agile software development
Auto Added by WPeMatico
Auto Added by WPeMatico
One of the biggest factors in the success of a startup is its ability to quickly and confidently deliver software. As more consumers interact with businesses through a digital interface and more products embrace those interfaces as the opportunity to differentiate, speed and agility are paramount. It’s what makes or breaks a company.
As your startup grows, it’s important that your software delivery strategy evolves with you. Your software processes and tool choices will naturally change as you scale, but optimizing too early or letting them grow without a clear vision of where you’re going can cost you precious time and agility. I’ve seen how the right choices can pay huge dividends — and how the wrong choices can lead to time-consuming problems that could have been avoided.
The key to success is consistency. Create a standard, then apply it to all delivery pipelines.
As we know from Conway’s law, your software architecture and your organizational structure are deeply linked. It turns out that how you deliver is greatly impacted by both organizational structure and architecture. This is true at every stage of a startup but even more important in relation to how startups go through rapid growth. Software delivery on a team of two people is vastly different from software delivery on a team of 200.
Decisions you make at key growth inflection points can set you up for either turbocharged growth or mounting roadblocks.
The founding phase is the exciting exploratory phase. You have an idea and a few engineers.
The key during this phase is to keep the architecture and tooling as simple and flexible as possible. Building a company is all about execution, so get the tools you need to execute consistently and put the rest on hold.
One place you can invest without overdoing it is in continuous integration and continuous deployment (CI/CD). CI/CD enables developer teams to get feedback fast, learn from it, and deliver code changes quickly and reliably. While you’re trying to find product-market fit, learning fast is the name of the game. When systems start to become more complex, you’ll have the practices and tooling in place to handle them easily. By not having the ability to learn and adapt quickly, you give your competitors a massive edge.
One other place where early, simple investments really pay off is in operability. You want the simplest possible codebase: probably a monolith and a basic deploy. But if you don’t have some basic tools for observability, each user issue is going to take orders of magnitude longer than necessary to track down. That’s time you could be using to advance your feature set.
Your implementation here may be some placeholders with simple approaches. But those placeholders will force you to design effectively so that you can enhance later without massive rewrites.
At 10 to 20 engineers, you likely don’t have a person dedicated to developer efficiency or tooling. Company priorities are still shifting, and although it may feel cumbersome for your team to be working as a single team, keep at it. Look for more fluid ways of creating independent workstreams without concrete team definitions or deep specialization. Your team will benefit from having everyone responsible for creating tools, processes and code rather than relying on a single person. In the long run, it will help foster efficiency and productivity.
Powered by WPeMatico
The pandemic forced companies around the world to adjust to a “new normal,” which caused many leaders to pivot their business strategies and adopt new technologies to continue operations. In a time of chaos and change, there is no senior leader that can navigate this sort of change better than a CTO.
Not only do CTOs understand the ever-changing tech landscape, they also provide invaluable insights to help organizations go beyond traditional IT conversations and leverage technology to successfully scale businesses.
Boards are facing pressure to be strategic and thoughtful on how to evolve in the rapidly iterating world of technology, and a CTO is uniquely positioned to address specific challenges.
There are now more reasons than ever to consider adding a CTO to your board. As a CTO myself, I know how important and impactful it can be to have technical-minded leaders on a company’s board of directors. At a time when companies are accelerating their digital transformation, it’s critical to have diverse technical perspectives and people from varying backgrounds, as transformations are a mix of people, process and technology.
Drawing on my experience on Lightbend’s board of directors, here are five hidden benefits of making space at the table for a CTO.
Currently, most boards of directors are composed of former CEOs, CFOs and investors. While such executives bring vast experience, they have very specific expertise, and that frequently does not include technical proficiency. In order for a company to be successful, your board needs to have people with different backgrounds and expertise.
Inviting different perspectives forces companies out of the groupthink mentality and find new, creative solutions to their problems. Diverse perspectives aren’t just about the title –– racial ethnicity and gender diversity are clearly a play here as well.
For a product-led company, having a CTO who has been close to product development and innovation can bring deep insights and understanding to the boardroom. Boards are facing pressure to be strategic and thoughtful on how to evolve in the rapidly iterating world of technology, and a CTO is uniquely positioned to address specific challenges.
Powered by WPeMatico
Israeli security startup Cycode, which specializes in helping enterprises secure their DevOps pipelines and prevent code tampering, today announced that it has raised a $20 million Series A funding round led by Insight Partners. Seed investor YL Ventures also participated in this round, which brings the total funding in the company to $24.6 million.
