Continuous Deployment

Continuous Deployment
DevOps Perceptions and AdoptionDevOps Perceptions and Adoption

What are tech leaders’ perceptions of DevOps as a deployment strategy?

Does continuous integration and continuous deployment (CI/CD) weaken an organization’s security posture?

Top Answer : Ultimately, everything has to shift left. Everybody has to be hyper-aware and have tools in their integrated development environment (IDE) when they're coding, compiling, testing and when they're pushing to whatever repository—then do that again and again. InfoSec security has to be at the beginning of every project, not at the middle, not at the end. Compliance and legal can be discussed later but when you're looking at the CI/CD process, you really have to lock it down and you need that verification. You can't just let code in and assume it’s fine. Ask SolarWinds, what could happen if you let the systems go through? Ask Experian what happens when you don't have a fully-managed view of your servers, code, vulnerabilities and patch managers.

5 views
2 comments
0 upvotes
Related Tags
How does speed-to-market pressure affect security?

Top Answer : In a perfect world it shouldn’t, since security would not be an afterthought, but rather a part of the day to day normal way of working. In a non-perfect world you might look to compartmentalised those “quick’n’dirty” agile deliveries that every IT team are ask to provide… and then secure and import them later once it has been proven that they will live long enough to warrant it.

What are your thoughts on SaaS management platforms (SMP)?

Top Answer :

12 views
0 comments
2 upvotes
Related Tags
Business Application Development
Architecture & Strategy
Maintenance
Requirements & Design
Testing, Deployment & QA
Mobile Development
Development
Selection & Implementation
Business Analysis
Applications Vendor Landscapes
Optimization
Backup
Data Center
Public and Hybrid Cloud
Telephony
Network
Compute
Storage
Business Applications
Cloud
Crisis Management
Data & Business Intelligence
Artificial Intelligence
Business Intelligence Strategy
Data Management
Enterprise Integration
Integrations
Machine Learning
Governance
Data Lake
Big Data
Data Warehouse
Disruptive & Emerging Technologies
5G
Blockchain
Cryptocurrencies
Virtual Reality
IoT
Reality
Digital Innovation
Bots
Augmented Reality
End-User Services & Collaboration
Collaboration solutions
End User Equipment
End-User Computing Devices
Endpoint management
Productivity tools
Document Management
End-User Computing Applications
End-User Computing Strategy
Mobile
Voice & Video Management
Continuous Integration
Technical Product Management
DevOps
Continuous Deployment
Development
Quality Assurance
Customer Relationship Management
Enterprise Content Management
Customer Success
Enterprise Information Management
Finance
Enterprise Resource Planning
HR
Legal
Marketing Solutions
Retail
Human Resource Systems
Marketing
Product Recommendation
Sales
Risk Management
GDPR
SOX Compliance
Governance, Risk & Compliance
Infrastructure & Operations
Cloud Strategy
I&O Finance & Budgeting
Operations Management
Network Management
DR and Business Continuity
Server Optimization
Leadership
Attract & Select
Cost & Budget Management
Engage
Culture
Manage Business Relationships
Innovation
Organizational Design
Program & Project Management
Train & Develop
Values
Talent management
Performance Measurement
Organization Structure
Manage & Coach
Availability Management
Financial and Vendor Management
Reporting
Service Desk
Management Tools
Enterprise Service Management
People & Process
Process Management
Asset Management
Project & Portfolio Management
Portfolio Management
Project Management Office
Pulse
Security
Confidentiality, Integrity, Availability
Secure Cloud & Network Architecture
Endpoint Security
Data Privacy
Identity and Access Management
Security Operations Center
Security Strategy & Budgeting
Security Vendor Landscapes
Threat Intelligence & Incident Response
Threat & Vulnerability Management
Vendor Management
Infrastructure Vendor Landscapes
Budgeting
Roadmap
Outsourcing
Strategy & Operating Model
Business Continuity
Architecture Domains
Strategy
Tool Recommendation
What’s the main cause of the low-code/pro-code chasm?

Top Answer : Low-code and pro-code teams are working in separate silos, independently. You can't connect them. If we did have a way to connect, then they could work as one team: Low-code developers can build certain things, and then pro-code developers can improve them or take them to the next level. As long as they are working on the same code base, it would be more productive. With these modern agile teams, you can engage more and more business users and get their input on these projects as well. I believe the software industry is like the movie industry, because both are creative and try to provide a better experience for the end user. Developers are visual: We spend a lot of time in front of a whiteboard. We draw stuff and that's how we communicate. So why can't developers get the advantage of the same drawing method when they’re coding? Low-code platforms need to include the concept of proper drawing using notations that developers are familiar with so they can draw and edit at the same time. If we find a platform to support that work and address the problems highlighted above, then we can bridge the low-code/pro-code chasm that organizations are experiencing.

Why doesn’t low-code appeal to professional developers?

Top Answer : Low-code is unappealing to professional developers because of the problems with low-code platforms. The first and key problem is the user experience is not fitting for a pro-code/professional developer. They like to use an integrated development environment (IDE) for coding, but because low-code interfaces are built for the citizen developers it doesn't work properly.  The second issue is that low-code is one way—you can generate code from the graphical interface but you can't edit the source code. If you change the source code, the graphic will not render accurately. And  generated code doesn't fit into the software development life cycle. For example, software developers use version control and they do testing and debugging when there's a problem, but these low-code platforms don't support it to the extent professional developers expected. Also, most low-code platforms are not integrated with other systems and in today's world, you need to integrate with many  SaaS systems like Salesforce, HubSpot and even Google workspaces. All these things need to be integrated when you are building something, but integration capabilities are limited in low-code. The last problem is vendor lock-in. Once you generate a code from low-code,  It has to run within that particular platform. Also, the generated code is not a clean code that a developer can read, understand and modify. So we are working on trying to find a solution by creating textual and graphical parity where the picture is the code and the code is the picture.