Release and Deployment Management

---

Release management (RM) is a software engineering process concerned with arranging all required elements to successfully, repeatably, and verifiably deploy new software versions.

• scope includes
  • planning
  • scheduling
  • deploying
  • maintenance
• encompasses environments that code passes through
  • development
  • QA
  • staging
  • production
• the progression of code and related activities from requirement to coding, testing, and production is known as the pipeline
• each release should have a rollback process in place

DevOps Security

DevOps aims to create cross-functional teams to ensure smoother, more predictable software delivery by encouraging tighter collaboration and more feedback.

• bridges development and operations teams with software development to improve release process
• agile development has increased need for devops
• CI/CD incorporates heavy use of automation to shorten the software delivery pipeline
• goal is to get newly developed software live and running as quick as possible
  • automated testing is used extensively
• security is reevaluated to identify how it can be incorporated to CI/CD pipeline
• security automation in CI/CD pipeline must include administrative and technical controls
  • e.g.,
    • administrative: check new software has requirements and approvals, all processes have been followed
    • technical: static code analysis, vulnerability scan