Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
This article is featured in the new DZone Guide to DevOps: Implementing Cultural Change. Get your free copy for insightful articles, industry stats, and more!
To understand the current and future state of DevOps, we spoke to 40 IT executives from 37 organizations. Here's who we spoke to:
This article is featured in the new DZone Guide to DevOps: Implementing Cultural Change. Get your free copy for insightful articles, industry stats, and more!
Over the last few years, we've seen the emergence of a new type of discipline in the DevOps landscape. I call it "DevXOps". A DevXOps discipline is one that's established to fill a gap left unaddressed by general DevOps practices.
This article is part of the Key Research Findings from the 2019 DZone Guide to DevOps: Implementing Cultural Change.
Despite the prominence of DevOps in the software industry, less than half of respondents (46%) told us that their organization has an officially designated DevOps team. This lack of an official DevOps team in many organizations manifests itself in the unequal distribution of code deployments. Whereas in DevOps, development and operations teams are meant to work cooperatively to create and release code, 57% of respondents reported that only development teams perform code deployments in their organization. 42% reported this as an operations function, and 32% told us that release engineers handle code deployments. Despite these trends, 54% reported management as a DevOps enabler.
This article is featured in the new DZone Guide to DevOps: Implementing Cultural Change. Get your free copy for insightful articles, industry stats, and more!
The practice of improving and ensuring the security of software is generally referred to as (the field of) application security, or "AppSec" for short. In a traditional waterfall system development lifecycle (SDLC), AppSec was often an afterthought, with someone (a penetration tester) being hired to come in just before release to perform last-minute security testing, or not at all. Slowly, many development shops started adding more AppSec activities such as secure code reviews, providing secure coding guidance or standards, giving developers security tools, and introducing many other great ideas that improved the overall security of the end product. Some companies even went so far as to create their own team dedicated to application security. However, there is currently no agreed-upon standardization on what defines a complete AppSec program, nor a definition of when someone can say that "the job is done" or that they have done "enough" in regard to the security of software. The line seems to vary greatly from team to team, business to government, and country to country, which makes it a difficult thing to measure.
This article is featured in the new DZone Guide to DevOps: Implementing Cultural Change. Get your free copy for insightful articles, industry stats, and more!
When people talk about today's software, two things are clear:
This article is featured in the new DZone Guide to DevOps: Implementing Cultural Change. Get your free copy for insightful articles, industry stats, and more!
Automated tests are a key component of continuous integration (CI) pipelines. They provide confidence that with newly added check-ins, the build will still work as expected. In some cases, the automated tests have the additional role of gating deployments upon failure.