Wow! Where did 2021 go?
We are closing out yet another eventful year, one that has seen waves of change in our use of technology, an increased need for automation and virtualization, and new dependencies from users around the world on our global developer community.
Yet, beyond innovations that helped us live – literally – through the pandemic, it’s been a year of triumphs, trials, and tidal shifts, notably marked by the continued migration to the cloud and the importance of security in all aspects of our virtual lives.
Let’s look back at two trends that shaped 2021, and how our community can get ready in 2022.
A shift to the left
It goes without saying that application and software security is a shared responsibility across an entire development team. However, it’s not just a change in culture that we need to achieve advances in security outcomes. It’s a change in practice that companies have come to realize is important to both their reputation and business.
Enter Shift Left Security…
Shift Left Security is essentially moving security responsibility earlier – or to the “left” – within the application design, development, and deployment workflow. It encourages proactive design, monitoring, and awareness of security concerns and risks while reducing time and costs to fix these issues. In Shift Left, security is built in right from the start – where even an MVP (minimum viable product) is always secure. This model also makes collaboration with ops and security vital to success.
To make this change, Shift Left must be a team play – it can’t just be a slogan or a “shift blame” plan. Teams must look beyond IDEs and CI/CD pipeline tools to transform their practices. This is a fundamental change away from security as an afterthought and to an approach where teams embrace “Security-as-Code” in the design phase and “Policy-as-Code” in the runtime phase.
What can you do to get ready in 2022?
Getting Started: Learn how to implement Shift Left within your development organization in this crash course covering methodology and best practices. And if you want to continue that introduction, you can read “Why Security Can’t Be An Afterthought in DevOps.”
Taking it Further: To deepen your understanding of Shift Left and how to secure your cloud native applications, I’d recommend watching the SecureAppCN presentation where you’ll also learn about APIClarity, an open source cloud native tool that monitors API usage via a service mesh framework. To dive further into the subject and learn how to detect zombie and shadow APIs, view this collection of Snack Minute episodes featuring APIClarity.
Getting Hands-on: Deep dive through a step-by-step tutorial using APIClarity GitLab CI/CD and Kubernetes to get better visibility into how and when your APIs are being utilized.
Off to the cloud
The mass migration of businesses to the cloud continued in 2021. In a report released in August, Gartner forecasts that spending on public cloud services will exceed $480 billion in 2022, growing over 20%.
For businesses, this migration to the cloud has produced new challenges around managing multi-cloud environments; it’s an issue that can be best addressed by a solid Hybrid Cloud and Hybrid IT approach. This “better together” strategy to cloud is excellent for enabling businesses to migrate select services to the cloud methodically. Still, for developers and DevOps engineers, it’s been a source of increased complexity in day-to-day work – introducing new demands and needed skill sets for increased visibility and observability across these mixed deployments.
For developers and DevOps engineers looking to mitigate issues associated with cloud complexity while enhancing hybrid cloud operations and increasing insights and automation, I’d recommend reviewing Cisco’s efforts in Full-Stack Observability (FSO) and Infrastructure as Code (IaC) – two topics we’ve talked about often this year and were featured in my DevNet Create keynote.
If you are new to both topics, FSO – a solution that brings together AppDynamics, ThousandEyes, and Intersight – provides insights across domains, from applications and network to cloud and data center, while IaC builds a consistent cloud operating model for public and private cloud automation.
What can you do to get ready in 2022
Getting Started: You can read this blog to learn more about FSO and its components, and check out this overview to learn more about IaC and our integration between Intersight and HashiCorp Terraform.
Getting Hands-on: Take a look at this example in our Code Exchange library to learn how to monitor cloud-native microservices with AppDynamics and ThousandEyes. And for experiences with IaC, you can use this walk-through learning lab and sandbox to learn how to provision virtual machines using Intersight and Terraform.
Onward to 2022
It has been a year of accelerated cloud adoption and heightened awareness around security starting from code. The pandemic really forced companies to move faster than they were planning. In the process, they gained agility – but also complexity. We’re here to help – from learning materials to tools and technologies.
We are inspired by the continual innovations you’re creating to help our global community – from connected healthcare systems which enable independent living, to new AI-based tools making applications smarter and more capable, to touchless data center solutions. We’re excited about the future of our work together and all that 2022 will bring. From all of us in Cisco Developer Relations to all of you, we wish everyone a safe and happy holiday season and new year.
We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!