The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families; extending beyond cybersecurity specialists.
Since the start of this decade, Agile development patterns such as Extreme Programming (XP), Scrum and Feature-Driven Development (FDD) have been all the rage. That shift has led to massive gains in developer productivity, resulting in more applications and associated updates being delivered at increasingly faster rates. The increased volume of sheer code being moved into production environments has fostered the rise of a new approaches to managing the roll out of applications based on the principles of Continuous Integration and Continuous Delivery (CI/CD).
As part of that process, IT operations teams have embraced a plethora of technologies, ranging from open source CI tools like Jenkins, to IT automation frameworks like Puppet Labs. CI tools ensure the consistent building of application code based on developer changes, while infrastructure as code tools are employed to programmatically and consistently provision IT infrastructure.
The problem that many IT operations teams now encounter is that all these tools are not especially well integrated, which results in limited visibility into the overall application development pipeline. More applications are being built and deployed faster than ever. And more often than not, individual development teams are choosing their tools to deliver their application changes. But overall, there's not much in the way of real governance being applied to how applications are being released into production, to which team and on what schedule.
IT leaders need to be able to manage application development at scale using a factory metaphor that requires lots of instrumentation. The challenge is that, in the case of applications, the actual products being manufactured consist of as much art and craft as they do science. Optimizing the application release cycle requires adding a layer of software abstraction above and around the application development process that serves to make the overall process more efficient without adding more friction.
Application Release Automation Brings Scale and Speed
Stepping into the void is a new category of application release automation (ARA) tools that provide the framework required for managing the roll out applications at unprecedented levels of scale and speed. Application release automation frameworks provide hooks into all the products and services that make up the application development and release process. IT operations teams not only gain access to dashboards that enable them to precisely determine the status of any application development project, they can model those processes in a way that drives a desired set of best practices. In effect, application development and operations teams can now orchestrate the entire application development process on an end-to-end basis to drive development of higher-quality applications faster than ever before.
Historically, the core challenge many IT teams face when trying to implement such an application pipeline process is that it's not feasible to force a development team or IT manager to use a specific set of tools. Each developer and IT manager has their favorite set. Retraining them to use another only generates resentment and lost productivity.
Rather than trying to overcome that resistance, IT operations teams need to be able to impose order from above in a way that creates as little disruption as possible. A modern approach to application release automation requires flexibility. The days when IT leaders could impose highly-structured approaches to building and deploying applications are long over. Each team has its own core skill set that needs to be incorporated into the greater application release management process.
The good news is that most modern tools are based on open interfaces that make it simpler to gather data in a way that is unobtrusive. Instead of requiring everyone in the process to fill out reports that take away time from their core job function, a modern application release management platform automatically gathers all the relevant data based on the information surfaced up through multiple application programming interfaces (APIs). That data is then organized via a series of dashboards that enable everyone in the IT operation teams to see the status of any given project at a glance.
A New Era of Release Management
In effect, the days when project managers needed to directly interrogate or harass developers and IT managers for updates are part of a bygone era. So too are those nasty surprises that occur any time an application development project falls behind schedule with little to no warning. IT operations teams will be informed of any potential issue likely to adversely impact the application development pipeline as it happens. That not only provides peace of mind for everyone involved, it ultimately results in better applications being developed and deployed faster every step of the way.
Derek Langone is CEO of XebiaLabs.
Industry News
CodeRabbit is now available on the Visual Studio Code editor.
The integration brings CodeRabbit’s AI code reviews directly into Cursor, Windsurf, and VS Code at the earliest stages of software development—inside the code editor itself—at no cost to the developers.
Chainguard announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source on SLSA L2 infrastructure.
Sysdig announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation.
Pegasystems unveiled Pega Predictable AI™ Agents that give enterprises extraordinary control and visibility as they design and deploy AI-optimized processes.
Kong announced the introduction of the Kong Event Gateway as a part of their unified API platform.
Azul and Moderne announced a technical partnership to help Java development teams identify, remove and refactor unused and dead code to improve productivity and dramatically accelerate modernization initiatives.
Parasoft has added Agentic AI capabilities to SOAtest, featuring API test planning and creation.
Zerve unveiled a multi-agent system engineered specifically for enterprise-grade data and AI development.
LambdaTest, a unified agentic AI and cloud engineering platform, has announced its partnership with MacStadium, the industry-leading private Mac cloud provider enabling enterprise macOS workloads, to accelerate its AI-native software testing by leveraging Apple Silicon.
Tricentis announced a new capability that injects Tricentis’ AI-driven testing intelligence into SAP’s integrated toolchain, part of RISE with SAP methodology.
Zencoder announced the launch of Zen Agents, delivering two innovations that transform AI-assisted development: a platform enabling teams to create and share custom agents organization-wide, and an open-source marketplace for community-contributed agents.
AWS announced the preview of the Amazon Q Developer integration in GitHub.
The OpenSearch Software Foundation, the vendor-neutral home for the OpenSearch Project, announced the general availability of OpenSearch 3.0.