DevOps – Digital IT News

PSPDFKit has Rebranded as Nutrient After Tripling Revenue

Taylor Graham — Wed, 23 Oct 2024 17:30:43 +0000

PSPDFKit has announced its rebranding as Nutrient. Following a strategic investment from global software investor Insight Partners in 2021, the company acquired document processing technology from industry leaders ORPALIS, Aquaforest, and Muhimbi, along with the complementary workflow automation platform Integrify.

Having fully integrated the acquired companies, Nutrient is now able to deliver a cohesive portfolio of solutions that enhance, secure, and accelerate innovation in an organization’s document ecosystem. Documents have and continue to be the foundational medium for exchanging and recording knowledge. Modern document tools are critical for developers and their organizations to build document experiences that exceed the expectations and meet the needs of 21st century users.

“In a world that innovates so fast, digital documents continue to be limited by the constraints and use cases of the ‘90s,” said Jonathan Rhyne, co-founder and CEO of Nutrient. “We are on a mission to change that by evolving the way people experience and interact with documents.”

Nutrient provides an unrivaled breadth of modern document tools that developers and IT professionals need to deliver on the promise of digital transformation. By building with Nutrient software development kits (SDKs), product leaders and developers are able to create seamless, secure, and scalable document experiences. Whether building web, mobile, server, or cloud-based microservice applications, Nutrient SDKs help developers integrate document functionality — from viewing, signing, and form filling, to conversion, generation, authoring, and much more. Nutrient enables organizations to streamline document workflows and scale operations with off-the-shelf, low-code solutions and backend automation. With Nutrient’s Workflow Automation Platform, IT leaders and citizen developers can build structured, efficient, and auditable workflows for every department with a platform that’s easy to implement, use, and scale.

“Nutrient’s leading-edge document processing technology accelerated our PDF previewing capabilities in the Box mobile app, helping us achieve our mobile UX goals months earlier than planned,” said Klaudyna Szpara, a product manager at Box, the Intelligent Content Cloud.

Today, Nutrient powers thousands of global organizations, including more than 15% of Global 500 brands, thousands of commercial businesses across 80 nations, and more than 130 public sector organizations in 24 countries. Nutrient customers span nearly every vertical industry — from architecture, construction, and engineering to finance, healthcare, and software as a service.

In 2022, Stax, a market-leading consulting firm, estimated the total addressable U.S. commercial market for document developer tools to be nearly $1.9 billion — a remarkable 79% increase from 2019. This growth is fueled by new use cases and the accelerated shift to digital documents. Stax also projected that meeting the needs of all B2B document developer tools could potentially double the total addressable market, further enhancing Nutrient’s market position.

Nutrient is strategically positioned to capitalize on the acceleration of digital transformation, which is expected to drive growth by addressing a broader range of document and workflow use cases across various industries. The acquisitions of Muhimbi, ORPALIS, and Aquaforest in 2022 and Integrify in 2024 have significantly bolstered Nutrient’s capabilities, enabling the company to provide an unrivaled breadth of comprehensive solutions.

To learn more about Nutrient, visit the website here.

ESET Partners with SuperOps to Enhance Cybersecurity for MSPs

The post PSPDFKit has Rebranded as Nutrient After Tripling Revenue appeared first on Digital IT News.

Perforce Aims to Embed AI-Driven Testing at Every Stage of the Lifecycle

Taylor Graham — Tue, 15 Oct 2024 19:00:25 +0000

Perforce Software unveiled its AI-driven testing strategy at the DevOps + Data Impact event, focusing on four key pillars throughout the testing lifecycle: creation, execution, analysis, and maintenance. This approach spans major environments, including web, mobile, and packaged applications. The goal is to eliminate traditional testing challenges, enabling teams to achieve greater agility, reliability, and significant breakthroughs.

The amount of talent in the testing space as well as the overall continued practice of manual testing — according to Forrester’s Developer Survey, 2023, 43% of testing is still done with manual practices – cannot keep pace with the quality and security needed in the testing space. To compound this, by 2028 IDC predicts that there will be over one billion new logical applications*.

Perforce’s vision for AI in software testing aims to democratize software testing by enabling testers of every skill level on every team. It will lead to simplified test creation, faster debugging, enhanced collaboration, and the elimination of test maintenance.

“What we aim to deliver is not just leveraging AI to augment and improve the way testers work today, but we are implementing AI testing that completely changes the way testing works within a business,” said Stephen Feloney, Vice President of Product Management at Perforce. “There are two core areas that we are revolutionizing in testing that we know teams will find immediate value in. First, is the reduction of the traditional tools and elimination of frameworks to make testing infinitely more flexible. Secondly, we want to create full automation of test maintenance, which continues to be a blocker to efficient testing and faster releases. Testers should focus on developing test cases instead of worrying about creating and maintaining automated scripts.”

This vision for continuous testing by Perforce will be comprised of four key pillars:

AI-Driven Testing Creation: Eliminates the need for traditional testing frameworks and empowers every team member to contribute seamlessly, accelerating test creation timelines.
AI-Driven Test Execution: AI autonomously adapts to real-time changes, ensuring resilience and consistency across all platforms without manual intervention.
AI-Driven Test Analysis: Provides immediate insights into test failures, pinpointing the root cause to enable faster resolution and continuous optimization.
AI-Driven Test Maintenance: Eliminates manual test maintenance by continuously adapting to UI, data, or logic changes, ensuring your testing suite is resilient and future-proof.