Cycode’s focus was squarely on securing source code in its early days, but thanks to the advent of infrastructure as code (IaC), policies as code and similar processes, it has expanded its scope. In this context, it’s worth noting that Cycode’s tools are language and use case agnostic. To its tools, code is code.
“This ‘everything as code’ notion creates an opportunity because the code repositories, they become a single source of truth of what the operation should look like and how everything should function, Cycode CTO and co-founder Ronen Slavin told me. “So if we look at that and we understand it — the next phase is to verify this is indeed what’s happening, and then whenever something deviates from it, it’s probably something that you should look at and investigate.”
The company’s service already provides the tools for managing code governance, leak detection, secret detection and access management. Recently it added its features for securing code that defines a business’ infrastructure; looking ahead, the team plans to add features like drift detection, integrity monitoring and alert prioritization.
“Cycode is here to protect the entire CI/CD pipeline — the development infrastructure — from end to end, from code to cloud,” Cycode CEO and co-founder Lior Levy told me.
“If we look at the landscape today, we can say that existing solutions in the market are kind of siloed, just like the DevOps stages used to be,” Levy explained. “They don’t really see the bigger picture, they don’t look at the pipeline from a holistic perspective. Essentially, this is causing them to generate thousands of alerts, which amplifies the problem even further, because not only don’t you get a holistic view, but also the noise level that comes from those thousands of alerts causes a lot of valuable time to get wasted on chasing down some irrelevant issues.”
What Cycode wants to do then is to break down these silos and integrate the relevant data from across a company’s CI/CD infrastructure, starting with the source code itself, which ideally allows the company to anticipate issues early on in the software life cycle. To do so, Cycode can pull in data from services like GitHub, GitLab, Bitbucket and Jenkins (among others) and scan it for security issues. Later this year, the company plans to integrate data from third-party security tools like Snyk and Checkmarx as well.
“The problem of protecting CI/CD tools like GitHub, Jenkins and AWS is a gap for virtually every enterprise,” said Jon Rosenbaum, principal at Insight Partners, who will join Cycode’s board of directors. “Cycode secures CI/CD pipelines in an elegant, developer-centric manner. This positions the company to be a leader within the new breed of application security companies — those that are rapidly expanding the market with solutions which secure every release without sacrificing velocity.”
The company plans to use the new funding to accelerate its R&D efforts, and expand its sales and marketing teams. Levy and Slavin expect that the company will grow to about 65 employees this year, spread between the development team in Israel and its sales and marketing operations in the U.S.
Powered by WPeMatico
Opsera, a startup that’s building an orchestration platform for DevOps teams, today announced that it has raised a $15 million Series A funding round led by Felicis Ventures. New investor HMG Ventures, as well as existing investors Clear Ventures, Trinity Partners and Firebolt Ventures also participated in this round, which brings the company’s total funding to $19.3 million.
Founded in January 2020, Opsera lets developers provision their CI/CD tools through a single framework. Using this framework, they can then build and manage their pipelines for a variety of use cases, including their software delivery lifecycle, infrastructure as code and their SaaS application releases. With this, Opsera essentially aims to help teams set up and operate their various DevOps tools.
The company’s two co-founders, Chandra Ranganathan and Kumar Chivukula, originally met while working at Symantec a few years ago. Ranganathan then spent the last three years at Uber, where he ran that company’s global infrastructure. Meanwhile, Chivukula ran Symantec’s hybrid cloud services.
“As part of the transformation [at Symantec], we delivered over 50+ acquisitions over time. That had led to the use of many cloud platforms, many data centers,” Ranganathan explained. “Ultimately we had to consolidate them into a single enterprise cloud. That journey is what led us to the pain points of what led to Opsera. There were many engineering teams. They all had diverse tools and stacks that were all needed for their own use cases.”
The challenge then was to still give developers the flexibility to choose the right tools for their use cases, while also providing a mechanism for automation, visibility and governance — and that’s ultimately the problem Opsera now aims to solve.
“In the DevOps landscape, […] there is a plethora of tools, and a lot of people are writing the glue code,” Opsera co-founder Chivukula noted. “But then they’re not they don’t have visibility. At Opsera, our mission and goal is to bring order to the chaos. And the way we want to do this is by giving choice and flexibility to the users and provide no-code automation using a unified framework.”
