Book Image

DevOps Paradox

By : Viktor Farcic
Book Image

DevOps Paradox

By: Viktor Farcic

Overview of this book

DevOps promises to break down silos, uniting organizations to deliver high quality output in a cross-functional way. In reality it often results in confusion and new silos: pockets of DevOps practitioners fight the status quo, senior decision-makers demand DevOps paint jobs without committing to true change. Even a clear definition of what DevOps is remains elusive. In DevOps Paradox, top DevOps consultants, industry leaders, and founders reveal their own approaches to all aspects of DevOps implementation and operation. Surround yourself with expert DevOps advisors. Viktor Farcic draws on experts from across the industry to discuss how to introduce DevOps to chaotic organizations, align incentives between teams, and make use of the latest tools and techniques. With each expert offering their own opinions on what DevOps is and how to make it work, you will be able to form your own informed view of the importance and value of DevOps as we enter a new decade. If you want to see how real DevOps experts address the challenges and resolve the paradoxes, this book is for you.
Table of Contents (21 chapters)

The next iteration of DevOps

Mike Kail: As the industry has evolved, there are companies that have transformed into a culture of DevOps. In that situation, the question is, how do we shift left and bring them into the continuous integration and deployment pipeline? We need to inject security testing earlier on in the process from CodeCommit to the building and delivery stages. Security needs to be treated as a continuous loop instead of as a periodic approach to testing and compliance.

Viktor Farcic: Does that mean that by evolving toward including security, the industry is almost falling behind by not including it from the very beginning?

Mike Kail: Unfortunately, for the most part, security has always been a periodic set of tasks or processes. For example, when you did a pen test once a quarter, you might have done static code analysis every now and then, but they're all done manually. You need to think about how you start leveraging automation to make it part of that continuous...