SEI Staff to Demo Polar Tool at RSA Conference 2024
PITTSBURGH, May 6, 2024 /PRNewswire/ — While DevSecOps practices can help solve difficult service problems related to resilience, security, scale, and agility, they may lead to complex deployment pipelines that are built from many different solutions and tools, each of which comes with its own inherent complexity and cost to adopt. To help DevSecOps teams deal with this complexity, the Software Engineering Institute at Carnegie Mellon University today announced the release of a tool to give a comprehensive visualization of the complete DevSecOps pipeline.
The tool, called Polar, is an observability framework that provides a comprehensive picture of a software system’s deployment platform. Polar unlocks data that is captured by disparate tools within an organization, helping to answer complex questions about performance and security that are crucial for real-time decision-making and agility in the face of threats.
“Today’s DevSecOps pipelines are complex, and every environment is different,” said Morgan Farrah, assistant technical engagement lead in the SEI Software Solutions Division. “A common problem many DevSecOps users face is figuring out the relationships and integrations among all the disparate and changing components of their systems. Polar brings visibility into these systems by communicating with and building a graph model of any networked data source that is useful for decision making. This means users can make decisions using real-time information from the components of their entire DevSecOps organization.”
The number and types of stakeholders that require information about the DevSecOps pipeline can be broad. On a technology level, visibility into the pipeline is difficult because the data needed by different stakeholders is often held in many different systems, with many different means for accessing it, and no obvious way to use the information in one system to help answer questions and solve problems.
The Polar tool dynamically maps the relationships in this complex infrastructure and provides visibility into components that previously seemed unrelated. This kind of visibility can help users diagnose and track down problems when they arise.
“Polar adapts to changing data sources and represents the interconnected data in a central knowledge graph that closely models the way the organization thinks about its own data, unlike many representations created by product vendors,” said Joseph Yankel, senior engineer at the SEI. “This means queries return information about the real-time state of the organization’s data. The information graphs Polar provides can be used to build automation, monitoring, and alerting; to discover cost centers, reduce duplication, visualize end-to-end tool integration, and manage licensing; and to provide many more insights.”
SEI staff will be on hand at the RSA Conference 2024 to demonstrate Polar in booth No. 1743 (Moscone South). See the schedule for booth talks on the SEI’s RSA Conference participation website. For more information about how Polar works and how it was developed, see the SEI Blog post Polar: Improving DevSecOps Observability.
To download Polar visit the Carnegie Mellon Software Engineering Institute’s Github site.
About the Carnegie Mellon University Software Engineering Institute
Always focused on the future, the Software Engineering Institute (SEI) advances software as a strategic advantage for national security. We lead research and direct transition of software engineering, cybersecurity, and artificial intelligence technologies at the intersection of academia, industry, and government. We serve the nation as a federally funded research and development center (FFRDC) sponsored by the U.S. Department of Defense (DoD) and are based at Carnegie Mellon University, a global research university annually rated among the best for its programs in computer science and engineering. For more information, visit the SEI website at http://www.sei.cmu.edu.
SOURCE Carnegie Mellon University Software Engineering Institute