Perforce’s continuous testing suite offers AI currently with Test Data Pro, which provides test data generation powered by AI.

Learn more about Perforce’s current AI-driven testing at the website here.

State of Open Source Report Survey Provided by OSI and OpenLogic

Source:*IDC, 1 Billion New Logical Applications: More Background, doc #US51953724, April 2024

The post Perforce Aims to Embed AI-Driven Testing at Every Stage of the Lifecycle appeared first on Digital IT News.

Forty8Fifty Labs Resource Management Services to Provide Flexible IT Talent

Taylor Graham — Tue, 08 Oct 2024 13:15:26 +0000

Forty8Fifty Labs announced the expansion of its Resource Management Services, now offering flexible IT talent solutions to meet diverse needs within the tech ecosystem. Leveraging a proven delivery assurance methodology, the upgraded services boost operational efficiency by providing agile access to top-tier IT talent across a wide spectrum of skills and domains.

Offering a deep pool of IT experts, Forty8Fifty Labs introduces a robust suite of resource management services to provide the right talent at the right time. Core offerings include resources for Application Development & Data Analytics; Infrastructure, Cloud & Hybrid Cloud; Security & Compliance as well as Project Management. Each specialty area is backed by Forty8Fifty Labs’ proven delivery methodology and a range of short-term and long-term hiring models.

“Our commitment to innovation and excellence drives us to offer services that not only meet but exceed our clients’ expectations,” said George Contino, Vice President, Resource Management Services, Forty8Fifty Labs. “With our comprehensive Resource Management Services, we are ready to address the fluctuations in workload and skill requirements that many of our clients face, without the long-term commitment of hiring full-time employees.”

Forty8Fifty Lab’ Resource Management Services provide seamless access to the right level of IT talent, on demand across the following functional areas:

Application Development & Data Analytics Resources: Access a diverse pool of skilled developers and data analysts to accelerate project delivery.
Infrastructure & Cloud Resources: Leverage seasoned experts to optimize technology infrastructure and achieve rapid time-to-value.
Security Resources: Mitigate risks and secure enterprises with end-to-end comprehensive cybersecurity and compliance support.
Project Management Resources: Ensure projects stay on track and within budget with expert project management support.

All tailored engagements are supported by the Forty8Fifty Labs flexible resource hiring approach. Customers will benefit from a seamless integration process and transparent agreements to empower teams with the expertise required for project success. For more information about Forty8Fifty Labs Resource Management Services, visit the website here.

Halcyon and Verinext Partner to Close Endpoint Security Gaps

The post Forty8Fifty Labs Resource Management Services to Provide Flexible IT Talent appeared first on Digital IT News.

Cirata Subversion MultiSite Plus Announced for Distributed Teams

Taylor Graham — Thu, 19 Sep 2024 14:00:54 +0000

Cirata has introduced a new version of Cirata Subversion MultiSite Plus, a DevOps solution designed to allow distributed teams to collaborate securely and seamlessly, without downtime or disruptions. Tailored for global collaboration, security, and performance within Subversion environments, this release reinforces Cirata’s dedication to the Subversion community by offering a strong, enterprise-grade alternative to outdated and unsupported platforms like CollabNet Subversion.

As organizations face increasing pressure to modernize their version control systems, Cirata Subversion MultiSite Plus (MSP) continues to offer a seamless solution for distributed development teams. With this new release, Cirata Subversion MSP empowers globally distributed teams to seamlessly and securely collaborate as one, ensuring that development workflows remain smooth and efficient across all locations.

“With Subversion MultiSite Plus, your developers can focus on what matters most—developing content—without being held back by geography or downtime,” said Justin Holtzinger, Chief Revenue Officer, DevOps Solutions, Cirata. “Our Active-Active replication technology ensures that Subversion repositories are always consistent and accessible, enhancing operational continuity and collaboration for distributed teams.”

Subversion MultiSite Plus is a critical component of any Subversion deployment, enabling distributed teams to work as one without experiencing delays from remote data access. Using Cirata’s patented Active-Active replication technology, Subversion repositories are continuously and automatically updated, eliminating the associated risk of a single point of failure. Key capabilities and benefits of Subversion MultiSite Plus include:

Distributed Collaboration – Cirata Subversion MSP allows global teams to work as one, ensuring no downtime, no disruption, and consistent security policy enforcement across all locations. Developers experience fast local access to Subversion repositories without waiting for remote data, improving overall efficiency.
Global Repository Consistency – Cirata Subversion MSP guarantees that repository replicas are always up to date and consistent, thanks to automatic synchronization and the ability to catch up after offline events.
Selective Replication – Administrators can control replication on a per-site basis, ensuring that specific data is only shared where it’s needed, enhancing both security and performance.
Enhance Operational Continuity – With Cirata Subversion MSP’s high availability and disaster recovery features, organizations benefit from offsite replication that ensures data is always secure and accessible, even in the event of server failures or outages.
Boost Developer Efficiency – Cirata Subversion MSP supports fast local clones, ensures the fastest and most reliable commits, and is fully compatible with all Subversion clients, delivering a smooth and uninterrupted development experience.
Seamless Management – The Cirata management console allows administrators to globally manage their Subversion MSP deployment, simplifying the complexities of a multi-site environment.