Wesley Chan, a managing director for Felicis Ventures who will join the Opsera board, also noted that he believes that one of the next big areas for growth in DevOps is how orchestration and release management is handled.
“We spoke to a lot of startups who are all using black-box tools because they’ve built their engineering organization and their DevOps from scratch,” Chan said. “That’s fine, if you’re starting from scratch and you just hired a bunch of people outside of Google and they’re all very sophisticated. But then when you talk to some of the larger companies. […] You just have all these different teams and tools — and it gets unwieldy and complex.”
Unlike some other tools, Chan argues, Opsera allows its users the flexibility to interface with this wide variety of existing internal systems and tools for managing the software lifecycle and releases.
“This is why we got so interested in investing, because we just heard from all the folks that this is the right tool. There’s no way we’re throwing out a bunch of our internal stuff. This would just wreak havoc on our engineering team,” Chan explained. He believes that building with this wide existing ecosystem in mind — and integrating with it without forcing users onto a completely new platform — and its ability to reduce friction for these teams, is what will ultimately make Opsera successful.
Opsera plans to use the new funding to grow its engineering team and accelerate its go-to-market efforts.
Powered by WPeMatico
By now, all companies are fundamentally data driven. This is true regardless of whether they operate in the tech space. Therefore, it makes sense to examine the role data management plays in bolstering — and, for that matter, hampering — productivity and collaboration within organizations.
While the term “data management” inevitably conjures up mental images of vast server farms, the basic tenets predate the computer age. From censuses and elections to the dawn of banking, individuals and organizations have long grappled with the acquisition and analysis of data.
By understanding the needs of all stakeholders, organizations can start to figure out how to remove blockages.
One oft-quoted example is Florence Nightingale, a British nurse who, during the Crimean war, recorded and visualized patient records to highlight the dismal conditions in frontline hospitals. Over a century later, Nightingale is regarded not just as a humanitarian, but also as one of the world’s first data scientists.
As technology began to play a greater role, and the size of data sets began to swell, data management ultimately became codified in a number of formal roles, with names like “database analyst” and “chief data officer.” New challenges followed that formalization, particularly from the regulatory side of things, as legislators introduced tough new data protection rules — most notably the EU’s GDPR legislation.
This inevitably led many organizations to perceive data management as being akin to data governance, where responsibilities are centered around establishing controls and audit procedures, and things are viewed from a defensive lens.
That defensiveness is admittedly justified, particularly given the potential financial and reputational damages caused by data mismanagement and leakage. Nonetheless, there’s an element of myopia here, and being excessively cautious can prevent organizations from realizing the benefits of data-driven collaboration, particularly when it comes to software and product development.
Data defensiveness manifests itself in bureaucracy. You start creating roles like “data steward” and “data custodian” to handle internal requests. A “governance council” sits above them, whose members issue diktats and establish operating procedures — while not actually working in the trenches. Before long, blockages emerge.
Blockages are never good for business. The first sign of trouble comes in the form of “data breadlines.” Employees seeking crucial data find themselves having to make their case to whoever is responsible. Time gets wasted.
By itself, this is catastrophic. But the cultural impact is much worse. People are natural problem-solvers. That’s doubly true for software engineers. So, they start figuring out how to circumvent established procedures, hoarding data in their own “silos.” Collaboration falters. Inconsistencies creep in as teams inevitably find themselves working from different versions of the same data set.
Powered by WPeMatico
Contrast, a developer-centric application security company with customers that include Liberty Mutual Insurance, NTT Data, AXA and Bandwidth, today announced the launch of its security observability platform. The idea here is to offer developers a single pane of glass to manage an application’s security across its lifecycle, combined with real-time analysis and reporting, as well as remediation tools.
“Every line of code that’s happening increases the risk to a business if it’s not secure,” said Contrast CEO and chairman Alan Naumann. “We’re focused on securing all that code that businesses are writing for both automation and digital transformation.”
Over the course of the last few years, the well-funded company, which raised a $65 million Series D round last year, launched numerous security tools that cover a wide range of use cases, from automated penetration testing to cloud application security and now DevOps — and this new platform is meant to tie them all together.
DevOps, the company argues, is really what necessitates a platform like this, given that developers now push more code into production than ever — and the onus of ensuring that this code is secure is now also often on that.
Traditionally, Naumann argues, security services focused on the code itself and looking at traffic.
