“As discussions of metaverse increase, there is an opportunity to establish one for the DevOps community, essentially a free and open exchange of information, such as software reviews and democratization of security practices. current, ”wrote Fred Simon, co-founder and chef. Data Scientist at JFrog, Yoav Landman co-founder and CTO, and Asaf Karas CTO Security.
The three senior executives of the DevOps platform highlighted five key DevOps / DevSecOps forecasts for 2022.
Low-code / no-code solutions will receive a wake-up call
Low-code and no-code programming tools have grown in popularity as they allow everyday business users with little or no coding experience to build applications that meet their needs. But one thing that is often overlooked when examining these tools is security – if a vulnerability appears in a piece of code, that vulnerability will be present every time that code is deployed. Just as serverless applications were on the rise and people weren’t sure how to deploy them securely, I predict there will be a similar learning curve with low-code and no-code solutions. .
CISOs will continue to take control of their software supply chain
As we have seen over the past year and more, deteriorations in the software supply chain can quickly impact profitability due to rising costs. In 2022, open source supply chain security will take hold as organizations rally around new ways to share and consume knowledge in digestible ways. The idea is to democratize security testing and information, which requires more collaboration and communication. In this vein, JFrog and others are working to “rank” security packages and tools to help foster this democratization process.
In addition, CISOs will increasingly take advantage of tools that create a complete chain of custody for software releases and automate the discovery and visibility of security issues throughout the software supply chain. Tools that reduce friction during the software release process keep systems running smoothly and, more importantly, ensure end user satisfaction.
The metaverse will further support hybrid work models
The global pandemic has accelerated work-from-home models out of necessity, and almost two years later organizations are realizing that remote and hybrid work models are actually good for business. As discussions of metaverse increase, there is an opportunity to establish one for the DevOps community, essentially a free and open exchange of information such as software reviews and the democratization of current security practices. This area is currently immature, but I expect the industry to start moving in that direction soon to improve collaboration, as remote working remains important.
Remote working isn’t going to go away – more and more companies will look to the global workforce as they realize that local workers aren’t always enough. Remote working is, in fact, a new reality, and savvy companies are capitalizing by attracting top talent to markets where they were not previously present – and this trend will continue.
The impact of AI / ML / IoT on DevOps
Kubernetes and other technologies have already made huge strides in bringing smart software development to end users, which is to everyone’s benefit, however, the amount of software we need to create and maintain is growing faster than the number of developers we have in the market. So the only way to keep pace with the demand for updating the high-quality software that powers the planet is to use the help of machines – or artificial intelligence. While we don’t necessarily have bots developing code, you’ll see more AI / ML / NLP in the tools used to help do a developer’s job faster, safer, and more efficiently, which is beneficial for scaling. AI is already helping us speed up the process by helping us automate the tuning, management and monitoring of code and systems to ensure they are secure and up to date, but we need a platform. complete and intelligent shape to take it to the next level.
DevSecOps will merge with application development
In 2022, we will continue to see the push towards the integration of DevSecOps with the development of business products and applications. This will be driven by developers who recognize the critical security issues, and in order to fix these issues they will need the right tools. In today’s modern world, just about every organization needs security tools to report vulnerabilities with prescriptive steps to fix them. Security threats will continue to be a serious risk, not only in software development, but also in corporate infrastructure. Defining the role of people and processes in relation to technology alone will help enable deeper collaboration.
Fred Simon is the Co-Founder and Chief Data Scientist at JFrog, Yoav Landman is the Co-Founder and CTO, and Asaf Karas is the CTO Security