Best of 2021 – From Agile to DevOps to DevSecOps: The Next Evolution

As we head into 2021, we at wanted to highlight the most popular articles of the year. Here is the ninth episode in our Best of 2021 series.

As the workforce moves to remote locations, networks are becoming more pervasive as the edge moves away. At the same time, the number of devices and apps on those networks continues to rise. Some estimates suggest that by 2030, there will be 15 connected devices for every person on the planet.

The rapid expansion of the remote workforce and the application needs associated with it has created a major challenge for both application developers and IT professionals tasked with deploying and maintaining applications. Finding the right balance between release speed and application stability and reliability – never an easy task – is critical to the success of any organization.

Agile and DevOps were developed to help organizations achieve this balance, providing the best possible customer experience in the shortest realistic time frame. But have Agile and DevOps delivered on that promise?

Graceful Manifesto Promise

While Agile as a methodology has been known and followed for nearly two decades, the ways in which organizations have applied Agile have been as diverse as the organizations themselves.

The Agile Manifesto identified four core values ​​when it was first written in 2001:

  • People and interactions take precedence over processes and tools.
  • Action programs take precedence over comprehensive documentation.
  • Cooperation with clients takes precedence over contract negotiation.
  • Responding to change takes precedence over unconsciously following plans.

Agile processes are applied across a range of development activities, from developing standalone applications to developing cloud-native business applications. The Agile Manifesto also contains several principles that further explain what values ​​mean when put into practice.

These Agile principles can be summarized in a few focus areas:

Prioritize the customer over the product

Rapid development requires continuous customer engagement throughout the entire development process, with the ultimate goal of frequently delivering the product based on specific customer feedback. While this can present challenges for the Agile team, particularly when customers request changes late in the development cycle, Agile emphasizes that the best way to elevate the customer experience is to make the customer a part of the development process.

Trust Agile teams for self-organization and self-management

Agile focuses on smaller teams that stay in constant contact with customers, as well as with each other. These teams should include both developers and those with knowledge of the larger business requirements being met through development. For these teams to operate effectively, trust is key. Agile assumes that self-organized teams, given leeway to follow through on their projects as they see fit, lead to the shortest development cycles.

keep it simple

Agile teams require simplicity. This relates to Agile’s disdain for the overuse of the process. Agile strives to reduce the total amount of work required, thus reducing the overall development time.

agility leads to agility

Just as Agile teams are constantly improving their products and customer experience, they are also constantly improving themselves. The constant evolution of the teams and the processes they use (remember, teams before processes) improves the team’s own agility.

While Agile values ​​and principles seem simple, effective application of values ​​and principles is another story entirely. In fact, at times the implementation of rapid development violated the first value of the statement by focusing on the tools and processes that should be used. But in an environment where more users are demanding more products and services, the application of Agile methodologies is not only important, it is necessary.

Building on Agile with DevOps

The exact meaning of the term itself and the scope of DevOps remains a source of debate. At a high level, DevOps is the combination of the development cycle and post-development activities, such as deployment and maintenance.

According to open source contributor Barbara Ericson of Cloud Defense, “Instead of isolating IT and software development operations from one another, DevOps breaks the traditional boundaries that previously existed between them in order to achieve continuous integration and continuous delivery (CI/CD) of high-quality software features and applications.” for end users”.

Just as with Agile, effective DevOps implementation requires the development of a DevOps culture within the organization. However, Agile and DevOps are not mutually exclusive. This means that DevOps is not just an alternative or evolution of Agile. Although Agile and DevOps differ in their structures and methods, they can work in unison to achieve the ultimate goals of rapid deployment and improved customer experience.

While Agile and DevOps share common goals, they haven’t always agreed on how to achieve those goals. DevOps differs in many respects from Agile, but at its best, DevOps applies Agile methodologies, combined with lean manufacturing principles, to accelerate software deployment.

One particular area of ​​tension between Agile and DevOps is that the latter relies heavily on tools; In particular, when it comes to automating testing and deployment processes. But DevOps can overcome the resistance of Agile developers to using the tools simply by applying the principles of Agile themselves.

Effectively, DevOps proponents must convince Agile teams that doctrinal adherence to the core principles of Agile is in fact incompatible with Agile in the first place. Ironically, Agile developers who insist that process is always bad actually violate Agile principles by refusing to acknowledge the benefits offered through change, which is another Agile principle.

The challenge is to get Agile development teams to trust DevOps’ automation efforts, while at the same time encouraging the DevOps team to consider the business goals of deployment rather than pursuing the speed of deployment for their own benefit.

Through continuous communication between the Agile team and the DevOps team (another Agile principle), development can achieve a degree of comfort with DevOps tasks and processes. This means that the automation of testing and deployment can proceed quickly, resulting in less time to market overall.

Ultimately, Agile and DevOps can work together more effectively when they remember their common goals: smaller change increments based on feedback that lead to faster delivery cycles.

Continuous development: DevSecOps

As networks expand and companies continue to integrate cloud-based services (in many cases, building multi-cloud environments), security issues become more complex. One area that Agile lacks is integrating security into the development process. Unfortunately, in an Agile environment, application security is often an issue that is addressed after development, rather than as part of the process. Enter the following iteration of DevOps: DevSecOps.

DevSecOps revolves around three core principles: ensuring data security while minimizing inconvenience for users to access data, using development tools that identify risks as early as possible in the development process and ensuring that data is encrypted using technologies such as Secure Sockets Layer (SSL) and virtual private networks (VPNs) .

While DevSecOps and Agile may also disagree about the priority of tools, security should become an integral part of any development project. This is why Agile, DevOps, and DevSecOps must work together to ensure not only rapid but also secure deployment.

next development

Agile and DevOps were two important developments in the software development process, but DevSecOps is the next evolutionary step. Despite some disparate characteristics, Agile, DevOps, and DevSecOps can and should work in unison to achieve their common goal: the best possible customer experience and short deployment cycles.

Leave a Comment