CloudBeees Adds Capabilities for Software Delivery Management, DevSecOps
CloudBees is preparing to ship the first two modules of its Software Delivery Management solution for feature management and engineering productivity. These updates follow major improvements in CloudBees support for DevSecOps. IDN reviews both rollouts.
CloudBees is preparing to ship the first two modules of its Software Delivery Management solution, which focuses on feature management and engineering productivity use cases.
These coming SDM rollouts follow on the heels of some major improvements in CloudBees support for DevSecOps with audit-ready software delivery pipelines.
Available by the end of 2020, CloudBees execs said the new SDM modules aim to give engineering managers and leaders the visibility, connectivity, control, and insights they need to unblock bottlenecks in the software delivery process.
“We previously introduced our vision for Software Delivery Management as a market category,” said Shawn Ahmed, senior vice-president, and general manager for software delivery automation at CloudBees. “Last year, we brought that vision into focus by building an extremely powerful and highly connected system of record to be the backbone of our offering. This year, we are leveraging that work by announcing the general availability of CloudBees Software Delivery Management in Q4 2020 with the first two modules that tackle specific challenges organizations have today”
One module takes an initial step in solving higher-order feature management problems and grants product development teams control over the features that get issued in software releases. Extending the developer-centric CloudBees Feature Flags technology, product development teams can begin to manage features holistically, grouping, and controlling sets of flags for coordinated progressive delivery.
The second module is focused on engineering productivity and will help engineering managers and leaders deal with the ongoing struggle to gain visibility into the development process. Using the module, leaders can better understand whether their teams are spending time working on the right priorities, moving quickly enough to deliver value on time, and maintaining the quality of the software the organization expects to deliver.
CloudBee’s vision for SDM consists of what they call “four pillars.”
Common data - All information within software delivery activity is captured and stored in a common data model to facilitate connected processes, shared insights, and collaboration.
Universal insights - Visibility and insights enable understanding and continuous learning from data across all functions throughout and up-and-down in the organization.
Common connected processes - Processes orchestrate software delivery and connect functions together to efficiently bring ideas to the market with maximum value and adoption.
All functions collaborating - All functions and teams within and around the software delivery organization work together to amplify value creation efforts.
In a statement, Susan Lally, Cloudbees’ senior vice-president, product development described the focus on SDM. “In our product research efforts around Software Delivery Management, we found that our customers face the same challenges we do - namely, how do we measure and continually improve engineering efficiency, and deliver product value faster and of higher quality. That validated that both feature management and engineering productivity were widespread pain points in the industry, so we prioritized bringing these two Software Delivery Management modules to market first,” she said.
“Gaining more control over feature deployment and deeper insights into the development process will give customers the control, visibility and insights they need to deliver software more quickly and efficiently,” Lally added.
CloudBees Also Adds New DevSecOps Capabilities
CloudBees is adding a robust new set of DevSecOps capabilities for CloudBees CI and CloudBees CD to enable customers to perform early and frequent security checks and ensure that security is an integral part of the whole software delivery pipeline workflow without sacrificing speed or increasing risk.
With CloudBees CI and CloudBees CD solutions, users get access to several layers of security within the software delivery process. The new security features automate processes with proven integrations, hardened audit-ready pipelines, and the ability to instantly mitigate defective code.
“Companies need to innovate faster, but if they don’t integrate security early and often they expose themselves to a number of risks,” said Shawn Ahmed, senior vice-president, and general manager, Software Delivery Automation, CloudBees. “With CloudBees, they can remove those risks. Tapping the power of our market-leading CI and CD solutions, they can keep moving at high speed with full confidence that their code is secure in development, secure in delivery, and secure in production.”
CloudBees responded to these legacy challenges by building security functionality into its products in the following ways:
- Feature flag integration – New features can be quickly pushed to production following an automated process. If issues crop up in production, that specific feature can be immediately pulled back, and full traceability of what happened automatically provided.
- Enhanced granularity in Role-Based Access Control – Fine-grained permissions are able to be set by team, user, and even at the file level to ensure only authorized users access project assets, as needed, to perform their job. New capabilities released in CloudBees CI allow team leaders to manage non-security related configuration settings on their controllers - without granting them the powerful overall/administrator permission.
- Enhanced backup, restore, and recovery – CloudBees is extending Velero to CloudBees CI for backup, restore, and recovery use cases. Velero is not only a superior solution for disaster recovery use cases but is also purpose-built for Kubernetes. Kubernetes support brings valuable capabilities for cluster migration and portability to CloudBees CI. This technology is already being used in CloudBees CD.
- Audit-ready pipelines – Hardened audit-ready pipelines ensure only immutable, approved components and environments are used, preventing drift and tampering. This provides full traceability and audit reports in an instant.
- Hardened CloudBees CI – CloudBees developed a hardened version of its industry-leading continuous integration solution that meets strict government specifications for security, certified to DoD standards.
- Proven integrations – Proven integrations to many leading security automation applications, such as Anchore, Alcide.io, CyberArk, Checkmarx, Contrast Security, FOSSA, RunSafe Security, Shiftleft.io, Snyk, Sonatype, Synopsys, WhiteSource Software, and Zimperium provide increased protection against outside risks.
CloudBees offers a flexible platform linking teams and tools across the organization. The idea is to enable visibility, collaboration and governance through a unified process with common data, to help developers be more efficient and deliver impactful apps. The CloudBees platform sports technologies for a system of record, reporting engine, policy management and an app framework where developers can create APIs to extend integration to other tools in the toolchain.