{{announcement.body}}
{{announcement.title}}

DevOps Ten Years Later: We Still Have Work to Do

DZone 's Guide to

DevOps Ten Years Later: We Still Have Work to Do

A reflection on some of the ways that DevOps can still be improved upon since it was established ten years ago.

· DevOps Zone ·
Free Resource

Scaffolding

It's been ten years since a group of like-minded IT professionals met in Belgium for the first DevOpsDay. The idea was to get teams who historically didn't interact much to work together — Development and Operations — to improve the quality of software before it went into production.

In the intervening years, DevOps has gained wider — but not universal — acceptance as a means to produce higher quality software at a more rapid pace. But, as we enter the second decade of DevOps, there is still much work to do. Below are a few issues we need to tackle.

More Training is Required

DevOps is predicated on a lot of automation, so team training is needed to master all of the automation tools. Rapid release cycles, though, can be a shock to developers used to old-school development styles (pre-DevOps) that are still the primary approach in many organizations.

Add More Disciplines

The rapid pace of DevOps and agile release cycles often introduce more security bugs than the slower, siloed approaches they replace. Adding application security teams into the DevOps process may increase the learning curves/pains as most developers have little-to-no experience in application security (vulnerabilities, remediations, etc), but the end result will be fewer security issues.

DevOps Isn't a Universal Cure

Any application that is "pre-DevOps" or is a third-party app gains zero benefits from DevOps. In most large enterprises, so-called "brown-field" apps comprise approximately 80% of all apps, which means there's a big burning issue of how to manage pre-DevOps/third-party apps. Runtime-based solutions including RASP bring rapid-update/remediation benefits to these classes of apps in a DevOps-like way.

The compiler-based technology that Waratek has perfected allows patching, adding security rules, and even upgrading out-of-public support Java platforms in minutes, not months (or years). This eliminates the need for source code changes, production downtime, profiling, tuning, and the use of heuristics along with a lot of needless cost and performance issues.

The Future of DevOps

DevOps is clearly here to stay. New and future greenfield development efforts will be based on DevOps. AppSec will push further "left" into DevOps, in addition to embracing smart runtimes in production which can proactively improve apps in prod (whether that is for performance, uptime, or security concerns) with little-to-no developer involvement.

Further Reading

Software Testing in 2020: 7 Biggest Trends

5 DevOps Challenges and How to Overcome Them

Topics:
devops ,reflection ,training ,future ,devops 2020 ,collaboration

Published at DZone with permission of John Matthew Holt , DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}