There is a constant demand for changes and quicker time to market with SAP’s core business platform. As a package, SAP has worked to build self-contained tools to manage the application lifecycle. Now, with the advent of DevOps, SAP has kickstarted its agility journey by launching its Activate Methodology and embracing open-source toolsets to amplify its lifecycle management capabilities. Riding on DevOps’ value, security considerations are now being built at the beginning of the design stage and through production deployment. Code vulnerability, general data protection regulation compliance and information lifecycle management have become key design considerations for enterprise applications. Various SAP tools like IDM, ILM, GRC, CVA, Onapsis and more help manage the different security requirements throughout the development lifecycle. Ever since SAP’s Cloud Platform was reinforced with open integration, we see increased adoption of DevOps across SAP ecosystems. DevSecOps-enabled SAP Project delivery ensures faster, frequent deployments and makes systems more secure, reliable and efficient. Native toolsets like SAP’s Focused Build, Solman change request management, CTS+ and SAP TAO are now widely used in DevSecOps deployments. These integrated toolsets are being amplified by operations support systems (OSSs) like Jenkins, partner tools like Virtual Forge CodeProfiler, Rev-Trac, Infosys DevOps Platform (IDP), Jira, Rally and more.
A leading luxury automobile manufacturer utilized DevOps to deploy five production releases in one month with 85% First Time Right accuracy aided by Infosys’ IDP, Jira and HP ALM test management tool. Over two years, they achieved a 40% increase in sprint velocity and 100% automated regression testing.
DevSecOps is increasingly becoming the core element of Salesforce ecosystems. The Salesforce platform has long been known for its strong security capabilities and ability to govern the access of hosted data. However, certain dimensions of DevSecOps must be addressed by vendors, such as the lack of inbuilt version control of metadata. But as the platform continues to expand and evolve, Salesforce is renewing its attention on DevSecOps and maturing its current capabilities. New tools like Salesforce DX, scratch orgs, inbuilt data masking and DevOps Center aim to strengthen their platform further. The platform’s rich set of APIs promotes partner framework adoption, and their open-source framework offers wellrounded, sophisticated DevSecOps capabilities for any size implementation.
Infosys worked with a leading North American financial services company to build a sophisticated DevSecOps framework with a higher level of automation. Inbuilt platform capabilities combined with third-party tools now provide the client with deep insights and integrated tracking of DevSecOps processes.