Category Archives: security

Open Source driving Security, DevOps and Infrastructure Automation

If you are an Application Developer, DevOps engineer, Site Reliability Engineer (SRE) or otherwise interested in Cloud Native and application modernization, you will see a lot of action in the fields of security, automation and devops areas on Cloud Native. Venture Capital is investing heavily in devops automation and security, recruiters are aggressively hunting down talent, new job openings are being posted every day, new startups are funded, open source projects and Kubernetes extensions launched with no end.

There are also a lot of really boring companies and technologies, capitalizing on the surge in adoption of cloud native without inspiring vision, like anything with “data-driven”, “single-sign on”, “insights”, “utilizing AI to optimize”, “future of cloud engineering” or “AI driven” makes me fall asleep fast. But there are also some really exciting initiatives, especially in the field of “everything is code”, automation of infrastructure, security and Kubernetes extensions and standardizations.

One thing, that IBM always got right in my opinion, is the decades long strategy to lead innovation by open sourcing technologies and creating community governed foundations to govern the open source standards for it, from the Apache Foundation, the Linux Foundation, Node.js Foundation to the more recent Cloud Native Computing Foundations (CNCF), CD Foundation to Open Cybersecurity Alliance (OCA).

The technologies and startups that I am most excited about, and which I recommend to let your long term career choices and direction be guided by all follow the same model and objectives: to build a service organization, to open source their core technology and to aim to be promoted to foundation projects. Just to name a few startups:

  • env0, two rounds of seed funding in 2020 of 6.8M
  • Snyk, added 200M investments in September 2020 and went from Series A to a $2.6BN valuation in 2.5 years
  • Harness, added 60M in series B funding in 2019, acquiring Drone.io in 2020
  • Pulumi, raised $37.5 million in Series B funding
  • Ambassador, formerly known as datawire.io 4M funding in seed funding in 2019

Or some interesting open source projects,

  • Ansible. Ansible is too widely adopted and established to really mention here, but the reason why I include it here, is because it too keeps innovating to adept to the growing complexity of cloud native architectures and still driving and inspiring a lot of the above mentioned startups probably, for instance with Ansible Molecule and Ansible AWX.
  • OpenSCAP, I am personally very interested in the automation of so-called business controls and compliance with regulatory requirements. OpenSCAP is one of the best tools out there, especially with image, container and NIST scanning. But there are also super exciting developments in the field of Robotic Process Automation (RPA).
  • kustomize, if you are used to Helm to configure your Kubernetes deployments, you will find Kustomize fun to play with. There are other tools like Source-to-Image (S2I) for instance that are similar.
  • skopeo, the longer I work on Cloud Native, the more I find myself drawn back to the basics of managing containers, skopeo is a great tool for this.
  • podman, also a bit out of line here, but if you are interested in security and hate to be stuck with only a single tool in the toolbox, Podman is a great alternative to Docker to build your images, and comes out of the SELinux corner with a much better security design.