OMAHA, Neb.–(BUSINESS WIRE)–#DevOps—AgilityHealth®, the leading enterprise SaaS platform for measuring and accelerating Business Agility, announces the addition of Srikanth Victory to its executive team as CTO. As Chief Technology Officer, Srikanth will lead technology strategy and execution while operating the company’s platform and products. Srikanth is an industry thought leader, whose robust experience in leading large technology transformations, will strengthen AgilityHealth’s competitive advantage in Digital Transformation, Scalability, and Data Analytics. He will build and scale the company’s SaaS platform and take it to the next level of maturity–enabling the company to lead the market in enterprise Business Agility solutions. Previously Srikanth was System Vice President at CommonSpirit Health for Digital Products Implementation, where he led the implementation of digital health initiatives. He played a vital role in supporting divisional business units through the implementation of digital products, developing roadmaps, technology builds, and change enablement–which led to accelerating deployment, user adoption, and scalability of digital and other capabilities. In his previous roles, he delivered significant business outcomes with his expertise in software engineering, design, data, AI and analytics in retail (Walmart and Neiman Marcus) and consumer packaged goods (Kimberly Clark). His cross-industry experience in healthcare, retail, consumer, manufacturing, and e-commerce positions him for success in transforming and scaling the AgilityHealth platform. Mr. Victory added, “At first glance at AgilityHealth, I immediately felt a sense of awe, and I believe it could become an indispensable platform for every organization trying to build highly productive Agile teams. With my experience in multiple industries, I see how it will fit into any market, industry, or domain. There has been tremendous growth in the product resulting in measurable business outcomes, accelerated Business Agility, and increased efficiency. For companies to avoid disruption, they will need to deliver at speed, be customer-centric and adopt new ways of working at scale. AgilityHealth is the platform that can enable that.” Victory went on to say, “One of my favorite parts of this product is how it assesses the pulse of an organization by analyzing its performance in team health and maturity, team culture, agile talent and HR, DevOps practices, SAFe® (Scaled Agile® Framework), etc.” CEO, Sally Elatta shared, “From the first meeting with Srikanth I knew I was speaking to a thought leader, he understood what AgilityHealth does and started to immediately vision what it can do, it was inspirational and I’m really happy he’s part of the team that gets to make that vision a reality.” Srikanth is passionate about fostering human-centered digital and data-driven approaches through cultural change and is reshaping enterprise digital, technology, architecture, and software capabilities. Srikanth has two master’s degrees: one in Business Administration from Webster University, and another in Mathematics from the University of Madras (India). About AgilityHealth® AgilityHealth is the leading enterprise SaaS platform for measuring and accelerating Business Agility. The platform enables organizations to assess and mature their Agile teams, DevOps, Product, Portfolio, HR & Talent Agility across hundreds of technology and business teams using a combination of qualitative (maturity), quantitative (performance) and outcomes (OKR) metrics. It has the largest benchmark of enterprise agility data in the world and publishes research reports on agility industry trends. Contacts Sally Elatta email@example.com(402) 858-0529…
Machine learning pipeline architecture allows writing better codes for each chapter of an ML model.
Every year, all InfoQ editors invite seasoned developers and practitioners from the industry to discuss the current trends in the entire software development landscape. In this article, we discuss some of the .NET Trends for 2022, divided into four stages of adoption.
DoorDash recently revealed how they are using Filibuster, an automated fault injection tool, to identify resilience issues in microservice applications early on and improve platform reliability.