“We think at the application layer, the same principles of observability apply that have been used in the IT infrastructure space,” he said. “Specifically, we do instrumentation of the code and we weave security sensors into the code as it’s being developed and are looking for vulnerabilities and observing running code. […] Our view is: the world’s most complex systems are best when instrumented, whether it’s an airplane, a spacecraft, an IT infrastructure. We think the same is true for code. So our breakthrough is applying instrumentation to code and observing for security vulnerabilities.”
With this new platform, Contrast is aggregating information from its existing systems into a single dashboard. And while Contrast observes the code throughout its lifecycle, it also scans for vulnerabilities whenever a developers check code into the CI/CD pipeline, thanks to integrations with most of the standard tools like Jenkins. It’s worth noting that the service also scans for vulnerabilities in open-source libraries. Once deployed, Contrast’s new platform keeps an eye on the data that runs through the various APIs and systems the application connects to and scans for potential security issues there as well.
The platform currently supports all of the large cloud providers, like AWS, Azure and Google Cloud, and languages and frameworks, like Java, Python, .NET and Ruby.
Powered by WPeMatico
In the world of software development, one term you’re sure to hear a lot of is full-stack development. Job recruiters are constantly posting open positions for full-stack developers and the industry is abuzz with this in-demand title.
But what does full-stack actually mean?
Simply put, it’s the development on the client-side (front end) and the server-side (back end) of software. Full-stack developers are jacks of all trades as they work with the design aspect of software the client interacts with as well as the coding and structuring of the server end.
In a time when technological requirements are rapidly evolving and companies may not be able to afford a full team of developers, software developers that know both the front end and back end are essential.
In response to the coronavirus pandemic, the ability to do full-stack development can make engineers extremely marketable as companies across all industries migrate their businesses to a virtual world. Those who can quickly develop and deliver software projects thanks to full-stack methods have the best shot to be at the top of a company’s or client’s wish list.
So how can you become a full-stack engineer and what are the expectations? In most working environments, you won’t be expected to have absolute expertise on every single platform or language. However, it will be presumed that you know enough to understand and can solve problems on both ends of software development.
Most commonly, full-stack developers are familiar with HTML, CSS, JavaScript and back-end languages like Ruby, PHP or Python. This matches up with the expectations of new hires as well, as you’ll notice a lot of openings for full-stack developer jobs require specialization in more than one back-end program.
Full-stack is becoming the default way to develop, so much so that some in the software engineering community argue whether or not the term is redundant. As the lines between the front end and back end blur with evolving tech, developers are now expected to work more frequently on all aspects of the software. However, developers will likely have one specialty where they excel while being good in other areas and a novice at some things… and that’s OK.
Getting into full-stack, though, means you should concentrate on finding your niche within the particular front-end and back-end programs you want to work with. One practical and common approach is to learn JavaScript because it covers both front and back-end capabilities. You’ll also want to get comfortable with databases, version control and security. In addition, it’s smart to prioritize design, as you’ll be working on the client-facing side of things.
Because full-stack developers can communicate with each side of a development team, they’re invaluable to saving time and avoiding confusion on a project.
One common argument against full stack is that, in theory, developers who can do everything may not do one thing at an expert level. But there’s no hard or fast rule saying you can’t be a master at coding and also learn front-end techniques, or vice versa.
One hold up you may have before diving into full-stack is you’re also mulling over the option to become a DevOps engineer. There are certainly similarities among both professions, including good salaries and the ultimate goal of producing software as quickly as possible without errors. As with full-stack developers, DevOps engineers are also becoming more in demand because of the flexibility they offer a company.
Powered by WPeMatico
It’s the summer of 1858. London. The River Thames is overflowing with the smell of human and industrial waste. The exceptionally hot summer months have exacerbated the problem. But this did not just happen overnight. Failure to upkeep an aging sewer system and a growing population that used it contributed to a powder keg of effluent, bringing about cholera outbreaks and shrouding the city in a smell that would not go away.
To this day, Londoners still speak of the Great Stink. Recurring cholera infections led to the dawn of the field of epidemiology, a subject in which we have all recently become amateur enthusiasts.
Fast forward to 2020 and you’ll see that modern software pipelines face a similar “Great Stink” due, in no small part, to the vast adoption of continuous integration (CI), the practice of merging all developers’ working copies into a shared mainline several times a day, and continuous delivery (CD), the ability to get changes of all types — including new features, configuration changes, bug fixes and experiments — into production, or into the hands of users, safely and quickly in a sustainable way.
