DevOps Deals With Its Bottleneck

DevOps practices have been accelerating application development and deployment in the cloud. But security has emerged as a major bottleneck.

"The biggest change that will hit production in the next 12 to 18 months is a new way of implementing security, at a cultural and technical level," Mitchell Hashimoto, founder and CTO of HashiCorp, told CRN.

DevOps tools (like those from HashiCorp) that remove friction from the development cycle don’t amount to much if customers follow security protocols that require months of approval before apps can go into production. The rise of container schedulers like Kubernetes and microservices are also distressing security in new ways.

DevOps practitioners are "being held back by this old school way of locking down their data centers," Hashimoto told CRN. "It's time to start applying DevOps more rigorously to security in addition to development and operations."

That means security needs to move with the application, built into every step of the DevOps process rather than a layer applied at its end.