I recently gave a Bright Talk session on adding security to the Agile Cloud/DevOps Development cycle. Part of this discussion addressed adding security testing as part of the process before, during, and even after continuous deployment. In other words, if we continually deploy, we must continually test. Our testing needs to be in the multi-minded parallel process we use for modern development, not the single-minded pipeline acceptable to most DevOps or agile processes. In the past, a team of people would test, each working independently to improve our software. We need similar capabilities within our automated processes. How do we achieve this? How do we add automated, continual testing? And where can we add this to our process or pipeline?
IT as a Service
IT as a Service (ITaaS) covers private clouds, hybrid clouds, and on-premises clouds, as well as cloud management, including performance management offerings used to create and manage these entities. Consider this IT consumption as a utility. (Read More)
This topic explores Infrastructure as a Service (IaaS) private and hybrid cloud offerings, Platform as a Service (PaaS) private and hybrid cloud offerings, and Software as a Service (SaaS). It also investigates emerging areas such as Desktop as a Service (DaaS), Storage as a Service, and Applications as a Service.
The key areas covered include enterprise applications and use cases that are appropriate for private and hybrid clouds, and how consumers and vendors should select cloud management offerings they will use to manage the various types of cloud services and the journey to the cloud: from A to Z and all points between.
Can you believe that we are over halfway through 2016? With summer in full swing and VMworld 2016 right around the corner, I thought it would be worthwhile to take a look at how VMware is doing and to offer some midyear insights.
The Microsoft Worldwide Partner Conference is taking place this week in Toronto (week of 7/18/16), and the cloud is unquestionably its key topic. Many CIOs and CTOs have caught the cloud bug and have openly stated that their infrastructures are moving to the cloud. But what exactly is “the cloud,” and is it really ready for prime time?
Eric Wright of VMTurbo wrote about the death of root cause analysis (RCA) with the rise of microservices. I take exception to this, as microservices aren’t really all that new. Even what’s being called “serverless computing” isn’t particularly new. However, that’s a discussion for another time. The point of RCA is to find the real reasons for failures. I don’t see how using microservices changes this. All we’ve done is add more layers to delve through to find the true root cause of a problem.
Data drives the modern business. It drives the modern development process. And it drives IT operations analytics in the NOC and the SOC. This raises the questions “Who owns all this data? Do data sovereignty rules apply?” Data is everywhere, and it is used in many ways. In many cases, the same data is used in multiple ways by distinctly different groups, working methods, and ivory towers.
Any part of any infrastructure, application, or cloud is data. Data is used by applications, and myriad data is presented to IT organizations for their use, edification, insights, and more. But what really is this data? Can we classify the types of data in some way? Data classifications should not be just “structured” and “unstructured”; they must go deeper than that. To understand how IT operations analytics (ITOA) can act on data, we first need to classify data into something we can comprehend. ITOA leads to insights that can be used to predict capacity, track applications, and tell us when we have security events.