This release is particularly valuable for enterprises seeking to migrate off legacy CollabNet Subversion environments, which are now end-of-life and no longer supported. CollabNet’s unsupported software and its associated components, such as the Apache versions it runs on, leave customers vulnerable to security risks and CVEs (Common Vulnerabilities and Exposures). Cirata Subversion MultiSite Plus provides a secure, modern alternative, allowing organizations to transition smoothly and mitigate the risks associated with unsupported tools.

“Our commitment to Subversion is unwavering,” Holtzinger added. “We understand that many organizations still see the value in Subversion, and we are dedicated to ensuring they have the tools they need to succeed, no matter the size or complexity of their development environment.”

To learn more about he latest version of Cirata Subversion MultiSite Plus, available now, visit the website here.

Cirata Gerrit MultiSite Simplifies Gerrit Instance Data Across Multiple Sites

The post Cirata Subversion MultiSite Plus Announced for Distributed Teams appeared first on Digital IT News.

Best Places to Apply Digital Innovation Across Your Enterprise

Steve Tranchida — Mon, 16 Sep 2024 13:30:09 +0000

Digital innovation is no longer a luxury—it’s a necessity. Enterprises that embrace digital transformation are better equipped to stay competitive, streamline operations, and meet the changing demands of customers. But where should you focus your efforts to ensure the greatest impact? Here are six areas to apply digital innovation in your enterprise, leveraging the power of application modernization and strategic software development.

Modernizing Legacy Applications

One of the most impactful areas for digital innovation is modernizing your legacy applications. These systems, often the backbone of your operations, can become bottlenecks as technology evolves. Legacy applications might limit scalability, pose security risks, and reduce overall efficiency.

Research from Accenture shows that 80% of IT leaders believe modernizing legacy systems is critical to sustaining innovation in the long term. By modernizing these apps, you can enhance their functionality, improve performance, and ensure they are secure and scalable for future needs. This modernization might involve migrating to the cloud, re-architecting for better performance, or integrating new features that align with current business objectives. The benefits are clear: enhanced functionality and performance, improved security and compliance, and increased scalability and adaptability.

Custom Application Development for Agility

Agility is key in today’s business environment, and custom application development allows you to create software solutions tailored specifically to your business needs. Unlike off-the-shelf software, custom applications can be designed with your unique processes and workflows in mind, offering a competitive edge.

According to a report by Gartner, organizations that focus on custom software development are 60% more likely to outperform their peers in terms of innovation and market responsiveness. Whether it’s developing multi-platform applications or designing user interfaces that engage and inspire, custom development empowers your business to adapt quickly to market changes and customer demands. This kind of agility enables companies to rapidly pivot in response to industry shifts, ensuring they remain competitive and relevant.

Automation and Workflow Optimization

Automation is another crucial area for digital innovation. Automating time-consuming processes can significantly boost productivity, reduce errors, and free up your team to focus on strategic initiatives.

A McKinsey study estimates that automation can increase productivity by up to 20% in some industries. Workflow management tools, coupled with automation, can streamline operations, ensure consistency, and improve collaboration across departments. By automating repetitive tasks and optimizing workflows, businesses can achieve operational efficiency and drive growth. The long-term impact of these changes includes reduced operational costs and improved employee satisfaction, as teams can focus on more meaningful work rather than repetitive tasks.

Enhancing Customer Experience Through Digital Channels

Customer experience is a critical differentiator in today’s market, and digital innovation allows businesses to create more engaging, personalized, and responsive customer interactions. According to PwC, 73% of customers say that experience is a key factor in their purchasing decisions, even more important than price or product quality.

From improving your software supply chains to developing user-friendly applications, every touchpoint can be optimized to enhance the customer journey. Implementing a human-centered approach to software design ensures that your applications not only meet functional needs but also resonate with users on a deeper level. This focus on customer experience can lead to higher customer retention rates, increased loyalty, and ultimately, greater revenue.

Secure and Agile Software Engineering

In an era where cybersecurity threats are ever-present, secure software engineering practices are non-negotiable. Digital innovation in this area includes adopting DevOps practices that integrate security into every phase of the development process.

According to a study by the Ponemon Institute, organizations that integrate security into DevOps can detect and respond to security incidents 50% faster than those that do not. This approach ensures that your applications are not only built for performance but also for resilience against security threats. Furthermore, adopting modern data management practices can help maintain data integrity and ensure compliance with regulatory requirements, reducing the risk of costly breaches and compliance failures.

Continuous Support and Maintenance

Finally, ensuring that your applications remain secure, responsive, and up-to-date is critical. Continuous support and maintenance services provide the monitoring and minor enhancements needed to keep your applications running smoothly.

