Ranger4 DevOps Blog

DevSecOps - is it a Good Thing?

Posted by Gedi Kalinauskas on Wed, Oct 11, 2017 @ 11:10 AM

Yesterday, we had a webcast on 'DevSecOps - is it a Good Thing?' - you can watch the recording here but here's a summary of what we covered:

What is DevSecOps?

Since DevOps originated from the recognition that developers had started to do things like Agile development - the operations teams were getting left behind so, we started with the concept of Agile System Administration & the recognition that we have created silos in the way that we had traditionally organised enterprise IT into a development team. Generally, in software development, security has been looked at as an afterthought - something reflected by security experts. 

Read More

Topics: DevOps, DevOps Foundation Course, DevSecOps, DevSecOps Engineer, AllDayDevOps

Ignorance is Dangerous Bliss

Posted by Helen Beal on Mon, Sep 11, 2017 @ 13:09 PM

Our partner, Sonatype, recently released their latest annual State of the Software Supply Chain report and in it provided new evidence that DevOps practices deliver measurable improvements. It also kickstarted another conversation between us.

One of the things we offer organisations is a free scan of their software to identify a bill of materials (of the open source components within an application) and a summary of the security vulnerabilities and licence risks that exist therein. Applications these days are decreasingly coded and increasingly composed from open source components available in online artifact repositories. It's not difficult to understand why developers would take this approach, as Sonatype's Derek Weeks says:

Read More

Topics: DevSecOps, DevSecOps Engineer

What Does DevOps Look Like in 2017?

Posted by Helen Beal on Mon, Jan 9, 2017 @ 10:01 AM

Welcome back! We hope everyone's had a wonderful festive break and is fired up to make the most of 2017 whatever excitement and craziness the year ahead is going to throw at us. We're looking forward to helping our customers new and old continue to tread the DevOps path to make our lives (and software!) better, faster and safer. Here are 7 things we're expecting to be working on to that end in the coming year:

Read More

Topics: DevOps, DevSecOps, DevOps superpattern, DevOps 2017

I Have to Disagree with Forrester

Posted by George Price on Tue, Oct 25, 2016 @ 15:10 PM

Forrester released a white paper entitled Take Application Performance To The Next Level With Digital Performance Management (DPM); in it they describe Dynatrace as an APM and not a DPM. Well I have to disagree.

Dynatrace as a product is capable of performing all the tasks listed on page 4 and 5 of the paper, but only as part of a true DevOps process. Without the process and discipline then of course it will just be a tool for the Dev, or the Ops or the network guys.

If everyone involved in the customer's journey is consulted from the very beginning and all have an input into what is required from Dynatrace then everything that Forrester is saying that makes a DPM can be achieved so DYNATRACE IS A DPM.

Read More

Topics: DevSecOps, DPM, Ideation to Realisation

Sonatype Release New Capabilities That Represent the World’s First Definitive Database and Coordinate System Capable of Precisely Identifying JavaScript Components and Versions

Posted by Steve Green on Wed, Oct 19, 2016 @ 14:10 PM

Ranger4 partner, Sonatype, the leader in software supply chain automation, yesterday unveiled an updated version of the Nexus platform that provides modern development organizations with unmatched, precise intelligence about npm and JavaScript components so they can continuously deliver higher quality software through DevOps automation and scale.

Read More

Topics: Security, Rugged DevOps, DevSecOps, Sonatype