CloudBees unveils a new DevSecOps platform

By | 10:13 AM Leave a Comment

CloudBees has unveiled a new cloud native DevSecOps platform that places platform engineers and developer experience front and center. The platform is built on Tekton, uses a GitHub Actions style domain-specific language (DSL), and adds feature flagging, security, compliance, pipeline orchestration, analytics and value stream management (VSM) into a fully-managed single-tenant SaaS, multi-tenant SaaS or on-premise virtual private cloud instance.

This new platform is an open and extensible DevSecOps platform with the ability to orchestrate any tool in your software development toolchain. It also redefines DevSecOps by addressing the challenges associated with delivering better, more secure and compliant cloud native software at a faster pace than ever.

With the rush towards cloud native application development, software development and delivery teams struggle with the complexity that comes with modern cloud native architectures. In response, a new discipline called platform engineering has emerged as an evolution of DevOps practices.

The discipline brings together multiple roles such as site reliability engineers (SREs), DevOps engineers, security teams, product managers, and operations teams. Their shared mission is to integrate all the siloed technology and tools used within the organization into a golden path for developers. The CloudBees platform is purpose built for this mission.

The CloudBees Platform: Go faster, stay safe

The CloudBees platform empowers organizations to simplify complex cloud native development and deployment processes across all the tools in the DevOps tool chain, thereby accelerating innovation velocity.

It is designed to provide a seamless journey from code development to successful deployment, with an unwavering focus on the following imperatives:

Developer-centric experience

Enhances the developer experience by minimizing cognitive load and making DevOps processes nearly invisible, using concepts of blocks, automations and golden paths.

Open and extensible

Embraces the DevOps ecosystem of tools, starting with Jenkins. This flexibility to orchestrate any other tool enables organizations to protect the investments they have already made in tooling. Teams can continue to use their preferred technologies simply by plugging them into the platform.

Self-service model

Enables platform engineering to customize the platform, thus providing autonomy for development teams. For example, platform engineers can design automations and actions that are then consumed in a self-service mode by developers. Developers focus on what they do best: create innovation. No waiting for needed automations, actions, or resources.

Security and compliance

Centralizes security and compliance. The CloudBees platform comes with out-of-the-box workflow templates containing built-in security. Sensitive information, like passwords and tokens, are abstracted out of the pipeline, significantly enhancing security and compliance throughout the software development life cycle.
Automated DevSecOps is baked in, with best-of-breed checks across source code, binaries, cloud environments, data and identity, all based on Open Policy Agent (OPA). Continuous compliance just happens, with out-of-the box regulatory frameworks for standards such as FedRamp, SOC2 and automated evidence collection for the auditors.

“We have been using the CloudBees platform in beta. One significant value add for us was that it significantly reduced the time it took to pass our ISO 27001 compliance audit,” said Michel Lopez, CEO at E2F. “The auditor had scheduled 12 hours of interviews, but it ended after 60 minutes. This was because all of the controls were provided by the CloudBees platform.”

“Today we are announcing the most open and extensible platform on the market, architected for cloud scale and the problems developers and platform teams face today,” said Shawn Ahmed, CPO, CloudBees.

“Over the past 24 months we have listened, crafted, iterated, and developed a solution based on thousands of unique points of feedback. Time and time again, customers highlight the challenges in going fast, staying secure and improving developer experience,” he added.

“The CloudBees platform is the culmination of our commitment to reshaping the DevSecOps landscape. Our new platform empowers developers, unifies teams, and accelerates innovation while offering unprecedented flexibility and choice,” Ahmed concluded.


from Help Net Security https://ift.tt/FlpEQ8g

0 comments:

Post a Comment