bfullerSeems like some of the dust has settled around Crowdstrike. I’ve been pleased with the content talking about better preventative steps and guardrails related to their Root Cause Analysis. The Next Wave of DevOps companies I’ve identified over the past two years are going to be critical in avoiding these kinds of outages in the future. Their tools are adjusting, recalibrating, and reimagining how we do work.
Stop Shifting Responsibilities and Start Working Holistically
All this shifting to the left missed the most important aspect, the prevention, guardrails, and socio-technical. Unless and until we put those elements front and center we’ll continue to have massive outages. The Next Wave companies remind me of the Incident Response motto of “slow is smooth and smooth is fast”. So maybe instead of us failing fast, we need to go slow to go fast.
Automation doesn’t mitigate complexity, it merely allows us to do more complex things faster and at scale. DevOps is about streamlining the socio-technical. It’s security as nurturance. Coding best practices and insights, guardrails for your infrastructure whether that is as code or from code. It incorporates policies and runbooks out of the gate. Reliability and Scalability are first class citizens in the Next Wave. It means we continue to focus on Observability and Telemetry, while adding Internal Discoverability.
Internal Discoverability’s place within the Next Wave of DevOps
The Next Wave of DevOps companies are making the hard parts more approachable. Internal discoverability gives you insights into your risk and environment management health, with release management health acting as the perfect complement.
Internal Discoverability’s risk assessment framework provides situational awareness regarding where guardrails are in place, complexity of code, and traditional risk factors like vulnerabilities. Allowing you to see, for example, if you have a linter, tests, and how many dependencies of and on are associated with the code in question. So you can traverse your technical estate and see the hot spots to better understand your potential risk and steps to mitigate.
In a lot of ways an outage as impactful as Crowdstrike was inevitable. We’ve been moving so fast as an industry, shifting responsibility from team to team. Forcing everyone to become generalists which removes experts. We cut out the experts who understand that slow is smooth and smooth is fast. They understand that the appropriate guardrails and preventive measures while “boring” can keep you out of the news for the wrong reasons. We need that.
I’m proud to be CEO of 3Mór where we are creating and defining Internal Discoverability. We are still in stealth mode but I believe we’re better together, so sign up to learn more and help shape what’s next.
If you aren’t already following some of these companies I encourage you to do so. Try them out and share your experiences.
Anyshift.io
AppCD
AppMap.io
CloudTruth
Dagger.io
DryRun Security
Overmind
Prequel
RunWhen
Stanza
Photo courtesy of WOC in Tech
