These six Agile and DevOps books cover how to adopt the methodologies, manage IT organizations with them, and find routes to improvement.
They’re sure to offer an array of useful advice, relevant anecdotes and viable solutions to IT challenges.
If your company is consideringa transition to Agile, this book, as well as its predecessor,Fear Less: Introducing New Ideas into Organizations, may belong on your year-end reading list. Manns and Rising offer a significant array of suggestions (63 total, between the two titles) to lessen reservations of Agile skeptics and to help leaders of change win their teams’ interest in making the switch. With suggestions that range from discussions with the skeptics — who ask the right questions — to holding trial runs, wherein Agile is tested in short-term experiments, this book will benefit change agents. As DevOps is born out of Agile, Agile developers must be knowledgeable of system operations. In turn, system administrators with solid Agile knowledge can easily become DevOps engineers.
Over the past couple of years, a discussion has been brewing in the Security community about the future of its work. On one hand, the need for security is more urgent than ever as all areas of business and personal computing are being impacted by cyber threats. On the other hand, the process of delivering software has changed: We have significantly streamlined the development process by reducing organizational silos through various implementations of a DevOps culture.
So here’s the question: Faced with this changing landscape, how can Security transform the way it does business in order to contribute its full value — without negatively impacting development schedules and operational procedures?Security needs to adjust to the rapid and agile world of the cloud, but the transition doesn’t have to be difficult. The Ops community faced a similar transition when it integrated with Dev, and there’s much that Security can learn from their experience.
To help out, I’d like to share some of the things I’ve learned over the past few years as I witnessed Ops being integrated into Dev, along with some observations on how Security might use these lessons to transition into the DevOps world. FullStory
With the coming new year comes new strategies to implement, new budgets to work with, and new threats to prevent from harming your business. I’ve personally seen a shift in the past year where more organizations are moving beyond the basic understanding of what threat intelligence is and moving into a planning and implementation process to start benefitting from the value that good intel can provide.
The first step in planning to add threat intelligence into your security and risk program should really focus around the following key questions:
• What is the goal of the intel we want to have?
• Who are the key stakeholders that the intel should serve?
• What are the assets and information we are most concerned about protecting?
• What decisions and outcomes should the intel impact?
• How will results be measured?
• Are we collecting any internal intel already? If not, this is where we should start.
• Should we outsource our intel operation, build in-house or go with a hybrid approach?
Most people who are good with cloud technology are also good with devops. That’s not an accident: It’s impossible to get the full value out of cloud computing unless it’s done in the context of automated devops.
Why is automated devops so important? It’s a competitive advantage that creates faster time to market. Organizations that require weeks or month to deploy software are at a distinct disadvantage.