24 DevOps Pros Reveal the Most Important Characteristic of a Successful DevOps Engineer

There’s no precisely defined career track for DevOps engineers because they’re typically developers or sysadmins who develop an interest in other aspects of operations — such as network operations, deployment, or coding and scripting. Yet with more companies turning to DevOps to deliver products and updates more rapidly, there’s a growing demand for these multi-faceted professionals, and they’re playing an ever-more prominent role in modern companies.

Without a clear-cut career track to lead to a role as a DevOps engineer, companies hire and promote these professionals based on past experience and skillsets. But what characteristics are most important to ensure success as a DevOps engineer? To gain some insight into the skills, talents, and traits that today’s top DevOps engineers need in order to succeed, we reached out to a panel of DevOps pros and engineers and asked them to answer this question:

“What is the most important characteristic of a successful DevOps engineer?”

Read more “24 DevOps Pros Reveal the Most Important Characteristic of a Successful DevOps Engineer”

GDPR: What Compliance Says vs. What DevOps Hears

The deadline for the General Data Protection Regulation (GDPR) is fast approaching, with May 25 marking the official day of reckoning. The updates to the data protection directive of 1995 (Directive 95/46/EC) are designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy rights, and to reshape the way organizations across the EU approach data privacy.

There’s a likelihood that Compliance has approached your DevOps team to get on board. But when Compliance talks, what do you hear? Are you truly understanding what’s required of you to become GDPR compliant? Let’s take a look at some of the possible gaps in knowledge below. Read more “GDPR: What Compliance Says vs. What DevOps Hears”

SLDC, SOC 2, and Other Four Letter Words

Developers gonna develop. That’s why we’re developers. We want to set some implementation goal and then make that a reality. We like to stay heads down and focus on the immediate task at hand. Unfortunately, this can sometimes cause collateral damage. Secondary objectives can get ignored or even trampled in the race to meet the primary target. It’s also likely that other promising developments will get missed as they fall off the main path. Dealing with these issues is one of the many functions of compliance regulations.
Read more “SLDC, SOC 2, and Other Four Letter Words”

20 Dev Leaders and Hiring Managers Reveal Their Favorite DevOps Interview Questions

We champion a security-first DevOps culture at Threat Stack, and I’ve had the opportunity of building DevOps best practices into the company since its earliest days. In our experience, this is the best way of simultaneously reducing risk and achieving peak operational efficiency.

Getting the right players on your DevOps team is crucial to this goal, of course. But how do you filter out the star players from the mediocre? Beyond a careful analysis of a candidate’s background and experience, asking the right interview questions can reveal valuable insights that make it possible to find the ideal candidate to complement your existing team’s skill sets and personalities.

To find out what questions today’s dev leaders turn to during interviews for these all-important insights, we reached out to a panel of hiring managers and dev team leaders and asked them to answer this question:

“What’s your favorite DevOps interview question (and why)?”

Read more “20 Dev Leaders and Hiring Managers Reveal Their Favorite DevOps Interview Questions”

DevOpsDays Austin Recap: Getting Back to Basics

What’s old was new again at DevOpsDays Austin last week, with the 7th annual conference featuring fewer attendees, the elimination of sponsor tables, and a format that put the focus back on knowledge-sharing and human interaction. Running May 3–4 at the Darrell K. Royal-Texas Memorial Stadium, the conference was an interesting exercise in returning to the roots of DevOpsDays, and the payoff was quality presentations and conversations. Read on for a few of the highlights. Read more “DevOpsDays Austin Recap: Getting Back to Basics”

Three Unique Things About DevOpsDays Austin 2018

I’ve always found DevOpsDays to be some of the best gatherings for practitioners — the people in the trenches every day. I’m a regular at these events and consistently learn a ton from my peers — it’s some of the best DevOps training you can get! And I often get the chance to talk about some of my own experiences as well. At the April DevOpsDays in Denver, I had the opportunity to share some advice on integrating security into DevOps.

The upcoming Austin summit promises to switch up the format a bit, focusing more on interactions between practitioners and less on preselected talks. Ernest Mueller has a great post about the organizers’ motivations for changing the format and what to expect, but here are the three things I’m most excited about. Read more “Three Unique Things About DevOpsDays Austin 2018”

Upcoming Webinar — Good, Fast, or Secure? Why DevOps Means You Don’t Have to Choose

Live Tuesday, March 27 at 1:00 p.m. EST

Click here to register.

Overview

Common wisdom holds that, when it comes to software releases, you can only have two of: good, fast, or secure. But we don’t agree at all. When DevOps is implemented thoughtfully and holistically — and when security is brought into the process early — it’s entirely possible to release high-quality, secure code as quickly as the market demands.

In this webinar, we’ll walk you through exactly how Threat Stack has avoided sacrificing security on the altar of speed and share best practices to help you achieve the holy trinity of good, fast, secure code at your organization. Read more “Upcoming Webinar — Good, Fast, or Secure? Why DevOps Means You Don’t Have to Choose”

How Threat Stack Does DevOps — Series Overview

Pete Cheslock, Threat Stack’s Senior Director of Operations, has just published a four-part blog series that gives deep insights into his experience “doing DevOps” at a variety of companies — in particular, his highly successful experience building DevOps practices into the fabric of Threat Stack virtually from day one.

We encourage you to read the entire series: It’s loaded with great accounts of what works and doesn’t work in real-life environments  — there’s nothing academic about Pete’s approach — and also offers up lots of practical advice you can draw on if you’re trying to figure out the best way to implement DevOps in your organization. But before you dive in, we thought we’d offer up a reader’s digest version to get you going. Read more “How Threat Stack Does DevOps — Series Overview”

How Threat Stack Does DevOps (Part IV): Making Engineers Accountable

Early on at Threat Stack, we focused on giving engineers the tools and ownership over their applications that would empower them to deploy and manage their applications in a safe way without causing customer downtime or other issues. As a small, but rapidly growing company, this is necessary for survival. For most of the last four years, Threat Stack has only had a two- to three-person operations team. With a such a small team, we understand that we can’t have our hands on everything that happens in production. It just doesn’t scale, especially given how difficult it can be to hire engineers is this competitive market.

In this post, we’ll take a look at how you can better scale your organization by employing the DevOps best practice of giving engineers fundamental responsibility for their code. Read more “How Threat Stack Does DevOps (Part IV): Making Engineers Accountable”

How to Integrate Security Into a DevOps World

Introduction

by Pete Cheslock, Senior Director Operations, Threat Stack

Today we’re pleased to have Franklin Mosley, Senior Application Security Engineer at PagerDuty, contribute to our blog.

Drawing on his extensive experience as an information security professional, Franklin takes a detailed look at the how’s and why’s of integrating security into a DevOps environment, and provides great tips on how you can start making the transition to a DevOps culture at your organization.


I have been in security for many years, so I have heard many of my colleagues complain that developers and operations have little regard for security. But my perspective is a little different: I used to be a software engineer, so I understand the challenges faced in getting software developed and deployed. To that end, I want to share some of my experiences in this post, and hopefully pass along some valuable tips on how to effectively integrate security into your DevOps world. Read more “How to Integrate Security Into a DevOps World”