Proactive application management can reduce downtime by up to 30%, according to research by IDC. This proactive approach helps identify potential issues before they become critical problems, ensuring uninterrupted business operations and maintaining customer trust. With continuous optimization and improvement, your enterprise can remain agile and responsive in a rapidly changing technological landscape.

Partnering for Strategic Evolution and Long-Term Success

Digital innovation is a journey, not a destination. By strategically applying digital innovation across these key areas—modernizing legacy applications, custom development, automation, enhancing customer experience, secure engineering, and continuous maintenance—you can drive significant business transformation. To make the most of your digital innovation strategies, choose an expert partner as your guide. A proven provider that offers comprehensive engineering and innovation services can help you navigate your strategic evolution, ensuring you stay ahead of the competition and achieve long-term success. Embrace digital innovation today and power your business into the future.

Learn how Forty8Fifty Labs can drive digital innovation into your enterprise here.

Halcyon and Verinext Partner to Close Endpoint Security Gaps

The post Best Places to Apply Digital Innovation Across Your Enterprise appeared first on Digital IT News.

Architectural Governance Capabilities Introduced by vFunction

Taylor Graham — Mon, 09 Sep 2024 15:30:08 +0000

vFunction introduced new features designed to help software teams accelerate application innovation while maintaining resilience and reducing technical debt. The platform’s groundbreaking software architecture governance capabilities enable organizations to set rules that serve as guardrails for managing distributed applications, preventing microservices sprawl. These rules allow engineering teams to monitor their architecture, receive alerts, ensure services connect only to authorized servers, enforce service boundaries, and maintain proper database-to-microservice relationships. Enhanced flow analysis tools, including live flow coverage for monoliths and sequence diagrams for distributed systems, align design intent with real-world implementation. By comparing production flows with tested flows, organizations can identify gaps in testing and coverage. vFunction’s domain-driven design approach, combined with its robust production flow analysis, provides the architectural clarity and control needed to boost engineering speed, application scalability, and resilience.

“Good software architecture matters to overall application health and business success, but it’s hard to enforce it without the right tools, particularly for microservices,” said Moti Rafalin, CEO and co-founder of vFunction. “It’s all too easy to introduce unnecessary dependencies that violate architectural best practices and, in turn, result in more technical debt. vFunction addresses these complexities, helping teams maintain architectural integrity for resilient and scalable applications from release to release.”

“When application architectures become too complex, resiliency, security, performance, and developer efficiency suffer,” said Jim Mercer, program vice president at IDC. “vFunction is helping enterprises gain a deep understanding of their software architecture and improve system governance, which can enable software engineers to work faster and maintain healthy microservices. With comprehensive flow analysis, vFunction helps teams visualize production flows, to compare with architectural blueprints. By identifying potential gaps in coverage, vFunction helps resolve problems before they affect performance.”

Architectural Governance Rules Drive Effective Development and Speed Releases

Lack of software architecture governance and development with minimal oversight has spawned complexity within enterprises, resulting in applications riddled with too many dependencies, multi-hop flows, circular dependencies, and duplicate functionality. Particularly in distributed applications, core services should be independent to ensure resiliency, fault tolerance, and scalability. However, without enforced guidelines architectural drift often occurs – where the application architecture’s current state moves away from the target state – compromising overall application health. Software architects also struggle to guide teams toward optimal application architecture, when they lack visibility into how it evolves in production.

vFunction now offers true software governance, allowing organizations to set architectural rules that act as guardrails to maintain architectural principles from release to release. The company implemented AI algorithms to categorize services into layers like API, core, and composite services. New tagging capabilities provide context and enable rule creation between services. For instance, dependencies between core services or API services can trigger alerts or block pull requests in CI/CD pipelines. By setting architectural governance rules, teams can develop and release faster without impacting application health.

Comprehensive Flow Analysis Aligns Application Reality with Design Intent, Resulting in More Resilient Architectures

With the introduction of comprehensive flow analysis capabilities, vFunction’s architectural observability platform addresses a critical gap in the management of monolithic and distributed microservices applications. It provides insights into actual application usage patterns versus documented expectations and identifies efficient or overly complex flows. This allows teams to proactively tackle architectural issues before they significantly impact performance.

Live flow coverage for monolithic applications goes beyond traditional profiling tools. Unlike existing solutions that focus on test environments or code coverage, vFunction constantly monitors production environments, providing insights into resource usage of specific flows and enabling comparison between production and pre-production flows. This unified approach allows developers to assess the real-world effectiveness of their tests by offering a more accurate understanding of application behaviors and test coverage in relation to real user journeys, filling a crucial gap in current application monitoring and management practices.

Sequence flow diagrams for distributed applications provide a deep view into application flows so developers and SREs can better distinguish between efficient processes and those at risk of failure due to excessive complexity. By visualizing flows as sequence diagrams in distributed architectures, vFunction solves the previously daunting task of tracking problematic flows through code and monitoring their changes over time. By correlating APM incidents with architectural issues identified by vFunction, engineering teams can significantly reduce mean time to repair (MTTR).

vFunction serves as a system of record for live application architectural diagrams, allowing teams to recognize drift in specific flows, track changes, and manage tasks as sequences evolve. Unlike traditional application performance management (APM) tools that collect performance data, vFunction’s solution focuses on architectural drift, highlights overly complex flows that may compromise system resiliency, and notifies teams of significant changes. This capability, combined with the ability to export diagrams for each system flow, empowers development teams to maintain architectural integrity and optimize application performance in complex distributed environments.

