DevOps terms: 10 essential concepts, explained

DevOps terms: 10 essential concepts, explained

Here’s a primer on 10 key terms you need to know – whether you are new to DevOps or you want to bring a colleague up to speed quickly. We also contrast commonly confused DevOps terms

153 readers like this

6. DevSecOps 

DevSecOps is about creating a ‘security as code’ culture, with continuous fluid collaboration between development, security, and operations teams. The DevSecOps movement, like DevOps itself, is focused on creating automated solutions for complex software development processes within an agile framework. It builds on the cultural changes of DevOps to integrate security earlier in the development phase.” – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

[ Dive deeper on this topic: Why DevSecOps matters to IT leaders ]

7. Software Development Lifecycle (SDLC)

“Organizations developing applications have in place a process by which each application is designed, developed, tested, and deployed. This sequence of stages that define these processes is called the software development lifecycle. An organization’s SDLC helps shape the way their apps are built and defines the exact processes each application should go through, as well as the milestones an application needs to hit before going to the next stage of the SDLC.” – Matt Rose, global director application security, Checkmarx

8. Shift Left

“A shift-left approach to application security argues that security needs to be handled from the early phases of application design and coding – by enabling a DevSecOps process. This can prevent security defects early on and help ensure that security standards stay high throughout code iterations. Unfortunately, security is hard. Applications are only as secure as their weakest links." – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

9. User Acceptance Testing

User acceptance testing injects the end-user community into the testing process. This will usually take the form of a pilot release where certain users have access to the new features. They will operate the software in the production environment to identify any problems or potential improvements before the features are released to the broader community as a whole.” – Mark Runyon, principal consultant, Improving

Also known as …

Canary Rollout: “Drawing inspiration from coal miners who used to bring canaries with them into the mines to detect deadly gas, canary rollouts reduce risk when introducing a new software version in production by first rolling out a new version to only a small group of users. Canary releases are a best practice for agile development organizations practicing continuous delivery to move faster, and security teams can leverage this technique to monitor applications in a low-risk environment. – Rani Osnat, VP strategy, Aqua Security

10. Value Stream Map 

“Value is an important concept in lean and agile practices. The focus is on delivering value to our customers. Value stream mapping is a way of understanding the process steps for creating value. A value stream map starts at the right side of a page and goes to the left, tracing the steps that create the finished product. After completing the value stream map, teams should identify which steps provide value and those that don’t. Steps that don’t provide value should be eliminated or streamlined.” – Alan Zucker, founding principal, Project Management Essentials

[ Some common DevOps wisdom falls flat. Read 7 pieces of contrarian DevOps advice. ]


7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Enterprisers Project
February 21, 2020

A recent report by Harvard Business Review-Analytic Services cites eight hard skills CIOs say will be most important in 2020 and b

Submitted By Ginny Hamilton
February 21, 2020

You hear it all the time: a colleague using an IT term incorrectly or relying on corporate speak to convey their message. Here are phrases our community would like to erase from business and IT speak

Submitted By Kevin Neifert
February 20, 2020

It can be difficult to find time to make ongoing, incremental improvements within IT. Thales North America CIO Kevin Neifert shares how his organization made it a priority.


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.