As we see organizations digitally transforming themselves, software testing is crucial in the software development lifecycle. Arash Taheri, Director of Quality Engineering at Central 1, will discuss Integrating Automated Testing into DevOps and Agile.
Where do you start with security test cases? How do you ensure your dependencies aren’t adding to security risk? What threat models and attack vectors are common in a cloudy world? What are quick and free wins you can use to reduce risk and improve security?
Come learn about how to get started, some quick wins and a few master level tricks for dev, DevOps and QA in the intersection of security and development.
About the Speaker:
Michael Argast is an experienced cyber security professional with over 20 years of industry experience. He is the co-founder and CEO of Kobalt Security Inc., a start-up security service provider for small and mid-sized organizations. In addition, Michael founded the Sky Northern Security Alliance of independent security consultants (now a part of Kobalt), ran several security functions within TELUS for 5 years, and ran Sales Engineering worldwide at Sophos, leading 120 staff in 17 countries. Michael has been a guest speaker at previous ISACA and BC Aware events and at the Privacy and Security conference in Victoria as well as global lectures in Moscow, Madrid and Oxford University. Michael is a strong supporter of growing the skills, breadth and diversity of the security community and welcoming students and career changers into the field. You can connect with him on LinkedIn or Twitter (@michaelargast).
Important note: Because you do need a access key to use the elevator, we ask that you please arrive no later than 6:15 PM, so that we can ensure everyone is able to get up to the event with ease. Thank you!
The past decade has seen some tectonic shifts in how application software is developed and deployed.
Traditional waterfall methods, which siloed teams and produced apps that mostly worked well (until they didn’t), gave birth to Agile, a fresh new way of including the various design, development and production teams in a holistic way while creating a lean operational approach.
Going Further with DevOps
While Agile spelled out a new, far more efficient way for teams – and clients – to work together to produce an app, DevOps goes one step further1. It recognizes that development and operations teams must also work efficiently with each other, because the full end-to-end life-cycle of creating, testing, rolling out and improvement are inextricably linked. A well-integrated DevOps environment can deliver the highest customer experience levels.
It’s all about evolution, and Optimus Information has embraced the concept of DevOps, putting it into practice earlier this year.
Taking a New Approach to Project Development
“Lean” was pioneered by Toyota in Japan at the end of the Second World War, where its principles of reducing waste and Continuous Improvement have influenced software development methods.
Khushbu Garg, Optimus’s Senior Technical Lead at the company’s office in Noida, southwest of New Delhi, refers to DevOps as a culture. It’s a way of approaching and working a project, she says, and should be the path that every new organization should follow.
“By ‘new organization’, I mean a new company trying to make a name for itself to attract customers. The only way to do this is to deliver fast, with A+ quality in the work. You want to gain the trust of your customers and this is the only way to do it,” she explained.
The net result of using the DevOps approach, she says, is a significant increase in the speed of development, delivery and deployment time while dealing with issues and scaling up the application.
The Five Stages in the DevOps Process
Organizations, new or otherwise, can’t simply plunge into DevOps and expect it to work straight out of the box. There is a process that must be followed before success can be achieved.
It begins with delineating the stages:
Define your business logic and plan around that.
How will you build the solution, where will you place the coding, where will you put the configuration?
This is where you ensure the quality of the build through regression testing, acceptance testing, etc.
Package the app, release it and configure it.
Monitor, to be certain the app remains functional.
DevOps is not an outgrowth of the Agile methodology; it stands on its own. But the two share similarities in approach. Agile allows fast development and rapid bug fixes so deployment occurs in production as soon as possible – you test fast and release fast. The DevOps approach allows this to occur smoothly, especially within the CI/CD pipeline, where automated testing using the Optimus Test Harness can pay huge dividends.
Technology Considerations of DevOps
When faced with a new project, Khushbu points out, it’s important to determine if it will be easy to implement DevOps for that project. Then, an organization needs to consider which technology will be used. At Optimus, numerous projects are running at any given time and the company makes use of a variety of technologies, both cloud-based and open source.
“Currently,” she says, “we’re using Jenkins, an open source technology. Jenkins works well for us because it supports almost all the technologies we use, like Node, Angular, C# and Java. Also, there’s no cost to Jenkins because it’s open source.”
Her team in India uses pipelines for Continuous Integration and Continuous Development because the pipeline method requires very little developer knowledge – which contributes to fast app development.
She then tasks her team with researching which technology will work best. Once the project is underway, a great deal of testing occurs smoothly with the DevOps method: unit testing, deployment stage testing, automated testing, and so on.
The Critical Role Played by the Customer
A hallmark of Agile app development is how the client, and sometimes the customer, is involved at every point in the project. That’s no different with DevOps, Khushbu explains.
“In fact, we place great emphasis on email notification of all stakeholders whenever a stage is deployed. Even here, we get granular: how many emails we send, what information we include, what test reports are pertinent, even what template we use to convey the information and which developer is working on which stage.” The result of this care and attention to communications means the stakeholder can identify how the project is progressing and contact the appropriate developer to offer input, if needed.
By putting the DevOps culture to work, through the step-by-step process that Optimus has implemented, the client is always up to speed because of the collaboration that occurs. “We don’t need a separate IT person to deploy our builds, we don’t need IT infrastructure time, and we can quickly share a build with a customer and give the development team any feedback needed,” said Khushbu.
DevOps is as much a discipline as it is a culture. Optimus has adopted DevOps for all our projects and we’ve already seen great success with it. We know it works because it’s inclusive when it’s deployed properly.
We invite you to contact us to learn more about this evolutionary approach to app development. Our job is to stay at the leading edge of software technology and our goal is to provide our clients and customers the benefits that such technologies bring. So, get in touch with us today!
https://www.optimusinfo.com/wp-content/uploads/2018/08/iStock-607969272.jpg12552389Optimus Informationhttps://www.optimusinfo.com/wp-content/uploads/2014/11/optimusinfologo.pngOptimus Information2018-08-15 12:36:582018-09-12 19:53:20DevOps: Embrace the Culture and Speed App Development and Deployment