Development Security and Operations (DevSecOps)
The IT industry today is undergoing an unprecedented transformation away from decades-old practices of manual configuration management, testing, and deployment of software to automation. We have been systematically building a workforce of automation engineers for this new era. Our DevSecOps services create a seamless pipeline from software development to deployment to operations support, and link together the previously distinct jobs of software developers and operations staff.
​
Red Cedar Consultancy, LLC's services include implementing DevSecOps pipelines to promote code using containers through multiple environments (e.g., development, test, staging, certification, stress, production). We set up and configure repositories (e.g., Git, Team Foundation Server, SVN), Continuous Integration/Delivery/Monitoring (CI/CD/CM) pipelines (e.g., Jenkins, Team Foundation Server), incorporate peer code review tools, automate configuration management on multiple servers (e.g., Puppet, Ansible), provide customers with visualizations of our CI/CD/CM pipeline performance to minimize time to deployment of new features, and more. A complementary focus area is building security in as we describe in our cybersecurity service area.
​
We offer a full range of testing services: smoke, functional, integration, regression, 508 compliance, performance, mobile, interface, exception, user acceptance testing etc. We offer extensive services to create test automation using major tools (e.g., Cucumber, Selenium, TestComplete, JUnit, NUnit, SoapUI). Our automation practices look at the entire software development lifecycle to get maximum benefit. As one example, we use behavior-driven development, in which our business analysts (during sprint grooming with Agile) or requirements analysis (Waterfall) define the features that customers desire in a formal language (e.g., Gherkin), from which we automatically generate overall testware using Cucumber and Serenity. Our test automation engineers then implement the testware in parallel as our software engineers implement the features. With Agile, we bring the tests and implementation together at the Sprint Review for automated acceptance test execution, and add the new tests to our Continuous Integration server. Not only does this approach minimize the time to develop and test new features, but we create an ever-growing fortress of automated testware that ensure that maintenance performed years form now does not break code written today.
​
We are agnostic to DevSecOps and automation infrastructure used for our customers. We offer a choice of pre-built environments that we can stand up internally or at customer premises for programs with sensitive applications, or we can set up the infrastructure in clouds (e.g., Azure and Amazon), or use cloud-hosted services (e.g., GitHUB, Heroku). We adopt best practices through our partnerships with industry leaders, such as Amazon Web Services and Red Hat OpenShift.