Top Stories from the Microsoft DevOps Community – 2020.08.28

Happy Friday! I’m back with a collection of posts from you, the wonderful Azure DevOps community. We range from how we use Azure DevOps to the fullest, to code formatting and security, to managing Azure Lighthouse.

Enforce .NET code style in CI with dotnet format

Gérald shows us how to use the dotnet format command in an Azure Pipeline to check code style.

Using a Lighthouse Service Principal within Azure DevOps

Now, this is cool – Thijs explains how they use Azure DevOps to manage Azure Sentinel to manage multiple environments.

#azure & cloud #community #devops #microsoft devops community

What is GEEK

Buddha Community

Top Stories from the Microsoft DevOps Community – 2020.08.28

Happy Friday! I’m back with a collection of posts from you, the wonderful Azure DevOps community. We range from how we use Azure DevOps to the fullest, to code formatting and security, to managing Azure Lighthouse.

Enforce .NET code style in CI with dotnet format

Gérald shows us how to use the dotnet format command in an Azure Pipeline to check code style.

Using a Lighthouse Service Principal within Azure DevOps

Now, this is cool – Thijs explains how they use Azure DevOps to manage Azure Sentinel to manage multiple environments.

#azure & cloud #community #devops #microsoft devops community

How to Extend your DevOps Strategy For Success in the Cloud?

DevOps and Cloud computing are joined at the hip, now that fact is well appreciated by the organizations that engaged in SaaS cloud and developed applications in the Cloud. During the COVID crisis period, most of the organizations have started using cloud computing services and implementing a cloud-first strategy to establish their remote operations. Similarly, the extended DevOps strategy will make the development process more agile with automated test cases.

According to the survey in EMEA, IT decision-makers have observed a 129%* improvement in the overall software development process when performing DevOps on the Cloud. This success result was just 81% when practicing only DevOps and 67%* when leveraging Cloud without DevOps. Not only that, but the practice has also made the software predictability better, improve the customer experience as well as speed up software delivery 2.6* times faster.

3 Core Principle to fit DevOps Strategy

If you consider implementing DevOps in concert with the Cloud, then the

below core principle will guide you to utilize the strategy.

• It is indispensable to follow a continuous process, including all stages from Dev to deploy with the help of auto-provisioning resources of the target platform.
• The team always keeps an eye on major and minor application changes that can typically appear within a few hours of development to operation. However, the support of unlimited resource provisioning is needed at the stage of deployment.
• Cloud or hybrid configuration can associate this process, but you must confirm that configuration should support multiple cloud brands like Microsoft, AWS, Google, any public and private cloud models.

Guide to Remold Business with DevOps and Cloud

Companies are now re-inventing themselves to become better at sensing the next big thing their customers need and finding ways with the Cloud based DevOps to get ahead of the competition.

#devops #devops-principles #azure-devops #devops-transformation #good-company #devops-tools #devops-top-story #devops-infrastructure

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker.

The Citrix products (formerly known as NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively, and are installed in at least 80,000 companies in 158 countries, according to a December assessment from Positive Technologies.

Other flaws announced Tuesday also affect Citrix SD-WAN WANOP appliances, models 4000-WO, 4100-WO, 5000-WO and 5100-WO.

Attacks on the management interface of the products could result in system compromise by an unauthenticated user on the management network; or system compromise through cross-site scripting (XSS). Attackers could also create a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, could result in the compromise of a local computer.

“Customers who have configured their systems in accordance with Citrix recommendations [i.e., to have this interface separated from the network and protected by a firewall] have significantly reduced their risk from attacks to the management interface,” according to the vendor.

Threat actors could also mount attacks on Virtual IPs (VIPs). VIPs, among other things, are used to provide users with a unique IP address for communicating with network resources for applications that do not allow multiple connections or users from the same IP address.

The VIP attacks include denial of service against either the Gateway or Authentication virtual servers by an unauthenticated user; or remote port scanning of the internal network by an authenticated Citrix Gateway user.

“Attackers can only discern whether a TLS connection is possible with the port and cannot communicate further with the end devices,” according to the critical Citrix advisory. “Customers who have not enabled either the Gateway or Authentication virtual servers are not at risk from attacks that are applicable to those servers. Other virtual servers e.g. load balancing and content switching virtual servers are not affected by these issues.”

A final vulnerability has been found in Citrix Gateway Plug-in for Linux that would allow a local logged-on user of a Linux system with that plug-in installed to elevate their privileges to an administrator account on that computer, the company said.

