ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
DevOps experts — analysts and consultants, users and the top vendors — offer thoughtful, insightful, often controversial and sometimes contradictory predictions on how DevOps and related technologies will evolve and impact business in 2017. Part 5 covers the many facets of DevOps including analytics, security, collaboration and more.
Start with 2017 DevOps Predictions - Part 1
Start with 2017 DevOps Predictions - Part 2
Start with 2017 DevOps Predictions - Part 3
Start with 2017 DevOps Predictions - Part 4
37. GROWTH OF DEVOPS ANALYTICS
Until recently DevOps was focusing on deployment. However, as this area matured, attention turned to automation of operational activities in production from monitoring to incident resolution and ultimately prevention. Such automation heavily depends on visibility and understanding of changes, their context, and their impact across application lifecycle. Thus, we expect development and growth of IT DevOps Analytics focusing on a change from requirements to the production stages - verifying change implementation, transition between the stages, proactively assessing impact of the change, and when required, correlating change to the investigated incidents and problems. Intelligent analytics providing actionable insights will close the DevOps automation loop finally connecting Dev and Ops sides of the IT processes and organization.
DevOps will become much more effective and efficient. Advanced data analytics will help us work smarter, allowing us to shift away from fire fighting last minute issues and wasting time optimizing our slowest pages. Instead, new developments will make way for a clear prioritization of efforts: proactive testing, event response and optimization, along with use cases and demographics that create the most revenue.
Director of Product Management, SOASTA
38. ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING ARRIVE
In 2017, we'll see more application of predictive data and machine learning to help DevOps and delivery teams streamline and accelerate delivery. As teams adopt the practices of continuous integration, testing and delivery, they are creating a wealth of data in the form of logs, test cases, and other SDLC artefacts. Traditionally, this development and test data was only interesting for a very short time, but the potential to find patterns and predictive insight is huge. Don't underestimate the insight in data. The trend of big data and machine learning will arrive for application development teams in 2017.
Head of the Software Digital Research Team, Hewlett Packard Enterprise
Continued innovation with artificial intelligence platforms and toolkits will enable DevOps infrastructure to better anticipate and dynamically adapt to the needs of customers, ultimately making DevOps more cost efficient and resilient.
Co-Founder and Head of Product, Bonsai
We are already seeing the impact of big data in the shifting focus from analyzing the past to predicting the future. As such, in 2017 we expect to see the emergence of intelligent apps that can not only generate contextual insight from real-time data but turn those insights into timely, prescriptive decisions and actions. This means real-time data is no longer a luxury but rather becoming a necessity. Equally important is the adoption of DevOps best practices for continuous delivery and optimization of real time data-driven intelligent applications.
Solutions Manager, Red Hat JBoss Middleware
39. BIG DATA AND METRICS PLAY GREATER DEVOPS ROLE
According to reviewers on IT Central Station, it's clear that Big Data and metrics are expected to play an increased role in promoting DevOps cultures in 2017. IT Central Station community members have explained that their businesses, and particularly enterprises, are looking to generate even more data and analytics surrounding every facet of their applications. This includes all the historical data a company can generate, metrics regarding the topology of an application, all data surrounding service disruptions, location information, information comparing application types and categories, and more.
Founder and CEO, IT Central Station
Read Russell Rothstein's blog: New for 2016: DevOps RoundUp from Real Users of CA, HPE and IBM
More data was created in the last two years than the previous 5,000 years of humanity. In 2017, we will create even more data in one year alone. The type of data created is expanding rapidly across a wide range of industries: biotech, energy, IoT, healthcare, automotive, space and deep sea explorations, cybersecurity, social media, telecom, consumer electronics, manufacturing, gaming and entertainment – the list goes on. Yet, recent research has found that less than 0.5 percent of that data is actually being analyzed for operational decision making. The focus in software will be getting your hands around all that data and being able to use it either strategically to make important long-term decisions, or in real-time to make operational decisions – as there is no value to the data being created if you can't use it. In order to get ahead and stay ahead of the competition, it will be critical for organizations to leverage web application lifecycle management platforms that have the capability to consume huge amounts of data and present that data in a way that helps them make the right decisions.
Read Art Landro's blog: The State of Modern Web: Desktop Is Not Dead
40. DEVOPS EMBRACES CHATOPS
In the coming year, ChatOps will continue to become a larger part of DevOps as organizations learn how to best implement a collaborative environment for employees. Additionally, companies will also begin to develop new and innovative ways to leverage bots for ChatOps.
