It is generally acknowledged that keeping up with DevSecOps while scaling up a company headcount comes with its share of issues and headaches. How do you keep on improving your velocity without compromising your security?
At Coveo, we come from a culture that encourages diversity, both in the technology we use and the workforce we hire. This means that you can have a microservice architecture running in the cloud composed of Java backend application, a Typescript frontend, .Net Core crawling services, Go servers & Python lambdas, all working together in harmony across a global infrastructure to provide relevance and efficiency to our clients.
Deploying such a varied ecosystem, while embracing the shift-left philosophy, is challenging, and forced us to innovate on new tools for our developers to succeed. We needed a system to package the builds, validate them for functionality and security, and deploy the application in our different environments while maintaining security and velocity. Thus was born our Deployment Pipeline with Snyk built into the core of it. Join this SnykCon session to learn about the journey that ultimately made us more reliable, more efficient, and more secure.
Learn even more – check out Snyk’s DevSecOps Hub for resources and tips you can implement:
Why you should implement an automated code review process
Conducting an automated code review is an essential step in creating a high-quality, secure application. With the potential for human error during development, implementing best practices for a systematic code review is a powerful step toward improving software quality. While a manual review leverages the expertise and skill of the code review team, the possibility...