SEI Staff to Demo Polar Tool at RSA Conference
2024
PITTSBURGH, May 6, 2024
/PRNewswire/ -- While DevSecOps practices can help solve
difficult service problems related to resilience, security, scale,
and agility, they may lead to complex deployment pipelines that are
built from many different solutions and tools, each of which comes
with its own inherent complexity and cost to adopt. To help
DevSecOps teams deal with this complexity, the Software
Engineering Institute at Carnegie
Mellon University today announced the release of a tool to
give a comprehensive visualization of the complete DevSecOps
pipeline.
Software Engineering Institute Staff to
Demo Polar Tool at RSA Conference 2024
The tool, called Polar, is an observability framework that
provides a comprehensive picture of a software system's deployment
platform. Polar unlocks data that is captured by disparate tools
within an organization, helping to answer complex questions about
performance and security that are crucial for real-time
decision-making and agility in the face of threats.
"Today's DevSecOps pipelines are complex, and every
environment is different," said Morgan
Farrah, assistant technical engagement lead in the SEI
Software Solutions Division. "A common problem many DevSecOps users
face is figuring out the relationships and integrations among all
the disparate and changing components of their systems. Polar
brings visibility into these systems by communicating with and
building a graph model of any networked data source that is useful
for decision making. This means users can make decisions using
real-time information from the components of their entire DevSecOps
organization."
The number and types of stakeholders that require
information about the DevSecOps pipeline can be broad. On a
technology level, visibility into the pipeline is difficult because
the data needed by different stakeholders is often held in many
different systems, with many different means for accessing it, and
no obvious way to use the information in one system to help answer
questions and solve problems.
The Polar tool dynamically maps the relationships in this
complex infrastructure and provides visibility into components that
previously seemed unrelated. This kind of visibility can help users
diagnose and track down problems when they arise.
"Polar adapts to changing data sources and represents the
interconnected data in a central knowledge graph that closely
models the way the organization thinks about its own data, unlike
many representations created by product vendors," said Joseph Yankel, senior engineer at the SEI. "This
means queries return information about the real-time state of the
organization's data. The information graphs Polar provides can be
used to build automation, monitoring, and alerting; to discover
cost centers, reduce duplication, visualize end-to-end tool
integration, and manage licensing; and to provide many more
insights."
SEI staff will be on hand at the RSA Conference 2024 to
demonstrate Polar in booth No. 1743 (Moscone South).
See the schedule for booth talks on the SEI's RSA
Conference participation website. For more information about
how Polar works and how it was developed, see the SEI Blog post
Polar: Improving DevSecOps Observability.
To download Polar visit the Carnegie Mellon Software
Engineering Institute's Github site.
About the Carnegie Mellon
University Software Engineering
Institute
Always focused on the future, the Software Engineering Institute
(SEI) advances software as a strategic advantage for national
security. We lead research and direct transition of software
engineering, cybersecurity, and artificial intelligence
technologies at the intersection of academia, industry, and
government. We serve the nation as a federally funded research and
development center (FFRDC) sponsored by the U.S. Department of
Defense (DoD) and are based at Carnegie Mellon
University, a global research university annually rated
among the best for its programs in computer science and
engineering. For more information, visit the SEI website at
http://www.sei.cmu.edu.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/new-sei-tool-brings-visibility-to-devsecops-pipelines-302136761.html
SOURCE Carnegie Mellon University
Software Engineering Institute