RSA took place last week and as a result, cloud security is in the news. According to the 6th annual DevSecOps Community Survey by Sonatype, CloudBees, Carnegie Mellon’s Software Engineering Institute and several other partners, corporate application security initiatives are only gradually gaining traction. For example, they find that only 54% of responding organizations have cybersecurity incident response plans in place, a figure that held steady from last year. And, 26% reported that they have no protections for confidential information like passwords and API keys. Notably, security tools are still not well integrated with the DevOps pipeline. Only 11% report a fully integrated and automated security.
As we greet the new year, we are taking a look back at the best of 2018, sharing those blog topics that gave our readers the most inspiration in their DevOps and IT modernization journeys. Last week we shared our most popular analysis and expert commentary on AWS Migration and DevOps transformation. As promised, today we’ll delve into CI/CD, DevOps security and specific AWS tools that are sure to remain just as popular in 2019 as they were last year.
Last week we shared with you the thoughts of the AWS Premier Consulting Partner engineering team at Flux7 on AWS re:Invent announcements around EC2, AppDev, Archiving and Databases. And, as promised, today we’ll delve into our remaining thoughts on which re:Invent announcements we’re most excited about and why.
As AWS Premier Consulting Partners, the engineering team here at Flux7 works day-in and day-out with a wide variety of AWS services. Whether we’re helping our enterprise customers speed time to market, grow security, or leverage high performance computing for competitive advantage, our goal is to use the right tool for the right job. Ironically, that was the theme of this year’s re:Invent keynotes, in which Andy Jassy and Werner Vogels (true to form) announced many new AWS products and services. In today’s blog, our engineers are weighing in on which announcements they’re most excited about and why.
On the eve of re:Invent, which we will cover as the week progresses, there are several interesting AWS news announcements that apparently didn’t make the cut for this week’s keynotes. In addition, Q3 data by Synergy Research Group find that AWS is still the global leader in the public cloud services market, as measured by revenue across North and Latin America, EMEA, and APAC regions. Follow our IT Modernization blog for ongoing AWS news analysis from our CTO, Ali Hussain, over the course of re:Invent.
At Flux7, we have extensive experience as a DevOps sherpa to organizations and in the process have learned a lot, including creating a DevOps model for success -- called the Enterprise DevOps Framework, or EDF -- a key element of which is the Landing Zone.
Companies have ‘life events’ and we often get the opportunity to work with them at these times as they spur the need for change. In the case of the customer we’re highlighting today, they reached out to the AWS Premier Consulting Partners at Flux7 as they had recently acquired a Canadian-based company for whom they needed to complete a full Disaster Recovery (DR) build out. The firm is subject to Canadian regulations that state that data created in Canada needs to remain stored in Canada. As a result, this audit firm needed a Canadian DR facility that would store all data in country.
The cloud is changing the way we talk and think about IT and the leading cloud proviers are consistently transforming cloud computing to bring even greater depth and maturity of services to IT organizations in their pursuit of IT modernization. Each year Gartner takes a step back from this cycle to look at the cloud infrastructure market, helping organizations who are both new and existing cloud users analyze the state of the market and vendors therein.
Moving to DevOps can be difficult and every organization faces its own particular set of challenges. Join us in Aurora, CO on Tuesday, June 12th as top DevOps experts from AWS, New Relic, and Flux7 present a free, half-day workshop on proven and practical steps you can take today to accelerate your DevOps transformation.
At Flux7 we work with a wide variety of customers and regardless of their level of IT maturity we are passionate about helping them apply DevOps processes in their pursuit of continuous improvement. In doing so, we naturally find ourselves moving from simple application driven problems to layers deeper in the technology stack where DevOps automation can play a significant role in growing efficiency and productivity. Today we’d like to share the story of how we deployed AWS Step Functions to help drive DevOps automation in pursuit of continuous improvement for a Flux7 customer.
We are excited to announce that Flux7 CEO, Aater Suleman, will present at this year’s AWS reInvent. If your plans take you to AWS reInvent this year, we’d encourage you to attend this session in which Dr. Suleman will be joined by AWS’ Tom Witman, Head of BD, Edge/Security, and Shawn Marck, Systems Development Manager, to present “Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon CloudFront, AWS Shield and AWS WAF.”
This article originally appeared on Forbes
Most companies understand that if they want to increase their competitiveness in today’s swiftly changing world they can’t ignore Digital transformation. DevOps and cloud computing are oft-touted as vital ways companies can achieve this needed transformation, though the relationship between the two is often confusing as DevOps is about process and process improvement whereas cloud computing is about technology and services. Not mutually exclusive, it’s important to understand how cloud and DevOps work together to help businesses achieve their transformation goals.
In 2013 Gene Kim, Kevin Behr and George Spafford published The Phoenix Project, a book that marries the concepts of manufacturing agility from Eliyahu Goldratt’s The Goal and relates them to IT. As they elucidate in the story, a new approach to IT is clearly needed and many organizations are embracing that change through the DevOps methodology. However, DevOps can be a very broad term making it difficult for people to know where to begin. As a result, we have narrowed the DevOps model
High availability has become a key requirement of every layer in today’s technology stack. And, message queuing or message brokering software is no exception. In the past we’ve relied, like many of you, on RabbitMQ to create highly available message queues when FIFO (First-In, First-Out) was required. (Indeed, our RabbitMQ tutorial is one of our most-oft read blogs.) Often this is for ecommerce, financial services and other applications where it is important to strictly process messages only once and in the order they are published.
At re:Invent 2016, AWS announced Organizations, the ability to have and easily manage multiple accounts. Flux7 consultants have long recommended multiple accounts to clients as a best practice for maintaining separation of roles and applications to address security and compliance policies and now it’s even easier with the AWS Organizations Service. Let’s first walk through what makes it so easy and then we’ll share AWS and Flux7 best practices.