Free DevOps Tool for Calculating Development Waste
Some might hate me for saying it, but DevOps can sometimes be a bit of a politics game. When you’re working deep in the trenches, it can be difficult to convince upper management on where you should be spending your time in terms of new functionality and never-ending bug fixes.
Yesterday during a RSA 2016 session on rugged DevOps, I learned about a neat web utility from Joshua Corman (@joshcorman), CTO of Sonatype, a company that focuses on software supply chain management. He’s also a great person to follow if you’re looking to learn more about DevOps and security best practices.
This free online calculator helps calculate developmental waste in your projects. Corman described that today’s software development is similar to a supply chain, where software is built with several different components. Sonatype states that the challenge is “knowing which components you are using, where they are used and which ones have security vulnerabilities, license or quality issues.”
To better understand this, you can play around with the calculator to interpret how much technical debt you’re racking up for these security vulnerabilities. It’s common to hear management or clients that demand new functionality, while fixes are put on the backburner. But with this free tool, you at least have some numbers to put things into perspective and engage in a thoughtful discussion on what needs to change. I hope that this tool sparks some valuable discussion where quality, security, and agility can be improved for your products and services.
Stay tuned for more updates from RSA 2016. Feel free to let me know your thoughts about this tool in the article comments or reach out via Twitter (@blair_greenwood).
More in Security
CISA Warns Unpatched VMware Servers Remain Vulnerable to Log4Shell
Jun 24, 2022 | Rabia Noureen
QNAP Releases Patch to Fix PHP Security Flaw Affecting Select NAS Devices
Jun 23, 2022 | Rabia Noureen
Microsoft Unveils New Edge Secured-Core IoT Devices to Block Firmware Attacks
Jun 22, 2022 | Rabia Noureen
QNAP Warns NAS Users About New DeadBolt Ransomware Campaign
Jun 20, 2022 | Rabia Noureen
Microsoft Defender for Individuals is Now Available on Desktop and Mobile
Jun 16, 2022 | Rabia Noureen
Microsoft Acquires Foreign Cyber Threat Analysis Company Miburo
Jun 15, 2022 | Rabia Noureen
Most popular on petri