DevOps terms: 10 essential concepts, explained

DevOps terms: 10 essential concepts, explained

Here’s a primer on 10 key terms you need to know – whether you are new to DevOps or you want to bring a colleague up to speed quickly. We also contrast commonly confused DevOps terms

up
31 readers like this

on

August 28, 2019

6. DevSecOps 

DevSecOps is about creating a ‘security as code’ culture, with continuous fluid collaboration between development, security, and operations teams. The DevSecOps movement, like DevOps itself, is focused on creating automated solutions for complex software development processes within an agile framework. It builds on the cultural changes of DevOps to integrate security earlier in the development phase.” – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

[ Dive deeper on this topic: Why DevSecOps matters to IT leaders ]

7. Software Development Lifecycle (SDLC)

“Organizations developing applications have in place a process by which each application is designed, developed, tested, and deployed. This sequence of stages that define these processes is called the software development lifecycle. An organization’s SDLC helps shape the way their apps are built and defines the exact processes each application should go through, as well as the milestones an application needs to hit before going to the next stage of the SDLC.” – Matt Rose, global director application security, Checkmarx

8. Shift Left

“A shift-left approach to application security argues that security needs to be handled from the early phases of application design and coding – by enabling a DevSecOps process. This can prevent security defects early on and help ensure that security standards stay high throughout code iterations. Unfortunately, security is hard. Applications are only as secure as their weakest links." – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

9. User Acceptance Testing

User acceptance testing injects the end-user community into the testing process. This will usually take the form of a pilot release where certain users have access to the new features. They will operate the software in the production environment to identify any problems or potential improvements before the features are released to the broader community as a whole.” – Mark Runyon, principal consultant, Improving

Also known as …

Canary Rollout: “Drawing inspiration from coal miners who used to bring canaries with them into the mines to detect deadly gas, canary rollouts reduce risk when introducing a new software version in production by first rolling out a new version to only a small group of users. Canary releases are a best practice for agile development organizations practicing continuous delivery to move faster, and security teams can leverage this technique to monitor applications in a low-risk environment. – Rani Osnat, VP strategy, Aqua Security

10. Value Stream Map 

“Value is an important concept in lean and agile practices. The focus is on delivering value to our customers. Value stream mapping is a way of understanding the process steps for creating value. A value stream map starts at the right side of a page and goes to the left, tracing the steps that create the finished product. After completing the value stream map, teams should identify which steps provide value and those that don’t. Steps that don’t provide value should be eliminated or streamlined.” – Alan Zucker, founding principal, Project Management Essentials

[ Some common DevOps wisdom falls flat. Read 7 pieces of contrarian DevOps advice. ]

Pages

No comments yet, Add yours below

Comment Now

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Jaeson Paul
September 20, 2019

Criticism can be painful. But criticism - and how we respond to it, using emotional intelligence - is one of the richest kinds of fuel for personal growth.

Submitted By Colin D Ellis
September 20, 2019

Want to foster a more collaborative culture in your IT team? Here's how to sidestep 3 common mistakes.

Submitted By Mark Runyon
September 19, 2019

Maybe a ticked off employee will seek revenge. Maybe someone will accidentally delete critical files or expose data. Take these steps to tighten cloud security.

x

Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.