IT Modernization and DevOps News Week in Review 5.25.2020

IT Modernization and DevOps News Week in Review 5.25.2020

By Flux7 Labs
May 25, 2020

This week Verizon released its 2020 Data Breach Investigations Report. Now in its 13th year, Verizon takes a deeper look than ever, adding new industries to its report. In it, Verizon flags human error as the only action type with consistent year-over-year growth, with errors now equally as common as Social breaches and more common than Malware. Misconfiguration remains a leading cause of error, up almost 5% from last year. Note that the data was collected prior to any Covid-related workplace changes which, as we’ve reported in past issues of DevOps news, have resulted in greater ransomware and phishing campaigns.

In addition, readers should note that the 2020 DIBR found a striking increase in web application breaches, jumping to 43% in 2020. Of cloud-related breaches, 73% involved an email or web application server. Relatedly, GitLab revealed its fourth annual DevSecOps survey finding that DevOps adoption has resulted in wide changes across tools and developer, security, and operations team roles. With 25% of developers saying they feel solely responsible for security and 70% of operations reporting that developers can provision their own environments. Last, it’s worth noting that testing remains the top bottleneck for the second year running, with only 12% reporting that they have full test automation

For more Cloud Security, Digital Transformation, and DevOps news, subscribe to the Flux7 blog:

DevOps News

  • Microsoft acquires Softomotive to grow its low-code robotic process automation (RPA) desktop authoring offerings, allowing anyone to build a bot and automate Windows-based tasks.
  • RedisAI and RedisGears by Redis Labs moves to GA. RedisAI helps speed inferencing performance by serving models within Redis, where the reference data lives. Working in conjunction with RedisGears, a serverless engine for infinite data-processing options, the new products are designed to help operators move AI into production.
  • StackRox introduces the StackRox Kubernetes Security Platform. The updated solution features new runtime security features for a faster incident response of containers and Kubernetes environments.
  • Venafi announces a definitive agreement to acquire Jetstack. Together, the firms plan to “transform the way modern applications required by digital transformation are secured” according to a press release.
  • Microsoft introduces Azure Synapse Link. The new cloud-native implementation of HTAP helps operators get insights from the real-time transactional data stored in their operational databases. The solution is available now in Azure Cosmos DB.
  • Azure brings Azure Arc enabled Kubernetes to preview. Introduced in November, Azure Arc brings Azure services to hybrid infrastructure. The new Kubernetes enabled solution connects and configures any Kubernetes cluster across datacenters, edge locations, and multi-cloud. 

AWS News 

  • AWS CloudFormation supports blue/green deployments for Amazon ECS in a new integration with AWS CodeDeploy. The combined solution also allows users to invoke canary style deployments of application updates.
  • Amazon DynamoDB now allows empty values for non-key String and Binary attributes in its tables. The new feature extends the flexibility to use attributes without having to transform them before being sent to DynamoDB.
  • AWS announces support for Federated Authentication via SAML 2.0 with AWS Client VPN. With the added support, AWS Client VPN now supports three methods of authentication: Mutual authentication via client certificates, user authentication via Active Directory, and user Federated Authentication via SAML.
  • Users can now access their full list of AWS Availability Zones, Local Zones and find out which services are available within the regions by querying AWS Systems Manager Parameter Store

Flux7 News

  • Don’t miss Dr. Aater Suleman as he presents, Accelerating Technology Deployments Using DevOps Practices on May 27th at 6:30 CT. Hosted by the Houston Project Management Institute, learn more and register for free. While you’re there, be sure to check out the rest of their great virtual speaker series.
  • In addition, you may also like Dr. Suleman’s latest article, Cloud Migration — Ready, Fire, Aim. In it, he shares strategies for retroactively optimizing assets that were quickly migrated to the cloud due to a forcing function like an expiring data center contract or upcoming audit.
  • What’s the secret to effectively managing application secrets? Matt Buchner and Levi Blaney share Ten Best Practices for Managing Application Secrets in AWS.
  • Our Agilists share their experience in building Agile teams with the DNA to succeed in today’s new remote environment. The good news is that the building blocks are all things you can quickly incorporate into your remote team’s culture with a little practice. Collaborate and Listen for Remote Agile Team Success

Technology is always changing. Stay in the loop with the Flux7 Blog

Written by Flux7 Labs

Flux7, an NTT DATA Company, is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.