Operations | Monitoring | ITSM | DevOps | Cloud

As we wrap up swampUP 2021, I have never felt more excited about being part of the global DevOps community. My greatest takeaway from swampUP 2021, with all of its great presentations and the participation of thousands of our community peers, is that DevOps today finds itself at a historical inflection point. Let me explain.

In early 2020, threat actors breached the build systems of Solarwinds and used this access to add malicious code into one of SolarWinds products. The product, called “Orion”, is very widely used and deployed by tens of thousands of companies, including many Fortune 500 companies.

Software delivery on a team of 2 people is vastly different from software delivery on a team of 200. Over the growth of a startup, processes and tool choices will evolve naturally - but either optimizing too early or letting them evolve without a picture of where you’re headed can cost you in time and agility later. That’s why I want to talk to you about how to evolve your delivery process with purpose.

This post was written by Michael Knighten, Founder & COO of Sleuth There are some similarities between deploying continuously and driving in the fast lane. When driving, you need to be always on the alert, proactively looking down the road for potential hazards. When you see them, you need to be able to react immediately, hit the brakes, and change course nimbly.

We’ve just concluded another fantastic swampUP conference, which saw thousands of global developers, DevOps Engineers, community leaders, CIOs and security professionals come together to explore the true epicenter of global business: DevOps. In the words of our CEO, Shlomi Ben Haim, community is more powerful than any pandemic, and we were honored and humbled to be joined by Amazon, Capital One, Salesforce, PagerDuty, Elastic, HashiCorp, Google, Red Hat and many more.

As a developer I couldn’t imagine working without one of these three things. For projects on GitHub the built-in actions should do the latter job fine in most cases. But as everything else they have limits. The more PRs, the more different tests per pull request and the longer those tests run, the longer different PRs have to wait for each other for the continuous integration to run.

When we talk about metrics in software delivery, a lot of developers think of execution metrics — things like throughput, delivery and number of deploys. But in reality, those metrics don’t motivate anyone — at least not without connecting them to a bigger picture. I’ve worked in software for 23 years. I’m a three-time founder and four-time CTO, responsible for leading a 200+ member distributed engineering organization.

You probably remember the Namespace Shadowing a.k.a. “Dependency Confusion” attack that was in the news a couple of weeks ago. I blogged back then about the Exclude Patterns feature of JFrog Artifactory which we’ve had forever and was always intended to protect you against those kinds of attacks.