ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
For those of us deeply immersed in the rapidly advancing DevOps revolution, sometimes it’s hard to remember that we're still early on in this game.
As discussion of "unicorn" adopters has grown somewhat weary – given that these organizations tend to be those whose business models lend themselves to transformation – practitioners have made it abundantly clear that they seek more practical guidance as to where they should expect to find themselves on this journey.
Despite his status as one of the recognized "godfathers" of DevOps, or at the very least one of its most visible spokesman, noted entrepreneur and author Gene Kim (co-author of The Phoenix Project and other seminal works) remains intimately connected to the movement's real-world standing through his continued thought leadership work.
Based on this close connectivity to practitioners – those with both advanced and more nascent initiatives – there's perhaps no better person to ask which milestones, challenges and performance metrics represent the hallmarks of today's existing DevOps adopters.
In a recent interview, Gene shared some interesting feedback on what he's hearing out on the conference circuit and elsewhere in speaking to various stakeholders about their current DevOps strategies.
Filmed at CA World '15, the interview is definitely worth viewing in its entirety, as it touches on timely DevOps maturity topics, including:
According to Kim, there is palpable progress being made related to the continued expansion and strategic import of DevOps adoption, namely:
■ DevOps is in fact spreading rapidly beyond the realm of unicorns –finding a home in many different types of organizations, from financial service providers to old-line product manufacturers, among others.
■ Those people spearheading and supporting DevOps transformation within their organizations are rapidly climbing the ladder, with many of the practitioners he meets being promoted and granted greater responsibility.
■ Organizations are expanding their initial (local) DevOps initiatives to take on more far-reaching (global) influence, across a broader swath of projects, with even greater impact on their overall business strategies.
Based on some ongoing research, Kim said there are five primary challenges that most organizations are working to address today, related to:
■ Automated Testing: Practitioners are still attempting to increase the scope of automated testing to include more of their legacy assets.
■ Cultural Change: How successful organizations have been in driving transition of workflows, roles and responsibilities remains an issue.
■ Security Acceleration: Advancement of security and compliance processes remains an area where most DevOps practitioners cite the need for more work.
■ Operations 2.0: With far more IT operations work being carried out using self-service models, organizations are still working to ensure consistency.
■ Building Metrics:Organizations also remain highly focused on the creation and management of proper metrics to help assess their progress.
In terms of leveraging metrics to deepen internal DevOps buy-in, and further drive home the overarching business case, today’s critical metrics include:
■ Lead time: Specifically, how quickly organizations can move from “code committed” through required testing cycles and into deployment.
■ Deployment rates: Obviously the endgame of DevOps is increasing responsiveness and getting apps in the hands of users more quickly.
■ Change success rates: Because DevOps isn’t only about getting releases out the door, it’s also about the overall quality of those resulting updates.
■ Mean-time-to-repair: This is another no brainer, as leveraging DevOps to find and fix emerging apps issues is at the core of the entire movement.
Worth noting, the research project that Kim is referencing, which surveyed over 20,000 organizations, also concludes that DevOps "high performers" continue to greatly outpace their peers in how they chart progress related to those metrics.
The very nature of DevOps is such that every element of the SDLC is treated like a work-in-progress. Yet, one of the critical elements of advancing your overall effort and driving success is understanding precisely where you stand.