Check Point® Software Technologies Ltd.(link is external) announced major advancements to its family of Quantum Force Security Gateways(link is external).
Steps You Should Be Automating in the SDLC - Part 3
November 07, 2018
DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure.
Start with Steps You Should Be Automating in the SDLC - Part 1
Start with Steps You Should Be Automating in the SDLC - Part 2
DEVELOPMENT ENVIRONMENT
It is critical for any aspiring high velocity engineering organization to automate the set up of development environments. Every manual step and every moment spent on development environment set up is a moment your engineers are not yet creating business value. A new contributor should have a complete environment setup and be able to code within one hour. Additionally, the development environment should match the production environment as much as possible — it is far better to discover an environmental bug in development than after a deploy to production. Fast and automated development environment setups equal more engaged engineers, which equals more engineering business value delivered at a faster pace.
Nell Shamrell-Harrington
Principal Software Development Engineer, Chef(link is external)
Use containers to automate the creation and sharing of your developer environments. Today too many developers still build code on their own machines locally and end up with hard-to-trace problems due to differences in dependencies and runtime package versions. That can be avoided by creating a developer container image for each project based on and perhaps even identical to the production container image. This gets rid of costly "but it works on my machine" problems and, if saved in the project repo, makes it easier for someone to quickly reproduce an older dev environment to address a legacy customer's bug.
Brad Micklea
Senior Director of Developer Experience and Programs, Red Hat(link is external)
There is usually a disconnect between development and production environments, which adds friction when an application needs to be deployed. Using automation to make development look like production, by sharing tools and configurations helps avoid this problem. For example, using a tool to codify and automate the setup and teardown of development in a way that matches production, makes it easier to test applications and avoid them breaking in production due to subtle differences.
Armon Dadgar
Founder and Co-CTO, HashiCorp(link is external)
INFRASTRUCTURE MANAGEMENT
DevOps groups should eliminate error-prone processes like infrastructure and tool upgrades and maintenance through infrastructure management automation and machine learning.
Steve Garrison
VP Marketing, ZeroStack(link is external)
In terms of development lifecycle automation, the biggest bang-for-buck for most organizations is infrastructure. This entails codifying system configurations and providing infrastructure-on-demand, with infrastructure-as-a-service for application teams. For many organizations, standing up infrastructure for development is manual, and the entire lifecycle is bottlenecked waiting for infrastructure to be configured as needed to support internal development, QA and production team activities. Automating infrastructure enables other pipeline processes that depend on infrastructure. In addition, focusing on infrastructure automation is a great starting point for improving collaboration between Dev, QA and Ops as part of a DevOps transformation.
Marc Hornbeek
Principal Consultant – DevOps, Trace3(link is external)
As part of your DevOps process, an area that would benefit from automation: Infrastructure as Code to eliminate rework, nonstandard configurations and enforce company policies for better cost, compliance and agility.
Jeanne Morain
Author and Strategist, iSpeak Cloud(link is external)
SCALABILITY
We should be automating scalability. Today’s cloud provides virtually limitless capacity, so by making automation part of cloud-native architectures, we can pre-authorize scalability, allowing it to happen automatically, without human intervention.
Sharan Gurunathan
EVP and Principal Solutions Architect, Coda Global(link is external)
DASHBOARDS
You should automate the way you build dashboards, and like other automation, dashboard configuration should follow best practices around software development, including versioning and change control. Automation lets you create standard patterns cheaply, which in turn facilitates communication across teams and helps new engineers get up to speed quickly.
Daniel "Spoons" Spoonhower
Co-Founder and CTO, LightStep(link is external)
DATA
Development teams are on-boarding site reliability engineers (SREs) to transform applications to become more resilient. SREs feed off detailed telemetry data from the application to anticipate problems and get ahead of them. Thus, one of the most important automation steps is to embed a monitoring data collector into your application run time early on during the development phase. Later, when the application is in production, the data collector will send telemetry to your monitoring severs regardless of where your application ends up running, in a private or public cloud.
