Forbes – Jason Bloomberg – 6/8/12
In fact, one way to look at this ‘shift everything to the left’ mentality is ‘continuous everything.’ “Continuous everything is really around how do you do continuous testing and continuous delivery,” explains David Williams, Senior Vice President, Portfolio Strategy at CA Technologies. “When you’re delivering on a test infrastructure, it’s continuous throughout, whether it’s from development, thorough to release, into production, back into plan, and that is a continuous environment.”
There’s more to the DevOps software lifecycle than testing and deployment, however. A critical missing piece is security. Today, the most advanced DevOps teams are shifting security to the left as well. “Security teams can learn a lot by borrowing some of the practices and strategies of QA teams that have embraced shift left testing,” says Scott Fitzpatrick, Software Developer and SauceLabs Contributor. “If you continuously vet the application for security issues from the outset of development, it is highly unlikely that a major security concern would arise toward the end of the delivery pipeline.”
What do you get when you take DevOps and then shift security to the left as well as operations and testing? DevSecOps, of course. “It’s how we’re changing the paradigm from DevOps to DevSecOps,” says Ayman Sayed, President and Chief Product Officer at CA Technologies.