Has DevOps Lost its Luster? Exploring a Platform Engineering Future
April 04, 2024

Mark Troester
Progress

Nearly two decades ago, proponents of the DevOps movement rallied against traditional software models that called for the developers who write code to be organizationally and functionally separate from those who deploy and support the code. Despite taking a few years, DevOps gained full adoption, and Agile development practices like automated build and test became the status quo after Gartner got on board with the concept in 2011.

Security and Compliance Enter the Arena

Looking back, it's safe to say that Agile and DevOps delivered on their promise of continuous integration and delivery. Development and operations teams were finally provided the flexibility to make changes and improvements during phases, accelerating the delivery of quality software. Despite DevOps's widespread adoption and success, other teams were siloed, including security and compliance. In the nascent stage of DevOps, security and compliance were often sidelined, creating bottlenecks and being labeled as the culprits for delayed releases.

In 2014, the landscape was jolted by an 80% surge in security breaches from the previous year, with over one billion records compromised across 1,500 incidents, as reported by Security Week(link is external). High-profile companies like Home Depot, JP Morgan Chase, and eBay were victims of cyberattacks. These events triggered a shift in development paradigms, placing security and compliance in a pivotal role.

Configuration errors gave rise to DevSecOps, and organizations began integrating security into the Agile development process from the outset. Although the term "DevOps" may seem a bit antiquated, DevSecOps thrives, contingent on embracing the necessary cultural and procedural changes. DevSecOps is bolstered by technology but hinges on a company-wide security-conscious mindset and adopting automated security testing tools.

Exploring Platform Engineering

Recently, platform engineering has become the next big thing, sparking interest in its focus on developing self-service internal developer platforms (IDPs) for streamlined software delivery and lifecycle management. As Gartner(link is external) states, "Platform engineering is an emerging technology approach that can accelerate the delivery of applications and the pace at which they produce business value."

Gartner expects that by 2026, "80% of software engineering organizations will establish platform teams as internal providers of reusable services, components, and tools for application delivery. Platform engineering will ultimately solve the central problem of cooperation between software developers and operators."

In platform engineering, the platform is supported by layered services or tools, created and maintained by a dedicated product team, designed to help the needs of software developers by essentially stitching together components to create a frictionless developer experience. This methodology incorporates Agile, DevOps, and DevSecOps principles and complements them, offering broader benefits when considered collectively.

Key Synergies:

Developer Experience and Productivity – DevSecOps improves support across IT Ops, security, and compliance, not just developers.

Automation – DevSecOps hinges on policy-as-code automation for infrastructure and compliance, while platform engineering expands automation throughout the development cycle.

Self-service – Platform engineering builds on the services-oriented, automated approach of DevSecOps, facilitating self-service capabilities and empowering developers in security and compliance.

Accelerate Value – At the core of tech enablement, from platforms to tools and processes, is the acceleration of high-quality, resilient, and secure application delivery.

As platform engineering gains traction, the integration of DevOps and DevSecOps remains vital, underscoring the enduring relevance of these practices despite the potential for new nomenclature. The evolving roles of DevOps and DevSecOps within the scope of platform engineering are not to be underestimated, as they are central to the rapid development and deployment of applications in an increasingly security-conscious world.

Mark Troester is VP of Strategy at Progress
Share this

Industry News

April 30, 2025

Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.

April 30, 2025

Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.

April 29, 2025

vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.

April 29, 2025

Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.

April 29, 2025

Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.

April 29, 2025

Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).

April 28, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.

April 28, 2025

SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.

April 28, 2025

Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.

April 24, 2025

Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.

April 24, 2025

Harness launched its Cloud Web Application and API Protection (WAAP).

April 24, 2025

Solo.io announced Agent Gateway, an open source data plane optimized for agentic AI connectivity in any environment.

April 24, 2025

Opsera and Lineaje announced a strategic partnership to transform how enterprises secure and remediate open source and containerized software autonomously and at scale.

April 23, 2025

Kubernetes 1.33 was released today.

Kubernetes 1.33 Release Information(link is external)