Tech News

CloudBees Updates Jenkins and Offers New DevSecOps Platform

CloudBees has announced major performance and scalability enhancements to its widely used Jenkins CI/CD software, as well as a new DevSecOps solution based on Tekton.

The updates are part of the CloudBees CI (https://www.cloudbees.com/capabilities/continuous-integration) enterprise version of Jenkins and include features such as workspace caching, pipeline explorer, and high-availability mode, which aim "to reduce build times, speed up troubleshooting, enhance controller efficiency, and maximize uptime," the announcement says (https://www.cloudbees.com/blog/biggest-update-for-jenkins-in-over-a-decade-with-cloudbees-ci).

The new cloud-native DevSecOps platform (https://www.cloudbees.com/products/saas-platform) "uses a GitHub Actions style domain-specific language (DSL) and adds feature flagging, security, compliance, pipeline orchestration, analytics and value stream management (VSM) into a fully-managed single-tenant SaaS, multi-tenant SaaS or on-premise virtual private cloud instance," according to the announcement (https://www.cloudbees.com/newsroom/cloudbees-announces-new-cloud-native-devsecops-platform).

Additionally, the platform puts the focus on the emerging role of platform engineering, which "brings together multiple roles such as site reliability engineers (SREs), DevOps engineers, security teams, product managers, and operations teams."

Linkerd 2.14 Released with Improved Multi-Cluster Support

The latest release of the Linkerd (https://linkerd.io/2.14/overview/) service mesh for Kubernetes features improved support for multi-cluster deployments on shared flat networks, full gateway API conformance, and much more.

Shared flat network architecture is increasingly common in enterprise environments, according to the announcement (https://www.cncf.io/blog/2023/09/18/announcing-linkerd-2-14-improved-enterprise-multi-cluster-gateway-api-conformance-and-more/), and it "allows pods in different clusters to establish TCP connections with each other."

"Importantly, this new multi-cluster support retains a critical aspect to Linkerd's design: independence of clusters as a way of isolating security and failure domains. Each cluster runs its own Linkerd control plane, and the failure of a single cluster cannot take down the service mesh on other clusters," the announcement says.

NIST Releases Draft of Cybersecurity Framework v2.0

The National Institute of Standards and Technology (NIST) has released a draft of the Cybersecurity Framework (CSF) 2.0 (https://csrc.nist.gov/pubs/cswp/29/the-nist-cybersecurity-framework-20/ipd). The framework was first released in 2014 to help organizations understand cybersecurity risk.

"The NIST Cybersecurity Framework 2.0 provides guidance to industry, government agencies, and other organizations to reduce cybersecurity risks. It offers a taxonomy of high-level cybersecurity outcomes that can be used by any organization – regardless of its size, sector, or maturity – to better understand, assess, prioritize, and communicate its cybersecurity efforts," according to the framework abstract.

NIST is accepting public comment on the draft framework until Nov. 4, 2023, according to the announcement (https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework), but does not plan to release another draft. "A workshop planned for the fall will be announced shortly and will serve as another opportunity for the public to provide feedback and comments on the draft. The developers plan to publish the final version of CSF 2.0 in early 2024."