Rafalin continued, “With our latest advancements, we’re helping teams better manage architecture and understand comprehensive business and user flows so they can avoid the most damaging types of technical debt.”

Supporting Quotes

“Whether dealing with monolithic or distributed applications, architecture is paramount to business growth and must be actively monitored and managed,” said Nenad Crncec, founder of Architech. “With vFunction organizations can proactively tackle architectural issues before they become a risk, avoiding the constant cycle of modernization. Our partnership with vFunction empowers our customers to ensure long-term agility and efficiency of their applications while minimizing technical debt.”

“Architectural observability and governance are critical for organizations to drive innovation and stay competitive. They have become essential components of software development especially as companies routinely encounter roadblocks due to complex, hybrid application environments,” said Giovanni Zingaro, manager at Liquid Reply. “Partnering with vFunction allows us to offer customers insights across their entire application landscape, from monolithic architectures to microservices, and guide organizations through their modernization efforts while enabling them to take control of their increasingly distributed architectures.”

To learn more about vFunction and its latest architecture governance capabilities, visit the website here.

Cloud Storage Trends to Stay on Top Of

The post Architectural Governance Capabilities Introduced by vFunction appeared first on Digital IT News.

Security Concerns Shaping the Way Organizations Approach DevOps

Taylor Graham — Fri, 06 Sep 2024 21:34:22 +0000

Security is a major concern for software development and IT operations. Staying on top of how security shapes the DevOps landscape is crucial to business decisions.

Discover what experts have to say about the security concerns that DevOps is currently facing.

Cloud Tech Adoption

As enterprises increasingly adopt cloud technologies, with Gartner predicting that over 50% will be using the cloud by 2028, security can no longer be an afterthought. Instead, it must be seamlessly embedded into the Software Development Life Cycle (SDLC), commonly referred to as DevSecOps. This integration is so crucial that the Open Worldwide Application Security Project (OWASP) Foundation has developed maturity models to guide organizations at various stages of DevSecOps implementation.

As DevSecOps gains traction, organizations will adopt a shift-left approach, introducing security measures early in the development process. This includes integrating tools like Static Application Security Testing (SAST), open-source vulnerability scanners, and credential scanners into the build pipeline, as well as conducting threat modeling before development begins. Once deployed to production, automated tests to validate security features, along with scanning container images for vulnerabilities, will become integral to developing secure products. – Siri Varma Vegiraju, Tech Lead at Microsoft.

The Open-Source Elephant in The Room

For a long time, developers and security teams’ came to the agreement that ‘shifting left’ was the best way to prevent software supply chain compromises. Shifting left meant security evaluations were conducted earlier in the development process — often before any code is actually written.

The problem is that developers are not writing as much of their own code anymore. Software now consists of up to 90% of open-source and third-party components. As a result, many developers cannot answer the question, ‘What’s in your software?’ This leaves security teams unknowingly dealing with potential faulty software that doesn’t come to light until a breach occurs.

The open-source elephant in the room has led to security concerns that are shaping the way organizations approach DevOps. Today, more organizations are incorporating a paradigm shift in approaching security in the development process to combat today’s software supply chain attacks, called, ‘Shifting left of shift left.’ While shift left primarily focuses on early testing and quality assurance, shifting left of shift left extends this concept further by incorporating enhanced collaboration, automation and continuous improvement throughout the entire software development lifecycle. Specific steps to do so include:

Understanding Risks Beyond Vulnerabilities – Ensuring that developers and security professionals understand the risks that lay hidden within the software is the first step and recognizing that vulnerabilities are only one dimension of risks. Inherent risks deep in the software supply chain can have serious consequences. Having the tools to identify inherent risks is critical.
Select Foundational Tools – Shifting left of shift left begins with choosing the right foundational tools to assess open-source software components. Approximately 95% of open-source vulnerabilities are found in open-source code packages that are not selected by software developers and are indirectly pulled into projects.
Prioritize Security in Development Tools – I encourage developers to opt for secure programming languages, frameworks, and libraries to ensure that security is integrated from the ground up.
Implement Real-Time Solutions – To shift left of shift left, developers need more than just a testing mechanism; they need a real-time security solution consistently assessing code.
Developer Training – Developers need to understand pain points, signs of issues, and implications of their decisions on the overall security posture can help alleviate tensions with security team members’ and create secure code from the start.
Continuous Security Assessments – Security doesn’t end when the software goes live. Following development, organizations should have tools in place to conduct ongoing evaluations of code to help in the timely identification and remediation of vulnerabilities. – Nick Mistry, SVP, CISO at Lineaje.

Security is now at the forefront of DevOps, leading to the rise of DevSecOps, where security is integrated throughout the development lifecycle rather than being treated as an afterthought. Organizations are embedding security practices into their CI/CD pipelines, automating vulnerability scanning, and ensuring compliance checks are part of every stage of development.

