Articles about DevOps

A decade ago, DevOps emerged as a cultural phenomenon, bringing developers and operations professionals together to break down silos. However, as extraordinary of a shift in IT this was, DevOps has quickly matured to the point where discussing it as a practice seems outdated.

Regardless, the transition from the original concept of DevOps to its current state signifies its triumph rather than its demise. In fact, from the ashes of DevOps rises the platform engineer, a new role specifically tailored for the modern era of DevOps. Under the umbrella of platform engineering, DevOps now operates with a dedicated budget, a team, and a suite of self-service tools that empower developers to directly manage operations.

Continue reading →

Hot on the heels of this morning's story about wasted developer time comes a new survey from GitLab looking at the technologies being used to help DevSecOps teams be more productive.

The company surveyed more than 5,000 development, security, and operations professionals about everything from deployment frequency to the practices teams have adopted to learn what the most agile and efficient organizations have in common.

Continue reading →

The security of APIs remains a top cybersecurity concern this year, according to a new study, yet there is still a lack of dedicated API security for many companies.

Research from TraceableAI, carried out at this year's RSA conference, finds that though 69 percent of organizations claim to factor APIs into their cybersecurity strategy, 40 percent of companies do not have dedicated professionals or teams for API security.

Continue reading →

New research reveals that CISOs are finding it increasingly difficult to keep their software secure as hybrid and multicloud environments become more complex, and teams continue to rely on manual processes that make it easier for vulnerabilities to slip into production.

The study from Dynatrace shows 68 percent of CISOs say vulnerability management is more difficult because the complexity of their software supply chain and cloud ecosystem has increased.

Continue reading →

As organizations and their customers become more reliant on digital services, DevOps teams are often required to get together quickly to troubleshoot and resolve outages or user experience problems.

However, against the backdrop of the 24/7 economy and a shortage of technology skills, it’s time to reassess whether these 'war rooms' remain an effective tactic for dealing with urgent issues. Or, could they be exacerbating the challenges organizations face in retaining staff and managing skilled DevOps teams’ workloads?

Continue reading →

The latest report from JFrog looks at the most prevalent vulnerabilities in 2022 with an in-depth analysis of open source security vulnerabilities that have most impact for DevOps and DevSecOps teams.

The report shows that the severity of six of the top 10 CVEs was overrated, meaning they scored higher in the NVD rating than in JFrog's own analysis. In addition the CVEs appearing within enterprises most frequently are low-severity issues that were simply never fixed.

Continue reading →

A new survey of 1,300 CIOs and senior DevOps managers in large organizations finds it's getting harder for IT teams to maintain software reliability and security amid the rapid acceleration of digital transformation and rising complexity of cloud-native environments.

The study from Dynatrace finds 90 percent of organizations say their digital transformation has accelerated in the past 12 months. 78 percent of organizations deploy software updates into production every 12 hours or less, and 54 percent say they do so at least once every two hours.

Continue reading →

Continuous integration and continuous delivery (CI/CD) are critical to achieving DevOps success across organizations -- offering the ability to get software changes into production safely, quickly, and sustainably. By reducing the time between when code is written and deployed, while allowing developers to maintain high quality and minimize risk, CD enables teams to release new features quickly.

However, for CD to be a success, speed cannot come at the detriment of security. By building security validation into the CI/CD pipeline, developers will see benefits in productivity by reducing time to market and build consumer trust by developing more secure apps and data.

Continue reading →

Developers are under more pressure than ever to deliver projects quickly, but at the same time applications and the supply chain need to be kept secure.

So, what things can we expect to see for development in 2023? Here are some expert views on the key trends.

Continue reading →

With the help of Go for DevOps, you'll learn how to deliver services with ease and safety, becoming a better DevOps engineer in the process

Some of the key things this book will teach you are how to write Go software to automate configuration management, update remote machines, author custom automation in GitHub Actions, and interact with Kubernetes.

Continue reading →

APIs allow products and services to communicate with each other and have become essential to digital transformation projects as they make it easy to open up application data and functionality to third-party developers and business partners, or to departments within the enterprise.

Where legacy systems are involved though it's often necessary to modernize the API infrastructure to ensure things work smoothly and this can lead to serious challenges, especially where security is concerned.

Continue reading →

New research from Progress reveals that 73 percent of IT decision makers admit more could be done to improve their DevSecOps practices, with many organizations behind in their goals.

It's culture that is the biggest impediment to success, with 71 percent of respondents agreeing that culture is the biggest barrier to their DevSecOps progress, yet only 16 percent are prioritizing culture as an area to optimize in the next 12-18 months.

Continue reading →

A new study of 400 software engineering and operations professionals by continuous deployment specialist Armory shows that 80 percent rate ensuring reliable deployments as their top priority.

However, 59 percent say that overly complex deployment to multi-cloud environments is the top app development and deployment issue their engineering team needs to address.

Continue reading →

In the implementation of DevOps processes, the choice of tools is crucial to the sustainability of projects and collaboration between developers and ops.

Learning DevOps -- Second Edition presents the different patterns and tools for provisioning and configuring an infrastructure in the cloud, covering mostly open source tools with a large community contribution, such as Terraform, Ansible, and Packer, which are assets for automation.

Continue reading →

With more open source being consumed than ever before, attacks targeting the software supply chain have increased too, both in frequency and complexity. A new report reveals a 633 percent year on year increase in malicious attacks aimed at open source in public repositories -- this equates to a 742 percent average yearly increase in software supply chain attacks since 2019.

The latest State of the Software Supply Chain Report from Sonatype, released today at the DevOps Enterprise Summit, also finds that 96 percent of open source Java downloads with known-vulnerabilities could have been avoided because a better version was available, but was ignored.

Continue reading →