CloudBees introduces Cloud Native DevSecOps Platform

CloudBees has introduced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.

  • 2 weeks ago Posted in

The platform is built on Tekton, uses a GitHub Actions style domain-specific language (DSL), and adds feature flagging, security, compliance, pipeline orchestration, analytics and value stream management (VSM) into a fully-managed single-tenant SaaS, multi-tenant SaaS or on-premise virtual private cloud instance.

This revolutionary new platform is the most open and extensible DevSecOps platform on the market today, with the ability to orchestrate any tool in your software development toolchain. It also redefines DevSecOps by addressing the challenges associated with delivering better, more secure and compliant cloud native software at a faster pace than ever.

Responding to the Evolving Landscape

With the rush towards cloud native application development, software development and delivery teams struggle with the complexity that comes with modern cloud native architectures. In response, a new discipline called platform engineering, has emerged as an evolution of DevOps practices. The discipline brings together multiple roles such as site reliability engineers (SREs), DevOps engineers, security teams, product managers, and operations teams. Their shared mission is to integrate all the siloed technology and tools used within the organization into a golden path for developers. The CloudBees platform is purpose built for this mission.

The CloudBees Platform: Go Faster, Stay Safe

The CloudBees platform empowers organizations to simplify complex cloud native development and deployment processes across all the tools in the DevOps tool chain, thereby accelerating innovation velocity. It is designed to provide a seamless journey from code development to successful deployment, with an unwavering focus on the following imperatives:

1. Developer-centric experience

Enhances the developer experience by minimizing cognitive load and making DevOps processes nearly invisible, using concepts of blocks, automations and golden paths.

2. Open and extensible

Embraces the DevOps ecosystem of tools, starting with Jenkins. This flexibility to orchestrate any other tool enables organizations to protect the investments they have already made in tooling. Teams can continue to use their preferred technologies simply by plugging them into the platform.

3. Self-service model

Enables platform engineering to customize the platform, thus providing autonomy for development teams. For example, platform engineers can design automations and actions that are then consumed in a self-service mode by developers. Developers focus on what they do best: create innovation. No waiting for needed automations, actions, or resources.

4. Security and compliance

Centralizes security and compliance. The CloudBees platform comes with out-of-the-box workflow templates containing built-in security. Sensitive information, like passwords and tokens, are abstracted out of the pipeline, significantly enhancing security and compliance throughout the software development life cycle. Automated DevSecOps is baked in, with best-of-breed checks across source code, binaries, cloud environments, data and identity, all based on Open Policy Agent (OPA). Continuous compliance just happens, with out-of-the box regulatory frameworks for standards such as FedRamp, SOC2 and automated evidence collection for the auditors.

“We have been using the CloudBees platform in beta. One significant value add for us was that it significantly reduced the time it took to pass our ISO 27001 compliance audit,” said Michel Lopez, founder and CEO at E2F. “The auditor had scheduled 12 hours of interviews, but it ended after 60 minutes. This was because all of the controls were provided by the CloudBees platform.”

"Today we are announcing the most open and extensible platform on the market, architected for cloud scale and the problems developers and platform teams face today,” said Shawn Ahmed, chief product officer, CloudBees. “Over the past 24 months we have listened, crafted, iterated, and developed a solution based on thousands of unique points of feedback. Time and time again, customers highlight the challenges in going fast, staying secure and improving developer experience. “The CloudBees platform is the culmination of our commitment to reshaping the DevSecOps landscape. Our new platform empowers developers, unifies teams, and accelerates innovation while offering unprecedented flexibility and choice."

Automation is helping teams improve software quality and reduce costs, yet organizations have only automated 56% of their DevOps lifecycle.
Release of first significant open source developer platform in nearly a decade offers a unified solution for source code management and CI pipelines, improving collaboration, enhancing security, and automating tasks in software development workflows.
Veracode has released research indicating applications developed by organisations in Europe, Middle East and Africa tend to contain more security flaws than those created by their U.S. counterparts.
Hornetsecurity’s essential guide to Microsoft 365 will assist companies with navigating M365 and successfully transitioning to the cloud.
Salesforce is migrating more than 200,000 systems from CentOS Linux to Red Hat Enterprise Linux 9, building on the world’s leading enterprise Linux platform to streamline IT operations and enhance customer experiences.
CloudBees has introduced significant performance and scalability breakthroughs for Jenkins® with new updates to its CloudBees Continuous Integration (CI) software.
Copado has launched the Copado 1 platform, said to be the only turnkey end-to-end DevOps solution for Salesforce.
GitLab survey finds organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training.