Flux7 Blog

In last week’s DevOps news round-up, we shared data around in-demand developer skills. For companies looking to modernize applications, COBOL shouldn’t be ignored, according to a new Micro Focus report.  The new survey finds that COBOL app modernization is a preferred approach, over replacing or retiring. Indeed, 53% said they plan to modernize apps and integrate their COBOL systems. 

DevOps News

• Veracode released findings of its annual State of Software Security report. Key findings include:
  • Two in three applications fail to pass initial tests based on the OWASP Top 10 and SANS 25 industry standards
  • Teams that scan code 300 times a year have 5x less security debt 
  • 171 is the average time it takes to fix a flaw today, compared to 59 days 10 years ago.

• GitHub Enterprise Server 2.20 is now available. It features expanded branch protection rules to give admins greater control to enforce more detailed rule combinations. The new version gives Enterprise users their own audit log page. And, admins can now run an optional migration script to convert all public repos into internal repos. Note that while this migration is optional to help you test changes on non-production instances, it will become mandatory in a future release.
• Red Hat OpenShift Container Platform is generally available for IBM Z and IBM LinuxONE. With the announcement, IBM brings OpenShift cloud-native apps to on-premises enterprise servers IBM Z and LinuxONE.
• Apache Groovy 3.0 has arrived. Most notable about the new version is its default parser, code-named Parrot. The team notes they extended the parser to support additional syntax options and language features. Groovy also now features support for Java-style Lambda syntax.

AWS News 

• AWS announced it’s even easier to use CloudFormation StackSets to manage multiple accounts with AWS Organizations. According to the company, users can now centrally orchestrate any AWS CloudFormation enabled service across multiple AWS accounts and regions. AWS CloudFormation StackSets make it easy to configure cross-account permissions. This will allow users to automatically create and delete resources when accounts join or leave an Organization. 
• AWS operators can now apply canary and linear deployment strategies to containers orchestrated by Amazon ECS using AWS CodeDeploy. 
• Our DevOps consultants enjoyed two AWS blogs this week. The first shares “How to improve LDAP security in AWS Directory Service with client-side LDAPS.” In it, AWS discusses the steps to configure client-side LDAPS and allow encrypted communications between Amazon WorkSpaces and Amazon EC2-based self-managed AD. The second shares “How to use KMS and IAM to enable independent security controls for encrypted data in S3.” Here AWS shares how users can reach encryption down to the storage layer, protecting data where it resides. And, in the process, create independent access control with KMS encryption, IAM and S3 bucket policies.
  

Flux7 News

• Many view innovation and security as conflicting. Yet, they are achievable in unison.  Learn how to achieve cloud security with a balanced approach. See how Dev, Ops, and cloud security best practices unite these two goals.  Download the white paper today. Effectively Balance Your Organization Between Security and Agility.
• Read our latest case study: how a global service firm uses Amazon DynamoDB for client success. Seeking a cloud tool to centralize client data collection, the Fortune firm gained greater insight into global delivery. As a result, it grew consistency across projects and expanded its cloud portfolio.
  

Become a DevSecOps leader. Download our newest white paper today: Effectively Balance Your Organization Between Security and Agility. 

Download the White Paper

Written by Flux7 Labs

Flux7, an NTT DATA Company, is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.