Appdome has integrated its platform with GitHub to build, scale, and deliver software.
Developers today are faced with the hard reality that modernizing systems is more than simply moving technology to a new location. Rather, they are expected to be intimately familiar with a host of new-generation technologies while simultaneously managing existing legacy systems as they migrate to an infrastructure that is more responsive, predictive, and scalable. Looking ahead to 2021, let's review the trends surrounding the most challenging, yet promising, topics in infrastructure and operations: Kubernetes, site reliability engineering, security, and more.
To say that Kubernetes is the leading container orchestration platform is an understatement. It's the only container orchestration platform that counts. However, to say that Kubernetes is complex is also an understatement. The learning curve is both steep and long.
How will developers address Kubernetes' complexity? We are starting to see some simpler alternatives for specific use cases.
For example, K3S for edge computing, which effectively tackles the compute layer by orchestrating the infrastructure and workloads running at the edge.
Will that trend continue? Or will Kubernetes be subsumed into cloud providers' management consoles in a way that simplifies the options available to developers? While this has yet to be revealed, an important trend for the next year will be attempts to simplify cloud orchestration.
Site Reliability and Observability
Look out for a heavy focus on system observability and its benefits
The sea change in workplace dynamics brought about by COVID-19 has had a parallel effect on the world of site reliability engineering. Companies for whom an online presence was an afterthought are now finding it essential to survival.
They're also finding it necessary to keep their online presence available at all times. Because of this, there will likely be an increase in the demand for site reliability engineers (SREs) — and thus an emphasis on the tools that SREs need.
Look out for a heavy focus on system observability and its benefits: high-speed, actionable data allowing engineers to understand, prevent, and mitigate outages. Although it's only part of the story, there will be a growing interest in OpenTelemetry, a vendor-neutral standard for collecting system data that promises an array of more refined and calibrated open-source tools for observability in the years ahead.
Claiming that cyber threats will increase — and that attacks will become more dangerous — hardly qualifies as a prediction or a trend. The sophisticated cyberattacks that compromised the US Treasury, Commerce, and Homeland Security departments are, sadly, hardly surprising. What's more important is how organizations respond to those threats.
In the past, most companies have taken a reactive approach to security: address breaches as they happen and, if nothing happens, they've spent too much time on security. That approach has failed time and time again. Companies must begin to take a dynamic, holistic approach that strengthens their security posture.
Steps towards resilience include having a robust Identity and Access Management policy by implementing zero trust, multi-factor authentication (MFA), and password-less authentication. There will be an increased use of AI and machine learning (ML) by both good and bad actors. Bad actors will use AI to find and exploit new vulnerabilities, while security teams will use AI and ML tools to detect and block attacks, as well as automating routine tasks.
Multi-Cloud and Hybrid Clouds
The cloud is a capability, not a destination
It's too easy to think of "the cloud" as a place: a single virtual location, with a single provider. As IBM has said frequently, the cloud is a capability, not a destination. By the time most companies start thinking seriously about a "cloud strategy," they already have pilot projects in multiple clouds.
Mergers and acquisitions complicate the situation even more, as does data that has to remain on-premise for regulatory or security reasons. What counts isn't moving applications to a specific provider, but rather having a uniform interface that enables capabilities regardless of physical location. 2021 will be the year that companies adopt multi- and hybrid clouds, removing the operational and developmental barriers between their own, on-premise IT and cloud providers. This year, we will discover what it really means to be "cloud-native."
While application development will no doubt continue to evolve, monitoring for these trends will help DevOps teams focus on the most critical topics facing infrastructure and operations today — allowing them to make the right technical and business decisions that will prepare them and their companies for a successful future.
DigiCert, announced a partnership with ReversingLabs to enhance software security by combining advanced binary analysis and threat detection from ReversingLabs with DigiCert's enterprise-grade secure code signing solution.
Semgrep announced that Semgrep Supply Chain is now free for all to use, up to a 10-contributor limit.
Checkmarx announced its new AI Query Builders and AI Guided Remediation to help development and AppSec teams more accurately discover and remediate application vulnerabilities.
Copado announced a technology partnership with nCino to provide financial institutions with proven tools for continuous integration, continuous delivery and automated testing of nCino features and functionality of the nCino cloud banking platform.
OpsMx announced extensions to OpsMx Intelligent Software Delivery (ISD) that make it a CI/CD solution designed for secure software delivery and deployment.
Couchbase announced a broad range of enhancements to its Database-as-a-Service Couchbase Capella™.
Remote.It release of Docker Network Jumpbox to enable zero trust container access for Remote.It users.
Platformatic launched a suite of new enterprise-grade products that can be self-hosted on-prem, in a private cloud, or on Platformatic’s managed cloud service:
Parasoft announced the release of C/C++test 2023.1 with complete support of MISRA C 2023 and MISRA C 2012 with Amendment 4.
Rezilion announced the release of its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most strategic, not just the most recent, upgrade to fix vulnerable components.
Zesty has partnered with skyPurple Cloud, the public cloud operations specialists for enterprises.
With Zesty, skyPurple Cloud's customers have already reduced their average monthly EC2 Linux On-Demand costs by 44% on AWS.
Red Hat announced Red Hat Trusted Software Supply Chain, a solution that enhances resilience to software supply chain vulnerabilities.
Mirantis announced Lens Control Center, to enable large businesses to centrally manage Lens Pro deployments by standardizing configurations, consolidating billing, and enabling control over outbound network connections for greater security.
Red Hat announced new capabilities for Red Hat OpenShift AI.