DevSecOps for packages

Trend 5: Increased DevSecOps adoption in the SAP ecosystem

There is constant demand for upgradation and quicker time to market with SAP's core business platform. As a package of offerings, SAP has worked to build selfcontained tools for ALM. With the advent of DevOps, SAP has kick started its agility journey by launching Activate Methodology. It is embracing open-source tool sets to amplify life cycle management capabilities. Riding on DevOps' value, security considerations are now built at the beginning of the design stage and through production deployment. Code vulnerability, general data protection regulation compliance, and information life cycle management have become key design considerations for enterprise applications. Various SAP tools like IDM, ILM, GRC, CVA, and Onapsis help manage different security requirements throughout the development life cycle. SAP has enhanced its operations support system (OSS) integration through SAP BTP. Cloud connectors of SAP BTP provide a seamless integrated DevOps in SAP. DevSecOps-enabled SAP Project delivery ensures faster and more frequent deployments. It makes systems more secure, reliable, and efficient. Native tool sets like SAP's Focused Build, Solman change request management, CTS+, and SAP TAO are now widely used in DevSecOps deployments in conjunction with abapGit. These integrated tool sets are being amplified by OSSs like Jenkins and partner tools like Virtual Forge CodeProfiler, Rev-Trac, Infosys DevOps Platform (IDP), Jira, Rally, and more.

A leading luxury automobile manufacturer deployed five production releases in a month with 85% first-time right accuracy, utilizing Infosys' IDP, Jira, and HP ALM test management tools. Over two years, the client achieved a 40% increase in sprint velocity and 100% automated regression testing.

DevSecOps for packages

Trend 6: End-to-end, inbuilt platform capabilities strengthen

DevSecOps is increasingly becoming the core element of Salesforce ecosystems. The Salesforce platform has long been known for its strong security capabilities and the ability to govern the access of hosted data. However, vendors must address certain challenges associated with DevSecOps, such as the lack of inbuilt version control of metadata. As the platform continues to expand and evolve, Salesforce is focusing more on DevSecOps and maturing its current capabilities. New tools like Salesforce DX, scratch orgs, inbuilt data masking, and DevOps Center aim to strengthen the platform further. The platform's rich set of APIs promotes partner framework adoption, while its opensource framework offers well-rounded, sophisticated DevSecOps capabilities for any size implementation.

A leading North American financial services company, in partnership with Infosys, built a sophisticated DevSecOps framework with high automation. Inbuilt platform capabilities combined with third-party tools provided deep insights and integrated tracking of DevSecOps processes.