Parker Shaw logo
blog

The Crucial Role of DevSecOps in Modern Software Delivery

By Fay Capstick

This week we shall be looking at the crucial role that security needs to play in the DevOps cycle of modern software delivery.

So, remind me, what is DevOps?

DevOps is the merging of development (Dev) and operations (Ops) in the software development cycle with the aim of increasing efficiency, speed, and security. This creates a more agile and better way of delivering software applications.

What was the goal of DevOps?

The goal of DevOps has been to deliver software more, better and faster, but this comes with a cost. It has been reported that 83% of developers are suffering from burnout across the industry, in part due to the development cycle for software accelerating. What was initially annual releases is now in some cases monthly. This is causing a wellbeing crisis. It is also leading to rushing which is resulting in defects in the resulting software and causing problems for all of us.

Agile was originally meant to be ‘fail fast, fix fast.’ This is fine in theory, but in practice it can mean having vulnerabilities in the software produced. Further, the cost of fixing problems after release is greater than if they were fully assessed before release. This isn’t making developers happy. In fact, the majority of security developers feel that they are having to make compromises to meet the unrealistic deadlines that have been set for them.

Security and testing of updates need to become more important in the software cycle. A good example of this is the recent Crowdstrike disaster, which we have covered in a previous blog. This caused 8.5 million devices to stop working, resulting in cancelled flights and 911 calls failing. Not a result that anyone would want and one that heaps even more pressure onto developers.

So what is the problem?

Complexity is killing DevOps, according to experts. The infinite cycle of software development is meant to be: plan, code, build, test, release, deploy, operate, monitor. In the real world, it has become much more complex than this ideal. It has become messy.

What is the solution?

OpenText has developed one solution with their DevOps Technology Stack to try and help. They are reimagining how software in engineered. This means their customers can develop their software faster, with application delivery and an optimized developer experience. It is also safer, as their software has built-in DevSecOps best practices. It is smarter, as it uses AI augmentation, insights, and analytics. This ensures that the right tests are run at the right time of the developing software, and it is automated. The more testing that is automated the less the error rate.

Why DevOps is all about delivering value

The whole process was meant to be about delivering value and decreasing the time that it takes software to get to market. SDLC has evolved. Starting with Waterfall which focused on the sequence and emphasizing quality, then Iterative, Agile, CI/CD. Then on to DevOps, which focuses on culture and emphasizes responsiveness. The next stage in this evolution is Value Steams. This focuses on the analytics while highlighting risk and emphasizing value.

What is the impact of AI on the software development lifecycle?

It is still early days for AI, so the full impact on the software development lifecycle is still to emerge, but this needs to be considered as it develops. Currently, experts aren’t sure if AI will be part of the full software development cycle or just in parts. Our feeling is that it will be part of the full software development cycle.

The Security Issue

Insecurities are being exploited at lightning speed by bad actors, so security needs to become a vital part of the software lifecycle at every stage. This reduces risk for businesses and their users.

Code reviews and peer testing are vital stages to undertake. This will give everyone confidence in the application that is being released. It will also help with the burnout and pressure that developers feel.

OpenText ValueEdge AI-powered DevSecOps platform

The OpenText ValueEdge AI-powered DevSecOps platform is an important step as it can meet business demand at scale. It has everything in the DevOps infinity loop. Further, the ValueEdge user experience is designed to easily navigate through the DevOps life cycle. It is designed to be intuitive to use, helping the developers. Security is integral and embedded into the whole process, it is not an afterthought, which is something that is vitally important. It is also agile, providing insight and results quickly. Fixes, where appropriate, are also suggested.

What can AI do for DevOps?

It is essential that AI is quickly adopted. Any business waiting to adopt AI is at risk of falling behind its competitors. ValueEdge is powered by DevOps Aviator. This system will decrease risk, increase productivity, reduce cost and improve quality. AI can help to deliver this.

AI will help to rethink the way that the tech industry delivers software, elevating the quality of the software produced and offering intelligent insights at every stage of the process.

This can also accelerate product delivery, which helps businesses get an advantage. AI can also help bring future improvements into the DevOps cycle, such as smart change impact testing. This all means that engineering can be reimagined so that it is faster, safer, and smarter. Something that benefits us all and hopefully stops outages impacting our daily lives.

Final thoughts

At Parker Shaw we have been at the forefront of the sector we serve, IT & Digital Recruitment and Consulting, for over 35 years. We can advise you on all your hiring needs. If you are looking for your next job in the IT sector please check our Jobs Board for our current live vacancies at https://parkershaw.co.uk/jobs-board


This website uses cookies to ensure you get the best experience on our website. By continuing you agree to the terms as specified in our cookie policy