Progress - Helping Businesses Grow Securely

  • Kavya Nambiar
  • Aug 16, 2021
  • Interviews
Progress - Helping Businesses Grow Securely title banner

The accelerated pace of digital transformation that the COVID-19 crisis brought about also brings with it several security challenges. Any company responsible for developing applications and software for businesses must contend with security challenges that the changing landscape brings, in addition to braving the difficulties of the pandemic.

 

The team at Progress recognizes the unique needs of their customers today, and as they have done for years before, they are helping businesses develop the software they need.

 

This interaction with Prasanna Anireddy, Senior Director, Core Products, Progress, delves into the company, the products and services they offer, and the security challenges in DevOps in recent times.

 

 

About Progress

 

Progress is a leading provider of products for developing, deploying, and managing high-impact business applications. Progress has been in the industry helping businesses big and small develop their applications since 1981. Anireddy says that the team is very excited about celebrating its 40th anniversary this year.

 

“While a lot has changed in the years, one thing has remained the same – our commitment to our employees, customers and partners. Today Progress provides the leading products to develop, deploy and manage high-impact business applications.”

 

The global presence of Progress has spread over the years and now more than 100,000 enterprises run their mission-critical business systems on Progress and over 6 million business users work with apps running on their technologies, Anireddy says.

 

 

Security Challenges in DevOps

 

The pandemic has seen companies go through so much digital change, focused on putting more of their activities into the cloud. 

 

“Cloud computing has helped enterprises improve scalability, collaboration, and resilience in their operations,” Anireddy comments. “We expect to see the trend continue for the foreseeable future which means that security of applications and platforms on the cloud will become even a more important concern for enterprises.“

 

( Recommended blog - The knitted relationship between Cloud Migration and Covid-19 )

 

There hasn’t been a corresponding growth in security solutions to tackle the growth in challenges. Anireddy says that security practices should be integrated into every stage of development to help businesses address security issues early on and improve compliance.

 

As teams that worked in silos will now have to integrate operations and collaborate in real-time, “organisations planning to roll out their DevSecOps approach will need a holistic approach that looks at the tools, processes and teams.”

 

“We believe the DevSecOps strategy is an ideal way to combine quality and security for businesses as several business leaders plan their post-pandemic crises recovery plans and lay the foundation for the future.”

 

There are many cases where flaws in security are revealed too late due to the fact that security needs remain on the back burner during the initial stages of software development. 

 

To tackle this, Anireddy thinks that organizations should adopt a security strategy that defines security practices during all phases of the SDLC (Software Development Lifecycle).

 

“For example, during design phase, expectations should be set on how to protect the service and the data in the application.” She explains. “Any open-source software that is expected to be used in the application should be evaluated for security compliance using Software Composition Analysis (SCA) tools.” 

 

Further, during development stages, Anireddy recommends the use of security scan tools for both Dynamic Application Security Testing (DAST) as well as Static Application Security Testing (SAST), to identify and remediate security vulnerabilities in the source.

 

“Security testing both using automated security testing tools as well as manual security testing should be part of the development and deployment process. Organizations can consider using an industry standard model like OWASP SAMM to analyze and improve their software security posture.”

 

( Recommended blog - Impact of COVID-19 on Security Analytics )

 

 

Progress- Products and Services

 

“Our products aim to make technology teams more productive and enable organizations to accelerate the creation and delivery of strategic business applications, automate the process by which apps are configured, deployed and scaled, and make critical data and content more accessible and secure.”

 

Anireddy talks about some of the key products and services that Progress provides, to illustrate the versatility and effectiveness of their product stack.

 

Chef helps “improve the lives of IT operators through software automation.” Progress had acquired Chef back in 2020, and it had been a leader in continuous automation and DevSecOps. She says that with Chef, “We help teams collaborate effectively and adopt a DevOps approach to deliver and maintain infrastructure and applications that are nimble and secure by design. Through that we help companies use technology to become fast, efficient and innovative software-driven organizations.”

 

The array of Chef products include the Chef Enterprise Automation Stack, Chef Infra, Chef InSpec, Chef Habitat, Chef Compliance and Chef Desktop.

 

“With Chef Enterprise Automation Stack, for example, teams can implement DevSecOps with a common approach for automating application delivery, infrastructure configuration and compliance auditing.”

 

Sitefinity from Progress “enables developers and marketers to deliver, optimize and scale personalized omnichannel user experiences through content management and data-driven insights.” With this CMS platform organizations can build and manage innovative, engaging customer experiences, based on personalization, where users are offered what they are interested in based on their previous behaviour.

