search menu icon-carat-right cmu-wordmark

Measuring DevSecOps: The Way Forward

October 2021 Podcast
William Nichols, Hasan Yasar

Bill Nichols and Hasan Yasar discuss the ways in which DevSecOps practices yield valuable information about software performance that is likely to lead to innovations in software engineering metrics.

“There are a lot of metrics that are being used, but you have to think about them in terms of the right questions. What are you trying to answer? What do you want to know? And if you don’t understand what your fundamental questions are, all that data can really just lead you down the rabbit hole.”

Publisher:

Software Engineering Institute

Listen

Watch

Abstract

In this SEI Podcast, Bill Nichols and Hasan Yasar discuss DevSecOps metrics with Suzanne Miller. DevSecOps practices, made possible by improvements in underlying technology that automate the development-to-production pipeline, can generate more information about development and operational performance than has ever been readily available before. Nichols and Yasar discuss the ways in which DevSecOps practices yield valuable information about software performance that is likely to lead to innovations in software engineering metrics. 

About the Speaker

William Nichols

William Nichols

William “Bill” Nichols joined the SEI in 2006 as a senior member of the technical staff and served as a PSP instructor and TSP coach with the Team Software Process team. Prior to joining the SEI, Nichols ...

William “Bill” Nichols joined the SEI in 2006 as a senior member of the technical staff and served as a PSP instructor and TSP coach with the Team Software Process team. Prior to joining the SEI, Nichols led a software development team at the Bettis Laboratory near Pittsburgh, where he had been developing and maintaining nuclear engineering and scientific software for 14 years. Publication topics include the interaction patterns on software development teams, design and performance of a physics data acquisition system, analysis and results from a particle physics experiment, and algorithms development for use in neutron diffusion programs, effectiveness of software security tools, and software quality economics. Nichols has a doctorate in physics from Carnegie Mellon University.

Read more
Hasan Yasar

Hasan Yasar

Hasan Yasar is the technical director of the Continuous ...

Hasan Yasar is the technical director of the Continuous Deployment of Capability group in the Software Solutions Division of the SEI. Yasar leads an engineering group to enable, accelerate, and assure transformation at the speed of relevance by leveraging DevSecOps, Agile, Lean, artificial intelligence/machine learning, and other emerging technologies to create a smart software platform/pipeline. He has more than 25 years’ experience as a senior security engineer, software engineer, software architect, and manager in all phases of secure software development and information-modeling processes. He is also Adjunct Faculty member in CMU Heinz Collage and Institute of Software Research where he currently teaches “Software and Security” and “DevOps: Engineering for Deployment and Operations.”

Read more