up with business needs.
2. Pipeline Automation and Containerized Deployments
Automating the code pipeline, containerizing deployments, and building security and QA early into the software development life cycle and deployment processes will eliminate the need for time-consuming manual testing and security intervention. Automating the code commit and delivery processes through a CI pipeline gets development and product teams on board as their new code navigates lower-level environments in an automated fashion without delay.
If configured properly before software releases can be promoted from standard development, test and staging environments, the automated pipeline assures that required vulnerability checks, regression and load testing, and code quality checks have been completed successfully. If the checks fail, the change fails. Properly placing these checks at all levels of the promotion process should meet any controls that enterprise QA and security requires for production applications.
Similarly, leveraging CD packaging through containerization allows incremental code changes to be deployed with requisite controls attached, again without manual intervention. Packaging services like encryption, logging and monitoring into the container architecture takes those items off the developers' to-do list — they're already embedded into every release.
3. Cloud
Adopting cloud deployment targets solves the configuration management, autoscale and capacity management conundrum without the need to procure costly hardware and licensing for lower-level and production environments. More common advanced testing patterns, such as blue/green deployment, require like-for-like lower-level and production environments. This can result in problems like large infrastructure expenditures and often mismatched configuration. Ultimately these issues cause test failures and poor code quality.
In a cloud deployment, IT teams can quickly spin up multiple environments, which saves time and money as long as appropriate controls are in place to ensure idle standby environments are spun down. Leveraging cloud native services also allows for limited third-party integration needs, and data aggregation and visualization offer a holistic view of the pipeline process, quality and security gates.
While this solution seems obvious in theory, in practice, major enterprises often correctly identify the problem yet remain unable to break down company silos and work to eliminate technical debt. Executive teams can come up with a seemingly infallible solution and agree upon an implementation plan, but they remain unable to get any of their team members to adopt and participate in the solution strategy. The reasons are similar in every instance: a lack of funding, a lack of talent, a lack of accountability, little job security.
It is critical to make business, development and IT teams aware that they must own the change in their organization. Resistance needs to be met with the reality that if they don't change, the business will suffer. Creating a feeling of ownership and celebrating victories along the way can help teams more readily adopt a solution strategy, which is integral to its success. Technical debt may be an issue that looms on the horizon for many large enterprises, but with the right approach, it can be eliminated.
Industry News
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
Kindo formally launched its channel partner program.
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
Fastly announced the general availability of Fastly AI Accelerator.
Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.
vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.
Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.
CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.
Grid Dynamics announced the launch of its developer portal.
LTIMindtree announced a strategic partnership with GitHub.