We are proud to congratulate the Infused Innovations engineering team for their continued demonstration of expertise across the Microsoft cloud ecosystem. As Infused Innovations expands its service offerings into new areas, we have taken a three-pillar approach to our internal processes: automate for agility & consistency, deploy to the cloud for availability, and make sure all workflows are auditable for security. Fortunately, there’s already a buzz phrase to sum all of that up: Azure DevSecOps. Which fits in perfectly with our new gold competency.
What is Azure DevSecOps?
Azure DevSecOps allows Infused Innovations to deliver innovation faster, with consistent results, and higher quality updates. In February of 2019, we completed the full migration of our cloud security orchestration, automation, and response platform—Secqur—to Azure DevOps. This allows us to rapidly iterate through security policies to quickly respond to new MITRE attacks. Thanks to the Microsoft Intelligent Security Graph and Microsoft’s purchase of GitHub, there is tight integration between everything Microsoft.
A few core services in Azure Devops include:
- Azure Kubernetes Service (AKS) allows us to provision AKS clusters rapidly with control plane telemetry and Terraform integration.
- Azure Container Registry (ACR) is used to manage Docker images.
- Azure Boards are used for project management, task assignments, and bug tracking to name a few features. I find the burn down charts the most helpful, as this allows us to accurately forecast release schedules.
- Azure Pipelines allow you to create YAML-defined build definitions for CI / CD to deploy to services like AKS.
- Azure Repos stores our entire code base. Our engineers use Git for pushing commits from Visual Studio.
- Azure Test Plans greatly reduce our delivery times by automating testing of new packages.
- Azure Artifacts allow us to share our packages with other tenants. We rely on this feature heavily for our Infrastructure-as-Code and security orchestration services.
- App Center provides Mobile Backend as a service for continuous crash logs, real-time analytics, and simplified cross-platform deployments.
Why did Infused Innovations choose Azure DevOps?
Because I’m tired of writing custom API integrations. (Joking.) But there are a number of time-saving workflows that you gain from standardizing on the services from a single vendor. As our CISO, I like that I can use Azure AD with MFA to protect all of our intellectual property. As a developer, I like the ease of native integration with Visual Studio. Finally, as a manager, I LOVE burn down charts. I use Azure Boards for everything, not just development projects. My personal home improvement list is a kanban board with swim lanes, feature dependencies, and most importantly, my wife doesn’t remember her password to assign me tasks. (Just kidding, I don’t use passwords.)
For our closing thoughts on why we chose Azure DevOps, I’d like to leave you with a phrase that I use regularly on our blogs: it works better together. Sure there is support for third-party solutions and you can spend hours trying to integrate overly complex “best of breed” products. But are those products still best of breed when you take into consideration all the effort needed to integrate them? Our philosophy of a Secure Modern Workplace isn’t a product—it’s a platform. A platform that enables you to innovate rapidly from anywhere in the world.
We’re integrating our managed Secqur Aether service with reports from Azure Sentinel. Managed Azure Sentinel services will be available to our clients on the same day that Sentinel is announced to General Availability.