Axiata, Jio, Vodafone become first service providers to achieve new Running on ODA status 44 software providers map their solutions to ODA for pilot launch of…
Sunsetting legacy Cybersecurity Process for Better Optimization and Security ModernizationSunset in Carlsbad CaliforniaThe idea of “if it isn’t broken, don’t fix it” should not apply to cybersecurity. Most organizations develop three to five-year phasing plans for most IT and cyber products to align with the manufacturer’s end-of-development, end-of-support, and end-of-life product life cycles and keep up with the latest security risks.What if the process or product is not up to date or aligned with the current threat landscape and security breaches? Are most three to five-year products able to connect to emerging platforms, including Zero-trust, SASE, and enterprise identity management?When should organizations consider sunsetting processes?The cost of sunsetting security products, legacy applications, and legacy technology imposes a financial strain on every organization. Security professionals take one year or more just to deploy the newly acquired adaptive control capability. Once these security features become production ready, the organization may need to consider starting the sunsetting process if the new capabilities do not protect the organization from emerging threats or fail to align with business requirements.Separating Product Sunsetting from ProcessBefore considering sunsetting technology products, most SecOps and DevOps teams focus on evaluating and updating, if possible, legacy processes, including developing a legacy-system modernization workflow.Organizations should consider before”rip and replacement,” a painful and very traditional IT way of thinking, evaluate the various SecOps processes, including:Incident response capabilities for obsolete technologiesInterfacing with outside agencies, including federal and non-federal entitiesLive patching systems outdated technologiesContainer Security from the cloud service providerThreat modeling (Risk management, vulnerability, and penetration testing)By evaluating these processes, could an organization get more life out of the existing security and IT operations capabilities, or should they consider a rapid deployment of newer solutions to align with changing cybersecurity risks?What are economic security and technical debt?What is the cost of the organization to maintain its application security, network, cloud, identity, and risk management posture? How does the security posture with the overall financial implications to the organization’s bottom line?Security costs will change if the organization hires more employees or enters business markets. These business objective decisions require different security processes and adaptive control.Some organizations are impacted by snap decisions to deploy a quick fix answer to new security requirements or develop new software. This action often is referred to as “technical debt.” Is the organization accumulating technical debt by making quick decisions?Risk-based budget modeling alignment with cybersecurityDoes the organization align with a risk-based or general risk-based cyber budget model? A critical component of economic security is the operational cost of security.Organizations susceptible to an increased volume of cybersecurity attacks are challenged with developing an adequate economic model while coping with technical debt. Often organizations will leverage cybersecurity insurance and managed services to respond to the negative impact of current and future incidents.A critical part of achieving balanced security is for the organization to execute an architecture optimization. By breaking out the various architecture domains of the organization relating to risk and cybersecurity, including:SecOps Processes aligning to current adaptive control capabilitiesReportability into the GRC platform for risk matrix scoringThe risk of products going early end of lifeMSSPs failing to meet SLAs’Staying compliant with all the regulations required by the business groupsEnsure SecOps, DevOps, and NetSecOps are trained along with maintaining their certificationBy performing architecture solutions reviews by hardware or software vendors, systems, and process reviews, organizations can capture the economics of these systems while determining the cost business models and operational impact of sunsetting these capabilities in the manageable work cycle.The importance of developing a modernization strategyArchitecture-driven modernization around cybersecurity along with developing an ongoing modernization strategy helps organizations manage and prepare for emerging threats. Organizations continuously evaluate their risk, vulnerability, and threats by leveraging threat modeling. Once a vulnerability becomes a threat or exploited, using a continuous modernization strategy, sunsetting processes should be considered even if the function hasn’t been around for a long time.Compelling reasons for flexible sunsetting of cybersecurity processesDo the current SecOps and DevOps processes provide relevant and sustainable support for emerging threats, including ransomware, email phishing attacks, and social engineering? Are the current strategies aligned with a specific application architecture like an Oracle Fusion ERP or more broad-based to cover the entire organization?Many SecOps processes are categorized into specific components within the organization. If the organization has several compliance frameworks, including NIST-800–53, PCI, and FEDRAMP, does the organization have one set of procedures or individual processes?Sunsetting of processes could be done on a per domain or framework basis. If the organization in next year’s business plans to enter the Federal marketplace, adopting FEDRAMP for all cloud-based systems is a requirement.Would the organization use an architecture optimization to embed FEDRAMP processes into the existing legacy structure or consider whether they would look into approaches to legacy modernization to accommodate the new framework?Organizations weighing in on this decision also need the economic cost of keeping legacy and new security processes. Moving to FEDRAMP while maintaining a commercial presence, how would an organization maintain control cost while ensuring the highest degree of compliance governance and operational efficiency?Ensuring Situational awareness when considering the sunsetting process and capabilityThe decision to live in the Federal and commercial marketplace is financially impactful. Both markets require separate infrastructure along with particular operations models. National security systems have a different methods for handling data, opening support tickets, and executing patches and updates. Commercial systems also comply with privacy mandates and cybersecurity and infrastructure operating costs.Both environments also handle major incidents differently. In the federal space, if a contractor over vendor suffers a security breach with national security implications, the timeline of escalation and response is much faster and requires interfacing with several third parties. In the commercial space, these entities also interface with cybersecurity insurance carriers and law enforcement at different levels of escalation.Choice of when and why to sunset processes?Support a legacy Federal system? Need to comply with legal obligations to keep current systems operational longer than expected? New and emerging threats impacting the organization’s ability to obtain cybersecurity insurance?These challenges warrant an organization’s frequent evaluations of their SecOps, DevOps, and NetSecOps adaptive control and process. Any existing management or strategy that does not align with these business and security objectives should be considered for sunsetting.“Don’t fix it unless it is broken?” How do you know when your cybersecurity controls and process are broken?Only after a breach do you realize the importance of proactive sunsetting processes to align with emerging threats while maintaining strong governance around security economics.All the best,John…
SASE (Secure Access Service Edge), pronounced ‘sassy’, is an IT architecture that bundles network and security functions into a single platform.