This shift is changing the way DevOps teams operate. Developers are being trained in secure coding practices, and security teams are collaborating more closely with DevOps engineers to create secure, automated environments. The focus is now on proactive security—identifying and addressing potential threats early, before they become critical issues. As a result, DevOps has become more security-focused, with an emphasis on continuous monitoring, automated testing, and real-time threat detection.

Ultimately, security is no longer a separate function; it’s a fundamental component of DevOps, driving new processes, tools, and team structures. – Maksym Lushpenko, Founder & CEO at Brokee

Increased Security Breaches & Automated Security Testing

In an increasingly interconnected and digital world, it is no surprise that there has been a steady rise in the number and cost of security breaches over the last few years. As such, addressing security concerns is a top priority for any company, with the issue leading to a paradigm shift in the way organizations approach DevOps. Forward-looking companies are embracing DevSecOps approaches. These favor more holistic “Security by Design” practices that can enhance cyber resilience while removing conventional silos between DevOps and cybersecurity experts. In effect, DevSecOps integrates security as a shared responsibility throughout the entire DevOps process, starting from the early development stages, rather than relying on conventional security testing at the end of the DevOps lifecycle. – Andrew Pielage, Senior Software Engineer at Payara Services

One of the key enablers of this transition is certainly automation, already a pillar of DevOps. It supports automated security testing in the software development pipeline, flagging anomalies and untested code as a high-priority risk. As a result, developers can benefit from a continuous monitoring and improvement tool to identify and fix vulnerabilities earlier and deliver more secure software faster. – Abdul Rahim, Release Automation Engineer at Payara Services.

Ultimately, thanks to DevSecOps, companies can shift from purely reactive security strategies, whereby threats and other issues are resolved, to more proactive approaches that can resolve vulnerabilities before they are exploited. This means that applications, companies developing these solutions and end users are more robust and resilient.

The use of DevSecOps practices at Payara is playing a key role in helping the entire engineering team deliver high-quality code during rapid development cycles. Through a quality-centric, collaborative environment that leverages automation, the company successfully releases monthly software updates for its multiple platform versions to its enterprise customers. – James Hillyard, Infrastructure Engineer for IT Operations and DevOps at Payara Services

Complexity

Organizations must factor in compliance across numerous regulations and internal policies while at the same time anticipating new cyberattack techniques and challenges. Teams should work closely with compliance officers and security teams to ensure their applications meet their expectations before release.

Complexity has created a greater need for automation, but it’s also made building automation more difficult, especially if it’s an afterthought. There are now so many activities tied to DevOps automation. For example, there’s test automation, build automation and security automation. All these categories must be addressed when working to tame complexity. – Prashanth Nanjundappa, VP of Product Management at Progress

Securing Identities Across Different Systems

Securing identities across different systems has become a top priority for organizations, especially as credential stuffing attacks rise and leaked passwords flood the dark web.

As DevOps teams manage increasingly complex environments, it’s become critical to prioritize authentication methods like passkeys and multi-factor authentication (MFA) to prevent unauthorized access. This shift is driving the adoption of advanced security solutions that protect both the development pipeline and ensure resilient identity management against modern threats. – Rishi Bhargava, co-founder at Descope

More DevOps News

The post Security Concerns Shaping the Way Organizations Approach DevOps appeared first on Digital IT News.

RHEL AI Available for Enterprise AI Innovation in Production

Taylor Graham — Fri, 06 Sep 2024 17:00:42 +0000

Red Hat, Inc. has announced the general release of Red Hat Enterprise Linux (RHEL) AI for hybrid cloud environments. RHEL AI serves as Red Hat’s foundation model platform, designed to streamline the development, testing, and deployment of generative AI (gen AI) models for enterprise applications. This platform integrates the open-source licensed Granite large language model (LLM) family and InstructLab model alignment tools, which are based on the Large-scale Alignment for chatBots (LAB) methodology, and is delivered as an optimized, bootable RHEL image for deployment on individual servers across hybrid cloud infrastructures.

While gen AI’s promise is immense, the associated costs of procuring, training and fine-tuning LLMs can be astronomical, with some leading models costing nearly $200 million to train before launch. This does not include the cost of aligning for the specific requirements or data of a given organization, which typically requires data scientists or highly-specialized developers. No matter the model selected for a given application, alignment is still required to bring it in-line with company-specific data and processes, making efficiency and agility key for AI in actual production environments.

Red Hat believes that over the next decade, smaller, more efficient and built-to-purpose AI models will form a substantial mix of the enterprise IT stack, alongside cloud-native applications. But to achieve this, gen AI needs to be more accessible and available, from its costs to its contributors to where it can run across the hybrid cloud. For decades, open source communities have helped solve similar challenges for complex software problems through contributions from diverse groups of users; a similar approach can lower the barriers to effectively embracing gen AI.

