There are currently unprecedented changes in security operations—the nature of the threats, the systems that need to be integrated, the compliance rules that need to be followed, the list of assets that need to be protected, all are changing and growing more rapidly everyday. Yet, we also know that, change will never be this slow again.
SureView is a software company and our entire focus is on developing the ImmixCC response platform. We have been building and maintaining this platform and the integration library that supports it (500+ integrations and counting) for over 15 years. In that time the mandate of the security executive has radically expanded; the servers are now routinely hosted in the Cloud; the technologies we use to develop the software have evolved; and the way we release software is quicker. Our customers don’t have the luxury of standing still, and nor do we.
That’s why we recently used these changes as an opportunity to unlock the potential of our team. We are changing the entire way that we build and deliver software. Gone are the days when we had the luxury of a major software release twice a year—our customers need us to implement changes immediately because change in their organization is occurring so rapidly.
What Does DevOps have to do with it?
In the software world this new approach is called DevOps—simply put its a set of practices designed so that software development (Dev) and information-technology operations (Ops) teams can work closely together to deliver applications and services quickly. The principles of DevOps find their origin in the Lean Manufacturing practises first implemented by Toyota and subsequently by every major car manufacturer. DevOps is more than a set of tools to develop and deploy software, it’s a cultural shift for an organization. We adopted the DevOps approach to ensure we were more agile and responsive to our customers' needs.
In practise this change meant completely rethinking the way we work with our customers. We no longer create complex Statement of Works, that often take a long time to develop and deploy. Our experience is that these rarely account for all the variables that arise in a project. Our new DevOps approach starts with identifying the high-level use case and then quickly developing prototypes, beta, and early release to get immediate feedback so that the feature/function can be refined until it meets the need. This constant feedback loop is what is at the core of DevOps and is a huge change in how we work collaboratively with our customers.
This has not been easy and frankly, we’re just at the beginning of this journey. However, we’ve already discovered we can be so much more responsive and deliver updates that are closely aligned with what our customers want.If you are interested in learning more about DevOps I recommend reading a short book, The Phoenix Project, by Gene Kim, George Spafford, Kevin Behr, published in 2013 by IT Revolution Press. It’s an easy read; a novel with a good storyline. DevOps is not just for Software development organization like ours but anyone that is managing complex IT style projects. Take a look.