While contemporary software failures won’t spread disease or emit the rancid smells of the past, they certainly reek of devastation, rendering billions of dollars lost and millions of developer hours wasted each year.
This kind of waste is antithetical to the intent of CI/CD. Everyone is employing CI/CD to accelerate software delivery; yet the ever-growing backlog of intermittent and sporadic test failures is doing the exact opposite. It’s become a growing sludge that is constantly being fed with failures faster than can be resolved. This backlog must be cleared to get CI/CD pipelines back to their full capabilities.
What value is there in a system that, in an effort to accelerate software delivery, knowingly leaves a backlog of bugs that does the exact opposite? We did not arrive at these practices by accident, and its practitioners are neither lazy nor incompetent so; how did we get here and what can we do to temper modern software development’s Great Stink?
Powered by WPeMatico
Technology has dramatically changed over the last decade, and so has how we build and deliver enterprise software.
Ten years ago, “modern computing” was to rely on teams of network admins managing data centers, running one application per server, deploying monolithic services, through waterfall, manual releases managed by QA and release managers.
Today, we have multi and hybrid clouds, serverless services, in continuous integration, running infrastructure-as-code.
SaaS has grown from a nascent 2% of the $450B enterprise software market in 2009, to 23% in 2020 and crossed $100B in revenue. PaaS and IaaS revenue represent another $50B in revenue, expecting to double to $100B by 2022.
With 77% of the enterprise software market — over $350B in annual revenue — still on legacy and on-premise systems, modern SaaS, PaaS and IaaS eating at the legacy market alone can grow the market 3x-4x over the next decade.
As the shift to cloud accelerates across the platform and infrastructure layers, here are four trends starting to emerge that will change how we develop and deliver enterprise software for the next decade.
Companies are building more dynamic, multiplatform, complex infrastructures than ever. We see the “-aaS” of the application, data, runtime and virtualization layers. Modern architectures are forcing extensibility to work with any number of mixed and matched services.
Powered by WPeMatico
Axiom, a startup that helps companies deal with their internal data, has secured a new $4 million seed round led by U.K.-based Crane Venture Partners, with participation from LocalGlobe, Fly VC and Mango Capital. Notable angel investors include former Xamarin founder and current GitHub CEO Nat Friedman and Heroku co-founder Adam Wiggins. The company is also emerging from a relative stealth mode to reveal that is has now raised $7 million in funding since it was founded in 2017.
The company says it is also launching with an enterprise-grade solution to manage and analyze machine data “at any scale, across any type of infrastructure.” Axiom gives DevOps teams a cloud-native, enterprise-grade solution to store and query their data all the time in one interface — without the overhead of maintaining and scaling data infrastructure.
DevOps teams have spent a great deal of time and money managing their infrastructure, but often without being able to own and analyze their machine data. Despite all the tools at hand, managing and analyzing critical data has been difficult, slow and resource-intensive, taking up far too much money and time for organizations. This is what Axiom is addressing with its platform to manage machine data and surface insights, more cheaply, they say, than other solutions.
Co-founder and CEO Neil Jagdish Patel told TechCrunch: “DevOps teams are stuck under the pressure of that, because it’s up to them to deliver a solution to that problem. And the solutions that existed are quite, well, they’re very complex. They’re very expensive to run and time-consuming. So with Axiom, our goal is to try and reduce the time to solve data problems, but also allow businesses to store more data to query at whenever they want.”
Why did they work with Crane? “We needed to figure out how enterprise sales work and how to take this product to market in a way that makes sense for the people who need it. We spoke to different investors, but when I sat down with Crane they just understood where we were. They have this razor-sharp focus on how they get you to market and how you make sure your sales process and marketing is a success. It’s been beneficial to us as were three engineers, so you need that,” said Patel.
Commenting, Scott Sage, founder and partner at Crane Venture Partners added: “Neil, Seif and Gord are a proven team that have created successful products that millions of developers use. We are proud to invest in Axiom to allow them to build a business helping DevOps teams turn logging challenges from a resource-intense problem to a business advantage.”
Axiom co-founders Neil Jagdish Patel, Seif Lotfy and Gord Allott previously created Xamarin Insights that enabled developers to monitor and analyse mobile app performance in real time for Xamarin, the open-source cross-platform app development framework. Xamarin was acquired by Microsoft for between $400 and $500 million in 2016. Before working at Xamarin, the co-founders also worked together at Canonical, the private commercial company behind the Ubuntu Project.
Powered by WPeMatico