An open source approach to gen AI

These are the challenges that RHEL AI intends to address – making gen AI more accessible, more efficient and more flexible to CIOs and enterprise IT organizations across the hybrid cloud. RHEL AI helps:

Empower gen AI innovation with enterprise-grade, open source-licensed Granite models, and aligned with a wide variety of gen AI use cases.
Streamline aligning gen AI models to business requirements with InstructLab tooling, making it possible for domain experts and developers within an organization to contribute unique skills and knowledge to their models even without extensive data science skills.
Train and deploy gen AI anywhere across the hybrid cloud by providing all of the tools needed to tune and deploy models for production servers wherever associated data lives. RHEL AI also provides a ready on-ramp to Red Hat OpenShift AI for training, tuning and serving these models at scale while using the same tooling and concepts.

RHEL AI is also backed by the benefits of a Red Hat subscription, which includes trusted enterprise product distribution, 24×7 production support, extended model lifecycle support and Open Source Assurance legal protections.

RHEL AI extends across the hybrid cloud

Bringing a more consistent foundation model platform closer to where an organization’s data lives is crucial in supporting production AI strategies. As an extension of Red Hat’s hybrid cloud portfolio, RHEL AI will span nearly every conceivable enterprise environment, from on-premise datacenters to edge environments to the public cloud. This means that RHEL AI will be available directly from Red Hat, from Red Hat’s original equipment manufacturer (OEM) partners and to run on the world’s largest cloud providers, including Amazon Web Services (AWS), Google Cloud, IBM Cloud and Microsoft Azure. This enables developers and IT organizations to use the power of hyperscaler compute resources to build innovative AI concepts with RHEL AI.

Availability

RHEL AI is generally available today via the Red Hat Customer Portal to run on-premise or for upload to AWS and IBM Cloud as a “bring your own subscription” (BYOS) offering. Availability of a BYOS offering on Azure and Google Cloud is planned in Q4 2024 and RHEL AI is also expected to be available on IBM Cloud as a service later this year.

Red Hat plans to further expand the aperture of RHEL AI cloud and OEM partners in the coming months, providing even more choice across hybrid cloud environments.

Supporting Quotes

“For gen AI applications to be truly successful in the enterprise, they need to be made more accessible to a broader set of organizations and users and more applicable to specific business use cases. RHEL AI provides the ability for domain experts, not just data scientists, to contribute to a built-for-purpose gen AI model across the hybrid cloud, while also enabling IT organizations to scale these models for production through Red Hat OpenShift AI.” Joe Fernandes, vice president and general manager, Foundation Model Platforms, Red Hat

“IBM is committed to helping enterprises build and deploy effective AI models, and scale with speed. RHEL AI on IBM Cloud is bringing open source innovation to the forefront of gen AI adoption, allowing more organizations and individuals to access, scale and harness the power of AI. With RHEL AI bringing together the power of InstructLab and IBM’s family of Granite models, we are creating gen AI models that will help clients drive real business impact across the enterprise.” Hillery Hunter, CTO and general manager of innovation, IBM Infrastructure

“The benefits of enterprise AI come with the sheer scale of the AI model landscape and the inherent complexities of selecting, tuning, and maintaining in-house models. Smaller, built-to-purpose, and more broadly accessible models can make AI strategies more achievable for a much broader set of users and organizations, which is the area that Red Hat is targeting with RHEL AI as a foundation model platform.” Jim Mercer, program vice president, Software Development, DevOps & DevSecOps, IDC

To learn more about RHEL AI, visit the website here.

SEF Software Development Kit Announced by The Linux Foundation

The post RHEL AI Available for Enterprise AI Innovation in Production appeared first on Digital IT News.

AI Teammates Launched to Delegate DevOps Tasks in Production to Kubiya

Taylor Graham — Wed, 21 Aug 2024 17:00:02 +0000

Kubiya has completed its $12 million seed round, including a $6 million extension of equity and debt financing, and introduced a groundbreaking platform, AI Teammates, which allows users to delegate complex tasks to digital colleagues through natural, human-like conversations.

Already, thousands of developers, including engineering teams from large enterprises to mature startups like A+E Networks and Morse, are confidently delegating critical tasks in production to Kubiya’s AI Teammates.

Traditional automation often requires extensive planning, coding, and maintenance, challenging the time-to-automation paradox. In contrast, Kubiya’s AI Teammates leverage a full-stack AI, infrastructure as code, and LLMs to offer fluid, adaptable, and scalable automation. They seamlessly integrate into current organizational processes and platforms without the need for exhaustive planning, fostering genuine teamwork. The true value of Kubiya’s AI Teammates is their ability to allow users to delegate tasks, enhancing autonomy, predictability, and efficiency. Their interactive nature enables a bi-directional exchange between operators and users, dynamically adjusting to the evolving needs of the business. This ensures a predictable and scalable automation solution.

“What Kubiya has done is allow us to really do end-to-end automation by writing code in just simple English language. It has helped us to automate a part of our escalation management system which was not possible before,” said Neeraj Mendiratta, VP of platform engineering at A+E Networks. “Kubiya has really helped us to drive a lot of efficiency and reduce the time for us to fix failures. We can’t wait to see how we can expand this in other areas.”

By reducing the time-to-automation to a casual English sentence, operations teams can delegate the undifferentiated heavy-lifting roles such as solving Jira queues, allowing for self-service infrastructure, managing CICD pipelines, handling elevated permissions, self-healing systems, and much more.

