Jumping on the Devops Bandwagon

Having some time to plan your next career move is not only about school runs and making the dinner, so I decided to study using Linkedin Learning courses on the Devops, Agile, DevSecOps technology space, which at ￡25-￡30 per course, is cheaper than most.

Modern enterprises have learned that siloed ways of working and conflicting priorities between development and operations teams hinder their ability to deliver applications and services at high velocity and quality. Devops emerged to solve this problem with a set of principles and working philosophies to foster collaboration and goal alignment.

My four initial study courses were:

1. Devops Foundation

This took me through the principle of Devops; reduce organizational silos, accept failure as normal, implement gradual change, leverage tooling and automation, measure everything.

2. Devops with AWS

Quite a technical course on how AWS deloys and configures Devops within their cloud, touching on AWS service API's, CLI and SDK's, create a CI/CD (continuous integration/continuous delivery) pipeline on the platform.

3. Devops Foundation - Lean and Agile

• Apply principles of lean, agile, and DevOps to steps in the development process.
• Differentiate between the concepts of kanban and scrum.
• Describe success measures used in the lean and agile processes

4. DevSecOps

This was an extensive course going through the DevSecOps tools: SAST (static application security testing), DAST (dynamic application security testing) & IAST (interactive application security testing).

The course also mentioned some popular tools in these Security Application tech spaces:

SAST: Fortify, Veracode, Checkmarx

Opensource - Brakeman, PMD

DAST: Invicti, Burp, Acunetix?

Opensource - ZAP

IAST: Contrast, Seekr, HDV

Opensource - Contrast

Also talked through the following organisations/apps:

OWASP, ZAP, SQLMap, OpenVAS, WebGoat, Anchore, Arachni, Nikto

As well as some books:

• ChatOps - Jason Hand
• Lean IT - Steven C. Bell/Michael A. Orzen
• The Phoenix Project - Gene Kim/Kevin Behr/George Spafford
• The DevOps Handbook - Gene Kim/Jez Humble/Patrick Debois/John Willis

And........ an innovative overview of ChatOps:

ChatOps is?the use of chat clients, chatbots and real-time communication tools to facilitate how software development and operation tasks are communicated and executed. In a ChatOps environment, the chat client serves as the primary communication channel for ongoing work.

At this stage I would also like to thank a friend, Mark Curphey (founder of OWASP), whose excellent recent write-ups have appeared very timely for my DevSecOps studies.