#vulnerabilities #adc #citrix #code injection #critical advisory #cve-2020-8187 #cve-2020-8190 #cve-2020-8191 #cve-2020-8193 #cve-2020-8194 #cve-2020-8195 #cve-2020-8196 #cve-2020-8197 #cve-2020-8198 #cve-2020-8199 #denial of service #gateway #information disclosure #patches #security advisory #security bugs

Why You Should Be Adopting a DevOps Culture in 2020 - DZone DevOps

The year 2020 has arrived, and its arrival brings a lot of innovations and transformations in the Information and Technology (IT) sector and especially to DevOps technologies. The study conducted by experts at Grand View Research says that the DevOps market is anticipated to be worth 12.85 billion USD by 2025. The adoption of DevOps practices rose 17% in 2018 as compared to 10% in 2017, according to Statista. It has been seen that top organizations that have included DevOps practices in their Software Development cycle have experienced a 63% improvement in the quality of software deployments. Due to Agile adoption, 63% frequency in the release of new versions of software! Also, higher standards of coding have been observed.

Benefits of DevOps

• Quick amendment response during the development phase.
• Adapting Agile made easy.
• It is a perfect route for collaboration between teams.
• Iterations help in identifying bugs and their quick resolution.
• Teams can focus more on development and be free from deployment worries.
• Resilient services by teams.
• Cross skilling of teams and better self-improvement Faster time to market.
• It improves the quality of the product.

The market for DevOps is being driven by the increased adoption of Agile methodologies, cloud technologies, rising digitisation, and business automation. Adopting DevOps in the IT culture is a necessity for better team collaborations. So is your business ready to embrace DevOps culture in 2020? Various tools available for DevOps are Docker, Jenkins, GIT, etc. You can always take assistance from Cloud DevOps Consultants or DevOps service providers. If you want to know more about DevOps trends in 2020, then keep reading.

Also Read - Chief Trends Predicted in 2020 to Shape Autonomous Digital Enterprises

The Shift of Winds from CI- Pipelines to DevOps Assembly Lines in 2020

The trends show the interests of the IT industry in CI as the only tool for deployments is slowing down. Continuous Integration (CI) is the process that automates build and runs unit tests on each PUSH of code. CI-Pipelines only work in segments. In order for all the teams to collaborate better, there is a need for automation of CI along with Continuous Delivery and Continuous Deployment of the code and binaries to the target environments. That is where DevOps comes into the picture to improve the process of planning, coding, and automation of delivery and deployment.

**Related Reading - **How to Setup a CI/CD Pipeline with Kubernetes 2020

Embedded Security on Top of List

Cyber security is one of the vital concerns for IT corporations. DevOps is going to be spending a lot of resources on security. The term being used is DevSecOps. The increase in the need for security has made the integration of security in the application development process necessary. By this measure, the vulnerabilities will decrease, and the whole process will be effective, secure, and efficient.

Need for Server-Less Architecture

There will be a simplification of operations with the server-less architecture used by DevOps teams. Legacy systems are being upgraded to server-less operations with solutions like Google Functions, AWS Lambda, and Microsoft’s Azure Functions. This change is cost-effective and also improves the experience of users. This server-less architecture will be the go-to architecture for developers to increase productivity and will need DevOps automation more than ever.

The Future Is Zero-Touch Automation

Zero-touch automation is the future of DevOps automation. There will be no need for human intervention when machine learning is utilized to automate the back-up of vast data fully. The companies which have already implemented or adapted DevOps have seen a significant increase in productivity and faster rates of deployment. Understanding the DevOps cycle and administering automation between all the blocks of sequences.

Shift to Cloud-Native DevOps

There will be an accelerated shift to Cloud-native DevOps since all the enterprises are moving to Cloud-based enterprise products. Cloud adoption ensures flexibility, less downtime, reduces infrastructure expenditures. Gartner predicts that shift to the cloud by 2022 will effect 1.3 Trillion USD of IT industry spending directly or indirectly. Many companies like Google, Microsoft, and Amazon provide cloud computing and storage facilities and smooth operations. These companies are seeing a massive spike in other enterprises looking for their cloud services for faster changes in production.

#devops adoption #devops and agile #devops 2020 #devops benefits #devops

Top Stories from the Microsoft DevOps Community - 2021.06.04

The top stories from the #AzureDevOps #community for 2021.06.04 are here!

For many in the United States, this was a quick week after the Monday holiday and the “unofficial start of the summer.” But as the seasons continue to turn, one thing remains eternal: this community continues to put out amazing new content. One internal note: there was a big announcement this week from the Bicep team, be sure you check out this launch call for version 0.4!

You can watch a video version of this roundup by checking out the Friday, June 4th, 2021 edition of Hello World on LearnTV.

Let’s let some sunshine in and tan in the rays of our roundup of new content.

#community #devops #microsoft devops