Articles about DevOps

Earlier this year hackers were able to exploit container platform Kubernetes to install cryptomining software in Microsoft Azure.

Fei Huang, chief strategy officer at container security platform NeuVector believes that this should be a wake up call to get the attention of enterprise DevOps and DevSecOps teams. We spoke to him to find out more about the risks and how they can be addressed.

Continue reading →

As cloud environments become more and more common the extra risks are mostly well understood but a new blog from Orca Security shows that businesses could be leaving their networks open via common configuration errors.

The use of external CI/CD (continuous integration/continuous delivery) services means access control lists (ACLs) are often changed but this can inadvertently leave internal services open to the world argues Avi Shua, CEO and co-founder of Orca Security.

Continue reading →

The latest State of Software Quality survey from continuous reliability company OverOps shows that 70 percent of respondents say quality is paramount and they would rather delay the product roadmap than risk a critical error impacting their users.

In addition, over half of survey respondents (53 percent) indicate they encounter critical or customer-impacting issues in production at least one or more times a month. A quarter of participants also say that over 40 percent of critical production issues are first reported by end users or customers rather than internal mechanisms.

Continue reading →

The 14th annual State of Agile report from Digital.ai reveals that the pandemic lockdown is driving demand for Agile adoption.

According to the findings 43 percent of organizations say their momentum for Agile adoption has increased over the past 90 days, with 15 percent saying it has increased significantly.

Continue reading →

Multi-cloud environments tend to be harder to secure because teams and applications are much more distributed resulting in a larger attack surface.

A zero-trust approach deals with these threats but can introduce overheads that make it hard to manage. Morpheus Data is integrating VMware NSX-T and Unisys Stealth technology into its cloud automation framework to enable microsegmentation and dramatically simplify the implementation of zero-trust processes.

Continue reading →

There's a clear correlation between DevOps and developer job satisfaction, with developers working within mature DevOps practices 1.5 times more likely to enjoy their work, according to a new study.

The seventh annual DevSecOps Community Survey from Sonatype also shows that those with mature DevOps practices are 1.6 times more likely to recommend their employer to prospects -- critical at a time when the industry continues to face an acute skills shortage.

Continue reading →

Ubuntu creator Canonical is launching a new Managed Apps platform, allowing enterprises to have their apps deployed and operated by Canonical as a fully managed service.

At launch the service will cover ten widely used cloud-native database and LMA (logging, monitoring and alerting) apps on multi-cloud Kubernetes but also on virtual machines across bare-metal, public and private cloud.

Continue reading →

Building security into an application can often be an afterthought for developers, yet building those steps in at an early stage can save companies time and money.

We spoke with Matt Glenn, vice president of product management at Illumio, who shared his insights on why security professionals should be engaging with developers, and why segmentation is becoming a go-to tool for developers to easily implement security into their processes.

Continue reading →

Business leaders rely on business intelligence. This is underpinned by the hard work of their DataOps teams who ensure the complicated connections of the data science BI processes keep flowing. Given the centrality of data to the whole process, the technical team cannot be expected to manage this without getting business leadership to first understand just what effective DataOps entails. In failing to do so, friction grows as strategic direction meets the physical limits of technology, time, skills, and budget. The fundamental promise of big data and data processing is to provide organizations with the insights to make more intelligent decisions. Yet, only infrequently do we see organizations focusing on how they can collect their data as much as they focus on how they can act on it. In other words, they don’t give due consideration to the data they have about... well... collecting data. This appears an oversight given how much of a game-changer these insights can be in terms of operations, reliability and optimizing resource use.

Before diving into how we can collate and make use of this data, however, it is instructive to look at what kind of inputs can be collected on data processing and storage. These, if used properly, can drastically improve processes and improve workload management.

Continue reading →

With DevOps gaining in popularity at many companies, the tension between speed and security is an ongoing issue. This tension exists because the common perception is that security slows down agile development and the CI/CD pipeline.

We spoke to Manish Gupta CEO of continuous application security platform ShiftLeft to discuss the dynamics within DevOps that create this tension and how IT organizations can achieve both speed and security.

Continue reading →

A new survey of enterprise IT operations leaders by infrastructure monitoring and management specialist OpsRamp reveals that 64 percent indicate DevOps is the most sought-after skill.

Other in-demand skills are cloud certifications (61 percent), industry knowledge (56 percent), data science (47 percent) and machine learning (44 percent).

Continue reading →

As data protection legislation tightens and breaches continue to make headlines, there is increased pressure on businesses to implement security by design in their applications.

For many this has meant a move to DevSecOps. We spoke with Rusty Carter, vice president of product management at application security specialist Arxan to find out why this approach is becoming essential.

Continue reading →

In the past managing IP addresses has been relatively easy, but with the rapid growth in connected devices, and lots more addresses becoming available under IPv6, it's set to become a whole lot more complex.

Traffic management company NS1 is launching a solution to the problem with its Enterprise DDI (combining DNS, Dynamic Host Configuration Protocol (DHCP) and IP address management).

Continue reading →

New research from storage and data management company Portworx shows 87 percent of IT professionals are now running container technologies, with 90 percent of those running in production.

In addition seven out of 10 are running at least 40 percent of their application portfolio in containers -- an increase from two years ago, when just 67 percent of teams were running container technologies in production.

Continue reading →

Agile is clearly becoming the norm in the development community according to the findings of a new report from CollabNet VersionOne which has been charting the agile landscape for 13 years.

The report shows 97 percent of organizations now practicing agile development methods. That's not to say its use is universal, however, only 22 percent of respondents report that all their teams are agile, 26 percent more than half and 48 percent less than half.

Continue reading →