Posted on

New Ways for CNAPP to Shift Left and Shield Right: The Technology Trends That Will Allow CNAPP to Address More Extensive Threat Models

Editor's Note: The following is an article written for and published in DZone's 2024 Trend Report, Cloud Native: Championing Cloud Development Across the SDLC.

The cloud-native application protection platform (CNAPP) model is designed to secure applications that leverage cloud-native technologies. However, applications not in the scope are typically legacy systems that were not designed to operate within modern cloud infrastructures. Therefore, in practice, CNAPP covers the security of containerized applications, serverless functions, and microservices architectures, possibly running across different cloud environments.

Posted on

How Secure Cloud Development Replaces Virtual Desktop Infrastructures

Why Do Organizations Need Secure Development Environments?

The need to secure corporate IT environments is common to all functions of organizations, and software application development is one of them.

At its core, the need for securing IT environments in organizations arises from the digital corporate assets that they carry. It’s often data attached to privacy concerns, typically under regulations such as GDPR or HIPAA, or application source code, credentials, and most recently operational data that can have strategic significance.

Posted on

How to Onboard and Protect Remote Teams With Secure Cloud Environments

How Secure Cloud Development Addresses the Challenge of Working Securely With Remote Teams

The landscape of software development is constantly changing, and secure Cloud Development Environments (CDEs) have brought about a remarkable transformation in secure project management and execution when working with geographically dispersed teams using a remote development platform.  

Adding security to CDEs is extremely pertinent for organizations dealing with remote software development. These firms often struggle with issues such as remote team onboarding, maintaining uniformity in processes, and safeguarding security. Secure CDEs effectively tackle these issues, leading to a development process that's not only more streamlined and flexible but also more cost-effective by removing the need to send laptops secured against data leaks (I discuss this problem here).  

Posted on

The Trusted Liquid Workforce

Remote Developers Are Part of the Liquid Workforce

The concept of a liquid workforce (see Forbes, Banco Santander, etc.) is mostly about this: A part of the workforce is not permanent and can be adapted to dynamic market conditions. In short, in a liquid workforce, a proportion of the staff is made of freelancers, contractors, and other non-permanent employees. Today, it is reported that about 20% of an IT workforce, including software developers, is liquid in a significant part of the Fortune 500 companies.

Figure: It is reported that about 20% of an IT workforce is liquid in a significant part of the Fortune 500 companies.

Actually, working as a freelancer has been a common practice in the media and entertainment industry for a long time. Many other industries are catching up to this model today. From the gig economy to the increasing sentiment stemming from Gen-Y and Gen-Z’ers that employment should be flexible, multiple catalysts are contributing to the idea that the liquid approach is likely to continue eroding the classic workforce.

Posted on

A Brief History of DevOps and the Link to Cloud Development Environments

The history of DevOps is definitely worth reading in a few good books about it. On that topic, “The Phoenix Project,” self-characterized as “a novel of IT and DevOps,”  is often mentioned as a must-read. Yet for practitioners like myself a more hands-on one is “The DevOps Handbook” (which shares Kim as author in addition to Debois, Willis, and Humble) that recounts some of the watershed moments around the evolution of software engineering and provides good references around implementation. This book actually describes how to replicate the transformation explained in the Phoenix Project and provides case studies.

In this brief article, I will use my notes on this great book to regurgitate a concise history of DevOps, add my personal experience and opinion, and establish a link to Cloud Development Environments (CDEs), i.e., the practice of providing access to and running, development environments online as a service for developers.