Mike Mallo
Offering Management Lead - Hybrid Cloud DevOps, IBM Cloud Unit, IBM Corporation(link is external)
Any process or handover that requires duplicating data in two systems (tools) should be automated to remove the waste and overhead that slows software delivery teams down and takes time away from value-adding work. For example, copying incident details from an ITSM tool used by the service desk to the Agile planning tool used by developers, and then manually synchronizing the status of both, or copying requirements into Agile stories, or defects into an issue tracker. Automation can flow and synchronize the necessary data across the best-of-breed tools used for planning, design, development, testing, release and operation, providing every role with the information they need in near-real time and directly in their tool of choice. By standardizing and normalizing the data as it flows, software delivery organizations can also get visibility into their big picture metrics — within a single product and across multiple products — and insights into their value creation process.
Naomi Lurie
Director of Product, Tasktop Technologies(link is external)
DATABASE
Automation in software development has traditionally been restricted to front-end applications. The database is now entering the picture because changes to applications often mean the code behind the database schema needs to be updated as well. Companies should therefore think about including the database in continuous integration. By automating the build and testing of code changes every time they are committed to version control, errors will be caught earlier in the development process and the database will no longer be a bottleneck during deployments.
Simon Galbraith
CEO & Co-Founder, Redgate(link is external)
Continuous Delivery is already highly adopted (83%) for Application Development. Yet, with a competitive landscape and a need to continue and improve, companies need to identify other existing bottlenecks in their application release. Databases are the ideal candidate when it comes to accelerating application releases, and are lagging behind application delivery with only 36% CI/CD adoption. In 2019, companies will turn to automate their database releases. While allowing faster database releases is a goal, companies must remember the true goal is to go as fast as possible without the risk of costly re-work and downtime. This can be achieved by adopting DevOps best practices for the database, setting safety nets to negate database risk, as well as manage security aspects to make sure short feedback loops are handled across Dev, Sec & Ops.
Yaniv Yehuda
Co-Founder and CTO, DBmaestro(link is external)
Time and time again, we hear technology leaders say they should have addressed the database release management problem before tackling the easy problem of application release automation. But the reality is — database deployments are often forgotten about. Pushing out the application is the easy part of DevOps, but managing and automating database changes are the real challenges. As development teams continue moving quickly, there is a need to support the high rate of change. Through automation, database administrators (DBAs) have enormous impact on how quickly software gets into the hands of customers, shortening the time it takes to bring application innovation to market innovation to market while eliminating the security vulnerabilities, costly errors, data loss and downtime often associated with manual database deployment methods.
Robert Reeves
CTO and Co-Founder, Datical(link is external)
Read Steps You Should Be Automating in the SDLC - Part 4, all about security.
Industry News
May 29, 2025
Sauce Labs announced the general availability of iOS 18 testing on its Virtual Device Cloud (VDC).
May 29, 2025
Infragistics announced the launch of Infragistics Ultimate 25.1, the company's flagship UX and UI product.
May 29, 2025
CIQ announced the creation of its Open Source Program Office (OSPO).
May 28, 2025
Check Point® Software Technologies Ltd.(link is external) announced the launch of its next generation Quantum(link is external) Smart-1 Management Appliances, delivering 2X increase in managed gateways and up to 70% higher log rate, with AI-powered security tools designed to meet the demands of hybrid enterprises.
May 28, 2025
Salesforce and Informatica have entered into an agreement for Salesforce to acquire Informatica.
May 28, 2025
Red Hat and Google Cloud announced an expanded collaboration to advance AI for enterprise applications by uniting Red Hat’s open source technologies with Google Cloud’s purpose-built infrastructure and Google’s family of open models, Gemma.
May 28, 2025
Mirantis announced Mirantis k0rdent Enterprise and Mirantis k0rdent Virtualization, unifying infrastructure for AI, containerized, and VM-based workloads through a Kubernetes-native model, streamlining operations for high-performance AI pipelines, modern microservices, and legacy applications alike.
May 28, 2025
Snyk launched the Snyk AI Trust Platform, an AI-native agentic platform specifically built to secure and govern software development in the AI Era.
May 28, 2025
Bit Cloud announced the general availability of Hope AI, its new AI-powered development agent that enables professional developers and organizations to build, share, deploy, and maintain complex applications using natural language prompts, specifications and design files.
May 27, 2025
AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
May 27, 2025
LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.
May 27, 2025
DefectDojo announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings.
May 22, 2025
Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
May 22, 2025
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
