DevOps terms: 10 essential concepts, explained

DevOps terms: 10 essential concepts, explained

Here’s a primer on 10 key terms you need to know – whether you are new to DevOps or you want to bring a colleague up to speed quickly. We also contrast commonly confused DevOps terms

348 readers like this

6. DevSecOps 

DevSecOps is about creating a ‘security as code’ culture, with continuous fluid collaboration between development, security, and operations teams. The DevSecOps movement, like DevOps itself, is focused on creating automated solutions for complex software development processes within an agile framework. It builds on the cultural changes of DevOps to integrate security earlier in the development phase.” – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

[ Dive deeper on this topic: Why DevSecOps matters to IT leaders ]

7. Software Development Lifecycle (SDLC)

“Organizations developing applications have in place a process by which each application is designed, developed, tested, and deployed. This sequence of stages that define these processes is called the software development lifecycle. An organization’s SDLC helps shape the way their apps are built and defines the exact processes each application should go through, as well as the milestones an application needs to hit before going to the next stage of the SDLC.” – Matt Rose, global director application security, Checkmarx

8. Shift Left

“A shift-left approach to application security argues that security needs to be handled from the early phases of application design and coding – by enabling a DevSecOps process. This can prevent security defects early on and help ensure that security standards stay high throughout code iterations. Unfortunately, security is hard. Applications are only as secure as their weakest links." – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch

9. User Acceptance Testing

User acceptance testing injects the end-user community into the testing process. This will usually take the form of a pilot release where certain users have access to the new features. They will operate the software in the production environment to identify any problems or potential improvements before the features are released to the broader community as a whole.” – Mark Runyon, principal consultant, Improving

Also known as …

Canary Rollout: “Drawing inspiration from coal miners who used to bring canaries with them into the mines to detect deadly gas, canary rollouts reduce risk when introducing a new software version in production by first rolling out a new version to only a small group of users. Canary releases are a best practice for agile development organizations practicing continuous delivery to move faster, and security teams can leverage this technique to monitor applications in a low-risk environment. – Rani Osnat, VP strategy, Aqua Security

10. Value Stream Map 

“Value is an important concept in lean and agile practices. The focus is on delivering value to our customers. Value stream mapping is a way of understanding the process steps for creating value. A value stream map starts at the right side of a page and goes to the left, tracing the steps that create the finished product. After completing the value stream map, teams should identify which steps provide value and those that don’t. Steps that don’t provide value should be eliminated or streamlined.” – Alan Zucker, founding principal, Project Management Essentials

[ Some common DevOps wisdom falls flat. Read 7 pieces of contrarian DevOps advice. ]


7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Victoria Roos Olsson
November 27, 2020

Many of us will continue to work at home, simultaneously juggling multiple roles, for some time to come during the pandemic. Consider these tips to stay healthy and productive

Submitted By Carla Rudder
November 26, 2020

Remote work will be the reality for many of us for the forseeable future. Let's be thankful for the lessons we've learned on how to stay productive, beat burnout, and lead effectively

Submitted By Carlos M. Meléndez
November 25, 2020

Organizational buy-in is a key part of successful digital transformation. Here's how to tap the talent and perspective of some key roles as you build your strategy.


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.