search menu icon-carat-right cmu-wordmark

Subject: DevOps

Infrastructure as Code: Moving Beyond DevOps and Agile

Infrastructure as Code: Moving Beyond DevOps and Agile

• SEI Blog
John Klein

Citing the need to provide a technical advantage to the warfighter, the Department of Defense (DoD) has recently made the adoption of cloud computing technologies a priority. Infrastructure as code (IaC), the process and technology of managing and provisioning computers and networks (physical and/or virtual) through scripts, is a key enabler for efficient migration of legacy systems to the cloud. This blog post details research aimed at developing technology to help software sustainment organizations automatically...

Read More
Agile/DevOps, Best Practices in Insider Threat, and Dynamic Design Analysis: The Latest Work from the SEI

Agile/DevOps, Best Practices in Insider Threat, and Dynamic Design Analysis: The Latest Work from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, and presentations highlighting our work in cyber risk and resilience management, Agile/DevOps and risk management, best practices in insider threat, and dynamic design analysis. This post also includes a link to our recently published 2017 SEI Year in Review. These publications highlight the latest work of SEI technologists in these areas....

Read More
Why You Should Apply Agile-DevOps Earlier in the Lifecycle

Why You Should Apply Agile-DevOps Earlier in the Lifecycle

• SEI Blog
Hasan Yasar

DevOps is a set of development practices that emphasizes collaboration, communication, and automation throughout the application lifecycle. In DevOps, all stakeholders--including IT operations staff, testers, developers, customers, and security personnel--are embedded from the inception of the project to its end. This blog post describes SEI research and customer engagements aimed at applying DevOps practices that are typically used at the end of the lifecycle to automate governance at the beginning of the development timeline....

Read More
The Top 10 Blog Posts of 2015: Technical Debt, DevOps, Graph Analytics, Secure Coding, and Testing

The Top 10 Blog Posts of 2015: Technical Debt, DevOps, Graph Analytics, Secure Coding, and Testing

• SEI Blog
Douglas C. Schmidt

In 2015, the SEI blog launched a redesigned platform to make browsing easier, and our content areas more accessible and easier to navigate. The SEI Blog audience also continued to grow with an ever-increasing number of visitors learning more about our research in technical debt, shift-left testing, graph analytics, DevOps, secure coding, and malware analysis. In 2015 (from January 1 through December 15), the SEI blog logged 159,604 visits and sessions (we also switched analytics...

Read More
The 2014 Year in Review: Top 10 Blog Posts

The 2014 Year in Review: Top 10 Blog Posts

• SEI Blog
Douglas C. Schmidt

In 2014, the SEI blog has experienced unprecedented growth, with visitors in record numbers learning more about our work in big data, secure coding for Android, malware analysis, Heartbleed, and V Models for Testing. In 2014 (through December 21), the SEI blog logged 129,000 visits, nearly double the entire 2013 yearly total of 66,757 visits....

Read More
Security in Continuous Integration

Security in Continuous Integration

• SEI Blog
Chris Taschner

Software development teams often view software security as an afterthought, something that can be added on after the product is fully functional. Although this approach may have made some sense in the past, today it's largely seen as a mistake since it can lead to unanticipated vulnerabilities in released code. DevOps provides a mechanism for change and enforcement when it comes to security. DevOps practitioners should find it natural to integrate a security focus into...

Read More
What is DevOps?

What is DevOps?

• SEI Blog
Todd Waits

In a previous post, we defined DevOps as ensuring collaboration and integration of operations and development teams through the shared goal of delivering business value. Typically, when we envision DevOps implemented in an organization, we imagine a well-oiled machine that automates infrastructure provisioning code testing application deployment Ultimately, these practices are a result of applying DevOps methods and tools. DevOps works for all sizes, from a team of one to an enterprise organization....

Read More
DevOps and Agile

DevOps and Agile

• SEI Blog
C. Aaron Cois

Melvin Conway, an eminent computer scientist and programmer, created Conway's Law, which states: Organizations that design systems are constrained to produce designs which are copies of the communication structures of these organizations. Thus, a company with frontend, backend, and database teams might lean heavily towards three-tier architectures. The structure of the application developed will be determined, in large part, by the communication structure of the organization developing it. In short, form is a product of...

Read More
DevOps Enhances Software Quality

DevOps Enhances Software Quality

• SEI Blog
C. Aaron Cois

A DevOps approach must be specifically tailored to an organization, team, and project to reflect the business needs of the organization and the goals of the project. Software developers focus on topics such as programming, architecture, and implementation of product features. The operations team, conversely, focuses on hosting, deployment, and system sustainment. All professionals naturally consider their area of expertise first and foremost when discussing a topic. For example, when discussing a new feature a...

Read More
A New Weekly Blog Series to Help Organizations Adopt & Implement DevOps

A New Weekly Blog Series to Help Organizations Adopt & Implement DevOps

• SEI Blog
C. Aaron Cois

DevOps is a software development approach that brings development and operations staff (IT) together. The approach unites previously siloed organizations that tend to cooperate only when their interests converge, resulting in an inefficient and expensive struggle to release a product. DevOps is exactly what the founders of the Agile Manifesto envisioned: a nimble, streamlined process for developing and deploying software while continuously integrating feedback and new requirements. Since 2011, the number of organizations adopting DevOps...

Read More
Android, Heartbleed, Testing, and DevOps: An SEI Blog Mid-Year Review

Android, Heartbleed, Testing, and DevOps: An SEI Blog Mid-Year Review

• SEI Blog
Douglas C. Schmidt

In the first half of this year, the SEI blog has experienced unprecedented growth, with visitors in record numbers learning more about our work in big data, secure coding for Android, malware analysis, Heartbleed, and V Models for Testing. In the first six months of 2014 (through June 20), the SEI blog has logged 60,240 visits, which is nearly comparable with the entire 2013 yearly total of 66,757 visits. As we reach the mid-year point,...

Read More
A Generalized Model for Automated DevOps

A Generalized Model for Automated DevOps

• SEI Blog
C. Aaron Cois

To maintain a competitive edge, software organizations should be early adopters of innovation. To achieve this edge, organizations from Flickr and IBM to small tech startups are increasingly adopting an environment of deep collaboration between development and operations (DevOps) teams and technologies, which historically have been two disjointed groups responsible for information technology development. "The value of DevOps can be illustrated as an innovation and delivery lifecycle, with a continuous feedback loop to learn and...

Read More