DevOps Evangelist, VictorOps
Read Jason Hand's blog: DevOps for Crisis Communication: Five Steps to Prevent a Crisis from Becoming a Disaster
ChatOps will begin having a bigger impact on DevOps, and start morphing into "ChatDev". Many teams have build, test, and monitoring hooked up to chat, but relatively few are bringing the tools for driving actions in the development and delivery process into chat. Perhaps because most chat integrations are one-way notifications, rather than full-fledged two-way channels to core development and delivery systems. As our industry embraces chat as a primary interface, this will start to change. And where ops tools initially led the push into ChatOps, developers will also start to get better chat-enabled support for the code to deploy part of the process.
Co-Founder and COO, Atomist
41. AGILE OPS MAKES WAVES
2017 will see the rise of more Ops related content. The Dev side of DevOps has been messaged to death, and development is already agile, however, operations isn't. Agile Ops will make waves in 2017
Product Marketing Director and DevOps Evangelist, Automic Software
Agility will spread out the IT organization and will not stay an exclusive Development initiative. More OpsDev initiatives will lead to the advent of agile operations to better support digital transformation.
Product Marketing Director, Workload Automation, Automic Software
42. DEVOPS EVOLVES INTO DEVTESTOPS
The lines between dev and qa and ops will continue to collapse and the software development teams will evolve towards taking the form of devtestops, rather than devops. We envision the industry moving towards a single vertical of full stack developers who will carry the line of dev, ops and test together.
VP of Engineering, Zephyr
43. DEVSECOPS: BUILT-IN SECURITY
Secure DevOps:You are going to see more security verification and more built-in compliance validation checks happening earlier in the lifecycle that are fully integrated with the development process.
CTO, Electric Cloud
I see security becoming more important to the whole development and test process not as an afterthought, but as something more integral. Some are calling it the DevSecOps.
In 2017, building security practices as code will be part of application development, rather than enforcing it post-facto. This will lead to DevOps going beyond Dev, QA and Ops, to also including security as part of DevOps team. We are already seeing this emergence in the DevSecOps model.
Head of Global Services for Application Development and Management (ADM), Infosys
2017 will be the year of DevOpsSec. It will be the year when at least half of DevOps teams in the Global 5000 get at least one team member focused on making sure security is built-in, fast and easy. For example, while we've been making sure every container uses HTTPS encryption and digital certificates because we're told it's the right thing to do, there's been no one worried about why and how we should use these powerful security controls without screwing up and either making our applications fail or opening up new vulnerabilities. Shocking to hardcore DevOps teams accustomed to flying below the radar: security can be about going fast and safe!
VP of Security Strategy and Threat Intelligence, Venafi
Software defined security will move into the mainstream of DevOps toolchains. DevOps professionals, recognizing that huge quantities of components (e.g., build artifacts, containers, open source binaries) are moving across their software supply chains, will begin to evaluate the quality of those elements at scale. Security will move from a bolt-on practice at the end of a software delivery lifecycle to one built-in that is consumed like a service, thereby empowering development and operations teams to improve and iterate component choices instantly. Wave one of software defined as security in the mainstream will be referred to as DevSecOps.
VP and DevOps Advocate, Sonatype
Frustrated by the intrusive and anachronistic nature of "pre-release" security reviews in what is otherwise CI-CD pipelines, developers will demand that security reviews become a continuous process. They will ask that InfoSec teams conduct a security review of every release, no matter how frequent they are. This will drive InfoSec teams to search for better review tools and methods, hoping to catch up with the speed and agility of development teams. 2017 becomes the year where security automation becomes part of the CICD pipeline.
Co-Founder and VP of Products, Aporeto
Read Amir Sharif's blog: Microservices Rising, Legacy Security Falling Short
In the past few years, there has been a noticeable migration towards security within the DevOps community. People are increasingly using DevOps-related terminology like "continuous security" and "continuous deployment," and more engineering teams are adopting agile security practices. Today's agile cloud environment requires a DevOps approach to security. Software engineering and infrastructure engineering teams are increasingly stepping into security roles, and need collaborative tools to help. By the end of 2017, we'll see widespread implementation of enterprise SecOps – the intersection of security and DevOps.
Sr. Director, Operations and Support, Threat Stack
44. DEVOPS TRANSFORMS THE NETWORK
Two trends are heightening the impact of DevOps on networking. First the advent of network function virtualization changes the way enterprises manage and operate networks. Second the emergence of distributed, agent-based tools extends infrastructure management to geographically-dispersed networks. As a consequence, enterprises and providers are realizing that a DevOps culture can also transform their global networks.
Director, Product Management, 128 Technology
Read 2017 DevOps Predictions - Part 6, the final installment.