The seven deadly diseases of DevOps

Part of the Architecting the Cloud podcast series

Where DevOps meets security you get DevSecOps, but are companies doing it right? If not, how can they avoid the seven deadly diseases of DevOps?

DevSecOps: Improving both ops and security

DevOps has been a boon to software development, marrying development with operations and stressing shared responsibility and accountability. Now, forward-thinking companies are realizing that security should be part of the DevOps mindset—thus the term DevSecOps. The name reflects the long-neglected, but tremendous, opportunity for collaboration between DevOps and security. However, there are pitfalls to watch out for in integrating security with established DevOps methods. In this week’s episode, Mike Kavis and guest John Willis, Vice President of DevOps and Digital Practices at SJ Technologies, dive deep into DevSecOps. John shares his insights on the “Seven Deadly Diseases” of DevOps—the worst of which is ignoring security—and provides tips for companies to help avoid them and finally make security a first-class citizen in the DevOps environment.

Disclaimer: As referenced in this podcast, “Amazon” refers to AWS (Amazon Web Services).

Google DevSecOps and you'll find a lot of great emerging opportunities of people who are doing the right things, finally getting security to break out of the kind of silo last mile, hey, let us look at it, no good. It's this integrated collaborative discussions.

John Willis is Vice President of Devops and Digital Practices at SJ Technologies. Prior to SJT he was the Director of Ecosystem Development for Docker, which he joined after the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired by Docker in March 2015. Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is a co-author of the Devops Handbook.

Back to top

DevOps and cloud-no longer optional

DevOps and the cloud? Yes. Together. It's tough, but it’s often advisable to do a DevOps transformation simultaneously with your cloud solution. However, it’s not enough to build both. You must do the hard work of making them function well together.

Back to top

DevOps–shift everything left

DevOps has always been about removing bottlenecks from the software development lifecycle (SDLC). Becoming a high performing organization is not a technology project; it’s a transformation, but very few enterprises seem to be able to undertake it.

Back to top

Realizing the transformative power of the cloud

For Cloud Professionals: Hosted by David Linthicum and designed for cloud professionals, this podcast gives you the straight talk on cloud computing. From what’s going on in the industry, the impact of cloud in the enterprise to how it can enable business transformation–it’s all covered here.

Architecting the Cloud: Get real about cloud technology with Mike Kavis on the Architecting the Cloud podcast. We’re talking about what’s new in the cloud, how to use it, and why with people in the field who have done the work.

Subscribe now on: iTunes | SoundCloud | Stitcher | Google Play | Spotify

Or visit the On Cloud library for the full collection of episodes.

Please contact cloud@deloitte.com for any inquiries around this or other previous On Cloud podcasts.

Back to top

Previous episode