Deeper Dev(Sec)Ops Guidance in SAFe 5

Deeper Dev(Sec)Ops Guidance in SAFe 5


Hi folks,

Our recent 5.1 framework update included significantly more depth in the areas of DevOps and DevSecOps. We declared security a first-class citizen, added deeper technical guidance across 11 new practice domains, and described how DevOps increases flow, quality, and value through the entire development value stream. Of course, we have some fancy graphics that tie it all together too. Here is a brief walkthrough of what’s new…

The Big Picture now makes it clear that Continuous Exploration, Continuous Integration, and Continuous Deployment should occur in every Iteration and that the result is the ability to release on demand at any point in the PI (Figure 1).


Figure 1 – DevOps Enables On-Demand Releases Throughout the PI

The DevOps icon (Figure 2) on the Big Picture now stresses the importance of security and indicates that, in SAFe, it is implied that security is always built in. Clicking on the icon opens a new DevOps landing page. This page is the first article in a new three-part series on DevOps in SAFe. It introduces DevOps, pays tribute to the DevSecOps movement, and explains that DevOps fuels the Continuous Delivery Pipeline.

Figure 2 – DevOps Icon in the 5.1 Big Picture

This landing page also introduces the more comprehensive DevOps graphic in Figure 3, which relates the DevOps mindset and technical practices to continuous, customer-centric value delivery—all in one view. The graphic is complex, to be sure, but then again, so is scaling DevOps in the enterprise! This ‘meta model’ represents the people, practices, tools, and mindset required to fuel a culture of continuous learning and experimentation across the organization—a sort of ‘Big Picture for DevOps.’

Figure 3 – DevOps Meta Model

The second article in the series presents CALMR as the mindset that guides behavior and decision-making throughout the development value stream. It is an update to the original CALMR article that incorporates some of the latest DevOps trends.

Article three is a deeper dive into the technical skills and tools that power the Continuous Delivery Pipeline. Familiar DevOps concepts such as security-as-code, immutable infrastructure, test automation, containerization, observability, site reliability engineering, and many more are covered here and organized into eleven new DevOps practice domains, depicted as orange rings in Figure 3.

Achieving continuous, secure value flow in complex enterprise environments is not easy. This new material addresses this challenge by offering a DevOps-centric view of SAFe that makes it easier to understand how to apply the right technical practices and tools at the right times with the right collaborations.

Be sure to read the articles for more detail. If you need help applying these concepts in your organization, look no further than the Scaled Agile partner network. It contains some of the most talented DevOps coaches and implementers on the planet, many of whom influenced the development of this content.



Author Info

Marc Rix

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.