“If fully automating a process were as simple as asking a colleague to take on a task, delegating with trust that it would be completed in a predictable, controllable, and auditable manner, then almost anything could be automated,” weighed in Kubiya co-founder and CEO Amit Eyal Govirin. “What we have done at Kubiya is change the form factor of automation into delegation.”

Heavybit led Kubiya’s current financing, with Hyperwise VC participating. Chef co-founder and Heavybit partner Jesse Robbins will join the Kubiya board. HashiCorp co-founder Armon Dadgar has joined as a company advisor, and angel investors include Slack co-founder Cal Henderson and other DevOps luminaries that grew their startups into multi-billion dollar businesses.

“Delegation is the new automation,” said Jesse Robbins, general partner at Heavybit and DevOps pioneer. “Kubiya’s groundbreaking AI Teammates gives people on overloaded infrastructure and platform teams new superpowers by delegating boring repetitive tasks and nuisances so they can focus on what matters. Amit and Shaked are years ahead of anything else I’ve seen and are already rolling out to enterprise customers in production. We are truly excited to back the team and to help shape the next decade of innovation in infrastructure.”

To learn more about Kubiya AI Teammates, visit the website here.

TDM Solution Offered Free by Accelario

The post AI Teammates Launched to Delegate DevOps Tasks in Production to Kubiya appeared first on Digital IT News.

Red Hat Open Innovation Labs Collaborates with Globe

Taylor Graham — Mon, 19 Aug 2024 20:00:56 +0000

Globe and Red Hat, Inc. have partnered to upgrade Globe’s IT infrastructure using Red Hat Open Innovation Labs, aiming to enhance agility, scalability, and innovation. This collaboration will support Globe in refining its operations to deliver an improved customer experience.

During the Red Hat Open Innovation Labs residency, Globe’s engineers worked closely with Red Hat to integrate open source technologies including Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes, DevOps methodologies and innovative practices including an immersive approach to help Globe tackle challenges in operational efficiency, developer productivity, observability, upskilling and cross-team collaboration.

Through this collaboration, the Globe teams migrated the first application modules to Red Hat OpenShift faster, and quickly learned to fully utilize its features, created a cross-functional team and established new operational processes. This laid the groundwork for scaling up the platform and migrating the first full application to Red Hat OpenShift over the next six months. Additional benefits for Globe:

Test-driven development and automation cut test execution time by 80%*, enabling more frequent testing and eliminating manual reports.
A GitOps-based cloud-native approach achieved 75% faster resource provisioning through zero-touch provisioning, self-healing and auto-scaling.
Zero downtime cluster upgrades ensure Globe’s platform remains highly available with more consistent and easier to implement lifecycle management.
A path forward to more easily develop and deploy AI-enabled applications in the future.

As Globe continues its transition from a traditional telecom company to a technology-driven enterprise, the adoption of Red Hat OpenShift provides the foundation for their ultimate goal of providing better customer experiences through a resilient, stable application platform.

Globe is committed to achieving operational excellence by evolving tools, processes and people to adhere to best practices and standards across the organization. Its vision is to become a self-sustaining organization that is robust, flexible and adaptive to changes in the digital landscape.

Supporting Quotes

“Our collaboration with Red Hat Open Innovation Labs has been instrumental in our digital transformation journey. By adopting Red Hat OpenShift as a new enterprise-wide application development platform, we’re able to innovate quicker with a key focus on customer experience. This collaboration has ignited a change in Globe’s culture, fostering greater teamwork and allowing us to bring the best ideas forward to innovate faster.” Raul Macatangay, chief information officer, Globe

“Our work with Red Hat Open Innovation Labs has allowed us to leverage cutting-edge cloud technologies, particularly with Red Hat OpenShift, to optimize our infrastructure for scalability and resilience. The controlled loop fundamentals of the platform have made operationalizing applications much easier, allowing us to focus more on providing a better customer experience rather than constantly fixing problems. This has significantly reduced our time-to-market, enabling us to deliver enhanced services to our customers with greater efficiency.” John Rodel Villa, lead cloud engineer, Globe

“Integrating Red Hat OpenShift into our development processes has been a game-changer. It has not only streamlined our workflows but also empowered our teams to adopt a more collaborative and innovative approach to software engineering. This collaboration has set the stage for the next phase of Globe’s digital transformation, where we can explore new possibilities in AI and cloud-native development.” Gabriel Pormilda, lead software engineer, Globe

“Globe’s engagement with Red Hat Open Innovation Labs has been pivotal in enhancing its technological capabilities and service offerings. By leveraging Red Hat’s open source solutions, including Red Hat OpenShift, Globe has modernized its IT environment, enabling greater agility and scalability. This engagement demonstrates Globe’s dedication to innovation and its effort to adopt advanced technologies for delivering high-quality services to its customers.” Marjet Andriesse, senior vice president and general manager, Red Hat APJC

To learn more about Red Hat Open Innovation Labs, visit the website here.

Nokia and Red Hat Announce Partnership for Telecommunications Support Solutions

*Stats featured here were provided by Globe

The post Red Hat Open Innovation Labs Collaborates with Globe appeared first on Digital IT News.