 

According to Anireddy, what makes Sitefinity a preferred technology is that “it enables marketers to easily create and measure marketing campaigns without the constant need to rely on IT,” while at the same time, helping IT “boost their productivity even more through streamlining development tasks and solving technical challenges.”

 

Progress recently rolled out new capabilities enhancements to Sitefinity to help marketers deal with post-COVID reality. “People now expect to see in-person processes happening online 24/7 – from being able to book an appointment to making a payment to having a question answered,” she explains, “and organizations need a reliable and stable platform that supports them in meeting these expectations.”

 

“The latest in Sitefinity Insight, our SaaS analytics, personalization and optimization system, provides marketers with access to real-time data and analytical insights with which they can create tailored campaigns that offer users what they want to see based on their previous digital history.”

 

For instance, their new in-depth intel into personal profiles and lead scores helps companies create targeted programs and offerings to the right set of prospects to quickly engage and convert them to customers. “And of course, using the analytics capabilities to measure results, marketers can adjust their efforts as they run based on audience behaviour,” Anireddy adds. “We also announced new enhancements like simplified domain management in Sitefinity Cloud, our enterprise-grade PaaS.”

 

( Recommended blog - What is Platform-as-a-service (PaaS)? )

 

Progress launched new capabilities of MOVEit in May 2021, a secure and automated Managed File Transfer software.

 

“Progress MOVEt provides visibility across core business processes and enables compliant transfer of sensitive data between partners, customers, users and systems.”

 

Anireddy explains the benefits behind the new enhancements in MOVEit 2021, saying it “helps users transfer data and collaborate with each other even in a safer way while helping organizations improve business scalability and minimize IT burden.” According to her, the product “directly addresses the most critical market developments and top customer concerns in security, usability and integration through adding data encryption key rotation, MOVEit Transfer notification branding, REST API improvements and more.”

 

She goes on about the need behind developing and improving such a tool. “Secure file transfer is becoming more important in today’s hybrid work environment. When people work remotely, they can choose to use their own devices, apps, or services to send and receive sensitive data. Since most applications and services are in the cloud, users need proper authentication to access the necessary resources to do their jobs remotely.”

 

She also adds that organizations in sectors such as healthcare and finance are required to comply with specific data protection regulations which can be an additional challenge for remote workers.

 

“This is where MOVEit comes into play. It can help IT teams comply with data security requirements while enabling employees to work remotely without any threat to company and customer data.”

 

Other products and services offered by Progress include NativeChat, Corticon, UI/UX tools, and more.

 

( Recommended blog - What is Cybersecurity? Types and Importance )

 

 

Supporting the Developer Community

 

Progress is also known for its long-standing support of a vibrant developer community, formed around their developer product lines, Telerik and Kendo UI.

 

Anireddy says it’s their mission to empower developers to build high-performing, user-friendly and beautiful apps for any audience quickly. “Committed to driving innovation in the .NET space, we provide the industry’s largest UI component suite for Blazor, Microsoft’s framework that allow developers to build apps with the skills they have.”

 

“Being in touch with developer community is very important for us because it helps us better understand what developers need and also hear their feedback of our products. When the pandemic struck and in-person events were no longer an option, we created our own channel on the online streaming platform, Twitch, to keep in touch with our community.”

 

Furthermore, earlier this year, they launched a global hackathon, challenging developers to build apps to make the world a better place. Nearly 1,200 people from 83 countries, including India participated, and Anireddy says they were impressed by the level of innovation they saw. She cites yet another example with their annual developer conference DevReach which features some of the best tech experts in the industry as speakers and offers a forum for sharing and learning the latest in app development. 

 

 

The Future of Progress

 

In its 40 years, Progress has a long history of satisfied customers, around the globe and across industries, including finance, healthcare, manufacturing and many more. “Over 1,700 independent software vendors use our technologies to power their applications,” Anireddy says proudly. “It’s interesting that we are the largest software company which gets the majority of its revenue from other software companies. This leadership has led to a large global presence across many different company and organization types.”

 

The pandemic has only boosted their morale and dedication, and they are more committed to their customers than ever.

 

“We stay true to our goals to keep our employees and their families safe during this challenging time, to serve our customers and partners and help them succeed and continue our business growth.”

 

Their operations in India- two R&D centres in Bengaluru and Hyderabad- are crucial to the company’s global success, according to Anireddy. “We continue to expand our teams here through hiring more professionals to join us and develop cutting-edge technologies that set the pace in industry,” She says about their future plans. “We already have established teams developing leading technologies for application development, database management and data connectivity and are now looking for talent to lead the development for our DevOps and DevSecOps product portfolio.”

0%

Comments