DEVOPSdigest asked experts from across the IT industry for their opinions on the top tools to support DevSecOps. Part 3 covers security and monitoring ...
XebiaLabs released XebiaLabs DevOps Platform version 7.6, which introduces features that help enterprises automatically manage compliance activities, security tasks, and complex release scenarios as they scale and accelerate their software release processes.
XebiaLabs DevOps Platform 7.6 simplifies the challenges of compliance and visibility for large organizations and complex releases. It expands on XebiaLabs’ existing compliance infrastructure, which is built to help companies automate release processes, enforce consistent procedures, capture compliance data as a matter of course, track activities at both executive and granular levels, and predict, find, and address risks early on.
Multiple new features in 7.6 help support DevOps growth across the enterprise:
■ Manage complex releases and microservices with new Release Relationship View – This new view helps enterprises easily manage large, complex releases and their dependencies at scale. Visualizing complex microservices and their dependencies helps teams identify their releases’ relationships and see which releases are on the critical paths of others. This information provides the insights teams need to assure successful releases and to identify problems before they occur. Additionally, it provides a clear understanding of the wide-ranging effects these issues will have and allows teams to take the necessary actions to resolve the situation quickly.
■ Enterprise-class administration with Release Template Version Control – XebiaLabs version 7.6 makes it easier than ever to track template changes and manage templates at scale. While the software has always automatically tracked template changes for compliance and auditing purposes, it now allows teams to save specific versions of a template and manage them as they would manage code in version control. Clear labels, timestamps, and user information provide deeper visibility, and users now have the ability to “undo” actions and easily roll back to previous versions. Teams can compare saved template versions to understand differences.
■ Security, quality, risk analysis, and compliance embedded into each release – New integrations with security and compliance software build in automatic checks as a core function of every release process. Leveraging industry-leading tools, teams can model code compliance checks as built-in automated tasks in their DevOps pipelines. XebiaLabs applies its special risk scoring calculations to assess any task failures, so teams get early notifications and can act quickly when quality is going off-track. The XebiaLabs DevOps Platform communicates risk and quality metrics in customizable dashboards, so compliance status and code quality are easy to see at a glance.
- Integrated Code Security Compliance with Fortify Software Security Center (SSC) ensures code is always evaluated against security metrics.
- Integrated Code Quality Analysis with SonarQube embeds code quality analysis into release pipelines to strengthen test automation and enforce adherence to quality standards.
- Integrated Code Risk Analysis with Black Duck lets enterprises embed verification into their pipelines that tells them whether the open source software being used in their applications and containers is secure. To better manage risk, code can be automatically checked against various vulnerabilities such as license risks, security risks, and operational risks.
■ Customizable DevOps Business Goals – The recently introduced addition to the XebiaLabs DevOps Platform, XL Impact, is further extended to enable teams to customize and visually track the business impact of their DevOps initiatives. They can now choose “by how much” they want to improve and “by when.” For example, teams can set a goal threshold for increasing the speed of application delivery by 20% and assign a specific due date; then XL Impact proactively and graphically informs them on how they are progressing towards that specific goal. By empowering teams with clear goals and helping them measure their own progress against their targets, leaders can sharpen focus around their desired results and objectives for DevOps transformation.