Our Client in the Leading Automotive Industry is looking for an amazing individual that is embedded as a Kubernetes DevOps Engineer The ideal candidate should have: Create architecture components for Microservices Architecture, Cloud Architecture and Container Architecture Develop, test, and deploy work on Azure Platform At least 8 years’ worth of experience using C# or…
I designed event-driven architecture for our fintech software. It consisted of three parts. Part one had a sync process, and Parts two and…
Learn what an API layer is, some of the many benefits it can provide to your architecture, and how to implement it in React.
Upfront work in technical projects are 'shifting left' -- with more emphasis on planning, business use case analysis, architecture, and design.
This week's Java roundup for July 18th, 2022, features news from Oracle, JDK 18, JDK 19, JDK 20, Spring Boot and Spring Security milestone and point releases, Spring for GraphQL 1.0.1, Liberica JDK updates, Quarkus 2.10.3, CVE in Grails, JobRunr 5.1.6, JReleaser maintenance, Apache Tomcat 9.0.65 and 10.1.0-M17, Tornado VM on Apple M1 and the JBNC conference.
ENVIRONMENT: ELEVATE business growth through ensuring a consistent, scalable, and well-designed application, data and platform integration architecture as the next Integration Architect sought by a fast-paced & innovative Financial Institution. Your role will further be to enable the business and product teams to be more automated in creating platform solutions, ensuring applications are deployed effectively…
BLST Security recently released the latest version of its platform, enabling DevOps and Application Security teams to avoid API specification flaws. The BLST platform aims to help teams understand their APIs by creating an OpenAPI Specification table.
Azure recently announced the preview of new API backend options in Azure Static Web Apps. Developers can now create an end-to-end authenticated application calling APIs hosted on Azure App Service, Azure Container Apps, or Azure API Management.
AWS Step Functions is a serverless function orchestrator that makes it easy to sequence AWS Lambda functions and multiple AWS services into business-critical applications. AWS recently introduced a new experience to its Step Functions with Function Workflow Collections allowing users to create Step Functions workflows easier.
The ideal candidate should have: Knowledge and experience across the SDLC At least 4+ years of Python development experience Experience in Microservice development APIs (API Gateways, REST, Graph, grpc) Containerisation technologies knowledge (Kubernetes, Docker etc) Experience with security architecture & design principles CI/CD (Gitlab, Azure DevOps) Service Mesh (Linkerd) Message Queueing (Redis, RabbitMQ) Experience: Display…
Infrastructure as code is a way to speed up deployments while ensuring they remain consistent and easy to apply.
Recently Google announced the public preview of Advanced API Security, a comprehensive set of API security capabilities built on Apigee, their API management platform. With the new capability, customers can detect security threats more efficiently.
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process.
This year’s KubeCon was held from May 16th till May 20th in lovely Valencia, located on Spain’s east coast. Unfortunately, I could not be there in person to enjoy the wide sandy beaches, striking architecture, buzzing food scene, and culture. As a consolation, I did have a look at some of the newer options in Kubernetes as they relate to APIs. One of which is the Gateway API.
Organizations must rethink their enterprise architectures to nimbly deal with relentless change. Read an Accenture executive's take on achieving agility.
The Verica Open Incident Database (VOID) is assembling publically available software-related incident reports. InfoQ talks with Courtney Nash on their recent findings including how MTT* metrics may not be beneficial, the average time to incident resolution, and the importance of studying near-miss reports.
This article explores an SRE implementation where the operations team builds and runs the SRE infrastructure and the development teams build and run the services leveraging the SRE infrastructure. This SRE solution enables the software delivery organization to scale the number of services in operation without linearly scaling the number of people required to operate the services.
Domino is building out a new architecture to enable hybrid machine learning operations that run on-premises and across cloud providers, all controlled from a unified interface.