Digital transformation is not simply a linear path. It is a journey made of many smaller journeys. In this article, Lori MacVittie, Principle Technical Evangelist, Office of the CTO at F5, takes a look at research from the annual State of Application Strategy Report and digital transformation.
It’s common for deployment speed to come before security in code, however this can lead to vulnerabilities and even cybersecurity attacks. We spoke with Piyush Sharma about how infrastructure as code (IaC) can help protect the supply chain and why development, operations, and security all need to align their priorities.
An ideal testing solution should model and then replay all associated inbound and outbound traffic. Essentially, the traffic would be realistically “mocked” without interrupting the developer team’s workflow as the code is created, from the very beginning of and through the entire development process.
Security checks must not feel like a drag on engineering velocity. A lack of communication between the engineers and developers is often a cause of delay to vulnerabilities being discovered, and unclear responsibilities and can affect the morale of engineers who may feel unable to understand and fix problems in their own code.
It’s no secret that DevSecOps with its speedy delivery and reduction in risk can accelerate the pace of digital transformation. In this article, Michelle Sebek, Senior Product Marketing Manager at Progress discusses the role of DevSecOps in digital transformation and policy-based DevSecOps automation architecture.
In this article, Mike Nelson is the VP of IoT Security at DigiCert, discusses Secure By Design and IoT security after DevOps. The IoT needs to be Secure By Design – it’s an oft-repeated and fundamental best practice for IoT security. However – it’s not enough. Secure By Design is a necessary but insufficient step to reach the goal of a secure IoT.
This article examines GitOps in a real-world environment with issues and lessons on improving performance metrics for developers. GitOps provides an essential framework for DevSecOps, for security checks that extend throughout CI/CD, as well during the post-deployment stages of application management on Kubernetes clusters.
There are a variety of security best practices specific to Kubernetes ─ and containers in general ─ that can help secure the clusters and workloads. They all should be incorporated. This article explores DevSecOps and its approach to handling the Kubernetes infrastructure in a secure manner.
DevOps is continuing to make a transformational impact on the ability of businesses to innovate and compete in today’s digital-centric industries. The key to adopting these methodologies is the integration of release management, which can deliver significant benefits for the whole software delivery process. Getting it right, however, requires organisations to focus on some key priorities.
At the heart of a deployment, we as developers must describe how we want the workload to run — yes, at some point, there’s some YAML. But by moving the state of our CI/CD pipelines forward we can improve the state of the art. The GitOps process can both lower the often dreaded learning curve and the number of operations-related challenges that developers typically face when deploying on Kubernetes.
Developers code a median of 52 minutes per day — or about 4 hours and 21 minutes during a typical work week from Monday to Friday. This article discusses how measuring DevOps metrics and making the flow of work visible helps teams eliminate bottlenecks and gives developers more time to code.
More and more developers have got involved in how to use observability. This has led to a thriving community of developers that have created and supported open source projects around that data. What will happen next around observability? This article takes a look at predictions for the coming year.
Adam Wright, Senior Product Manager at EnterpriseDB is always excited to share how you can use Postgres alongside data-driven apps born in the cloud. In his DevOpsCon session “Cloud Native Patterns with Postgres on K8s”, Adam will show you some core features and how to integrate PostgreSQL into Kubernetes and OpenShift Container Platform workloads.
A significant gap often develops between continuous deployment of applications and accurate entitlement management—particularly as software producers shift to microservices that are delivered in containerized environments. This gap shouldn’t exist. Scott Niemann explains the impact of this gap and how to close it.
