Articles about DevOps

Generating, managing and accessing secrets within development workflows can be a complex process and lead to the inadvertent introduction of risks.

Security and privacy specialist 1Password is launching a new set of developer tools that aim to simplify complex processes and improve security practices to ensure data is protected, without slowing down the development pipeline. This will also provide developers with secure access to the secrets they need wherever they are.

Continue reading →

One of the biggest headaches of any IT leader today is managing cross-functional teams to develop and deploy software in good time. Not only does their work have to be continuously operational to stay productive, it needs to save the business money, time and all while fixing a never-ending cycle of bugs.

This is why that without a robust DevOps process in place, which is to the benefit of the entire organization, IT management leaders often feel like they are chasing the impossible. 

Continue reading →

Technology is critical to the survival of nearly every modern business, and it is advancing at a whirlwind pace to continue supporting these vital digital infrastructures. One such change includes a shift towards Observability. In the past year, log management, unified monitoring and event management vendors have adopted Observability to understand the internal state of their IT systems through the system’s telemetry data outputs.

Why are vendors navigating toward Observability? Telemetry data, including logs, metrics and traces, allow DevOps and SRE teams to quickly understand service-disrupting incidents in their IT systems, analyze the root cause and mitigate the issue. The visibility into these systems is increasingly more essential as IT infrastructures become more distributed, complex, interconnected and, as a result, fragile. In short, Observability helps IT teams work faster and smarter and improve service assurance in extremely complicated production environments.

Continue reading →

Many large enterprises have legacy systems running on IBM Z-series mainframe platforms. In order to help digital transformation efforts and modernize apps across hybrid environments, Big Blue is announcing a series of new capabilities.

Plans include delivering IBM Z as-a-service on IBM Cloud for development and test, as well as introducing additional tools for developing hybrid applications.

Continue reading →

The timeliness of security checks during the software testing process is critical to more rapid and higher quality software development and yielding higher returns. Yet DevOps and security have historically struggled to integrate in the software development life cycle (SDLC). According to a Gartner study, through 2022, 90 percent  of software development projects plan to follow DevSecOps practices, up from 40 percent  in 2019.

With the increased risks of cyberattacks and pressure on DevOps teams to deliver software to faster timelines, the risks and consequences associated with flawed code and faulty infrastructure configurations cannot afford to be missed in the early development stages. So the pros of uniting these teams is clear, but the cons remain costly and their discord could hold organizations back by making software deployment faster but in doing so releasing security vulnerabilities.

Continue reading →

To drive cost efficiency, organizations need a process in place designed to manage and schedule the rollout of mission-critical software updates and releases to the production environment -- this is where release management comes into play.

Release management is introduced to solve problems, but it must be approached in the right way to succeed effectively. Many of the challenges that businesses face with their software releases in traditional operating environments stem from a disconnect between the development and IT operations teams. To bring these two differing sides together, many have implemented a DevOps methodology as a way to break down the existing silos and provide more value quicker and with fewer risks by balancing throughput and stability.

Continue reading →

DevOps has become the mainstream development culture in recent years, but like other areas of the tech world it continues to evolve.

Add in changes brought about by the pandemic, the Great Resignation, automation and more, and it's clear that the evolution is set to continue. We spoke to Shanea Leven, CEO of CodeSee to find out what changes have already taken place and what the future might hold.

Continue reading →

New research from the Linux Foundation looks at the extent of organizational software bill of materials (SBOM) readiness and adoption tied to cybersecurity efforts.

An SBOM is formal and machine-readable metadata that uniquely identifies a software component and its contents, and it may also include copyright and license data.

Continue reading →

Personnel working in IT or DevOps are more likely to click on phishing emails than those in other areas of an organization.

A new study by F-Secure looks at how over 80,000 people from different organizations responded to emails that simulated one of four commonly used phishing tactics.

Continue reading →

Despite the fact that admin credentials represent a major prize for hackers and cybercriminals, a new report reveals that 65 percent of organizations still rely on shared logins and 41 percent use shared SSH keys.

The survey of 600 DevOps professionals from infrastructure access platform strongDM shows that technical staff at 93 percent of organizations have access to sensitive systems.

Continue reading →

Software supply chain attacks grew by more than 300 percent in 2021 compared to 2020 as attackers focused on open source vulnerabilities and poisoning, code integrity issues, and exploiting the software supply chain process and supplier trust to distribute malware or backdoors.

According to Aqua Security's Argon Security arm, 2021 Software Supply Chain Security Review, security across software development environments remains low, and significantly, every company evaluated had vulnerabilities and misconfigurations that could expose them to supply chain attacks.

Continue reading →

In recent years development teams have been under increasing pressure to produce software and updates quickly, a trend that's only been accelerated by COVID-19.

So, what do industry experts think that 2022 has in store for developers?

Continue reading →

Through evolving legacy modernization, a clear need for automation arose to bring actionable insights to IT and DevOps teams.

Unified monitoring, log management and event management vendors are finding ways to embrace Observability in their tech stacks. And while the overall functionality doesn’t change, these adjustments have led to confusion between IT and DevOps teams. IT Operations and Service Management (ITOSM) professionals are skeptical that Observability is a marketing ploy rather than a tool that actually implements technological change. DevOps professionals, on the other hand, are hesitant of the idea of repurposing legacy tools. So what should vendors do when transitioning standard monitoring technology to use Observability in a meaningful way?

Continue reading →

By its very design, DevOps is a disruptive technology -- but one that can profoundly and positively impact how businesses manage and deliver software projects. As one of the most complex technologies to implement, DevOps includes multiple phases critical to achieving successful digital transformation. But, when it’s managed correctly, DevOps is the most powerful tool available in modern software development.

With proper guidance, organizations that take the leap and deploy DevOps will become adept with its unique structure and realize its ability to create and deliver results at the speed modern business demands. While there are no shortcuts to implementing DevOps, general recommendations to apply will benefit any business considering its implementation.

Continue reading →

Many enterprises have adopted DevOps practices in order to streamline their development. But security is all too often treated as an afterthought.

There is of course a way around this which is to integrate security into the DevOps pipeline, in other words move to DevSecOps.

Continue reading →