Is your DevOps security ready for cyber threats? Embrace these best practices and make security your competitive advantage. DevOps, a set of practices that combines software development (Dev) and IT operations (Ops), has revolutionized the way organizations build, deploy, and maintain software. With the rise of cloud computing, there was a need for faster and more reliable software delivery than traditional software development methodologies allowed. DevOps was the natural evolution.

Cortex has received our ISO 27001 certification via Prescient Security. This milestone reinforces our dedication to providing the highest standards of information security for our clients and partners. For engineering leaders and teams who rely on Cortex to streamline development, this certification underscores the trust they can place in us to protect their data at scale.

Managing IT infrastructure has traditionally been a complex, manual process prone to inefficiencies and human errors. IaC directly addresses these challenges by automating the setup and management of IT infrastructure through code. This approach helps to resolve common infrastructure management problems like lengthy deployment times, configuration drift, and inconsistent configurations.

After an incredible week at IDPCon, we're excited to share one of the major announcements we unveiled during the event: the General Availability (GA) of Cortex Workflows with advanced Role-Based Access Controls (RBAC). One of the most highly requested features for Cortex Workflows, advanced RBAC gives you complete control over who can view, edit, and run workflows, supporting enterprises that deal with sensitive operations.

In 2024, there’s no shortage of tools to help engineering teams track team health, productivity, or efficiency. But the problem with those solutions has been two-fold. First, most only track “output” metrics, with no insight into what’s causing teams to ship slower, or resolve fewer incidents. Second, these tools lack flexibility in data inputs and metric definitions, preventing teams from building their own unique measures of excellence.

Engineering teams are always shipping something—new services, resources, models, clusters, etc. You probably have a set of standards you expect developers to abide by when doing that work, like adequate testing, code coverage, resolution of outstanding vulnerabilities, etc. But how are you actually tracking and enforcing those standards? Without an Internal Developer Portal, you might find that to be an incredibly manual effort.

This month marks a huge milestone for us at Cortex. We’re excited to announce that ServiceNow, the global leader in digital workflows, has invested in our Series C funding round. Together, we’re pushing forward with our mission to unify tech operations at the enterprise through our industry-leading Internal Developer Portal (IDP).

Let’s be honest: platform engineering is evolving fast, and a lot of teams are being forced to write the rules while still collecting context. Plenty of terms and topics are still up for debate—from, “Is this just DevOps 2.0?” to “How much abstraction is too much?" In this blog we pulled together 10 of the biggest topics being debated today. While we may not have all the answers, we think just getting up to speed on what's left to decide helps all of us get better.

The most time-consuming part of incident resolution is a data problem. Who owns this service? What's it made of? What are the dependencies? Where are the run books? Learn how Cortex cuts incident response time and prevents new issues with up-to-date ownership, reliable runbooks, and Scorecards that drive continuous improvement.

Code, deploy, repeat. As a developer, your days are a whirlwind of Git commits, pull requests, and CI/CD pipelines. In the rush to ship new features and hit those sprint goals, it's easy to overlook the less glamorous aspects of software maintenance. But one often-neglected practice could be the difference between a stable, secure system and a compromised system. Enter patch management, a key DevOps tool in your arsenal to safeguard your systems.