CA Technologies: 3 DevOps Predictions for 2017
The hottest trends in DevOps aren't specifically about dev or ops
December 30, 2016

Aruna Ravichandran
CA Technologies

A lot of time, resources and energy has been invested over the past few years on de-siloing development and operations. And with good reason. DevOps is enabling organizations to more aggressively increase their digital agility, while at the same time reducing digital costs and risks.

But as 2017 approaches, the hottest trends in DevOps aren’t specifically about dev or ops. They’re about testing, security, and metrics.

1. Continuous testing becomes a top topic of interest in 2017

The rapid promotion of new code into production is a noble goal, but it can also be an express ticket to digital failure. DevOps success requires not just speed, but also quality—that means the rapid promotion of really, really good code. And the only way to ensure that your code is really, really good is to test it, continuously.

We all intuitively know the value of testing. But the accelerated pace of development that comes with successful DevOps practices place increased pressure on the testing function. Leaving testing as a single phase within the software development lifecycle (SDLC) is no longer sufficient.

As the business risk associated with less-than-perfect code increases, as customer expectations regarding digital experiences continue to escalate, and competitors also become more digitally adept, good-enough testing is ceasing to be good enough. Testing has to be more rigorous, and most importantly – it needs to be pervasive across the DevOps lifecycle. Testing can longer only be the domain of QA engineers. Developers need to have the ability to test code as it’s produced—what’s known as shift left testing. Testing has to be faster and more automated. And in addition to “shift left” testing, testing and test results also have to be made available to the operations.

Testing has become the main constraint when it comes to speed with quality at scale. So expect continuous testing to be a top topic of interest in 2017.

2. The unification of development, security and operations – DevSecOps

Another great way to undermine your digital business is to rapidly promote code that perfectly fulfills all of your functional requirements, that efficiently performs at scale … and that leaves you excessively vulnerable to cyber-malice.

So success requires not just speed, but also ensuring that quality, functional requirements AND security needs are met. This means another cultural shift must happen: making sure Security is engaged early with DevOps. Given the increasing intensity and sophistication of attackers — and how rapidly digital compromises turn into bad publicity and potentially irreparable brand damage — code cannot be good without being safe and deployed within a solid security architecture.

As microservices and SDKs evolve, it will be easier for developers to build in security from the start, without taking their focus off of a great user experience. But when it comes to testing and deploying the code, security validation should be viewed as a special case of testing as the requirements of security-related code testing are highly idiosyncratic and dynamic and will likely involve experts and constituencies (e.g. governance, risk and compliance teams) not normally part of the DevOps process.

3. 2017 will bring an increasing focus on metrics

It’s no surprise that until recently, very few IT organizations have paid attention to DevOps metrics. After all, for a number or organizations, it’s been tough enough just getting basic DevOps processes, tools, and culture in place. However, you can’t improve what you can’t measure. So as agile development and DevOps processes continue to expand, expect to see some real progress on both the adoption and the standardization of DevOps success metrics.

Now that there is a critical mass of successful DevOps implementations – as well as some organizations who are starting to evolve into Continuous Delivery — organizations will look to refine practices through iterative, metrics-driven management.

Metrics can help improve digital practices in several ways. Collective metrics can help discover process bottlenecks, optimize resource allocation, and better configure DevOps toolchains. Individual metrics can help pinpoint coaching needs and replicate the behaviors of top performers.

As success measurement becomes increasingly important for DevOps, we are likely to see the industry coalesce around a common set of metrics. While 2016 has seen the industry take steps in this direction — as evidenced by the formation of the DevOps Express consortium — expect to see some real progress on both the adoption and the standardization of DevOps success metrics.

So, yes, in 2017 we will still see focus to some degree on DevOps itself. But as DevOps increases in maturity, we’ll see organizations keep pushing the envelope with more rigorous test automation, more sophisticated pre-production security controls, and great management-by-objective discipline across the DevOps lifecycle.

Aruna Ravichandran is VP, Product & Solutions Marketing, DevOps, CA Technologies

The Latest

November 15, 2018

Serverless infrastructure environments are set to become the dominant paradigm for enterprise technology deployments, according to a new report — Why the Fuss About Serverless? — released by Leading Edge Forum ...

November 14, 2018

What to automate? Which parts of the delivery process are good candidates? Which applications will benefit from automation? At first, those sound like silly questions. Automate all your repetitive processes. If you think that you'll do the same thing manually more than once, automate it. Why would you waste your creative potential and knowledge by doing things that are much better done by scripts? Yet, an average company does not adhere to that logic. Why is that? ...

November 13, 2018

I'd love to see more security automation deeply integrated into the development process. Everybody knows since the 1990s that security as an afterthought just doesn't work, yet we keep doing it. The reason, I think, is because it's very hard to automate security ...

November 09, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 5, the final installment, covers deployment and production ...

November 08, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 4 is all about security ...

November 07, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure ...

November 06, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 2 covers the coding process ...

November 05, 2018

Everyone talks about automating the software development lifecycle (SDLC) but the first question should be: What should you automate? With this question in mind, DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 1 starts with by-far the most popular recommendation: Testing ...

October 31, 2018

Halloween is a time for all things spooky, but not when it comes to your mobile app experience. A poor experience can not only scare off your customers but keep them away for good ...

October 30, 2018

As organizations have embraced open source, they have become polyglot — using multiple programming languages and technology stacks to accomplish software and hardware related tasks. Enterprises are caught between the benefits provided by a polyglot environment and the complexities and challenges these environments bring. Ultimately, if the situation remains unchecked, polyglot will kill your enterprise ...

Share this