Well, to be honest, I don’t hate them. However, upgrading software, any software, isn’t always a simple task. To start with, organizations often need to write up a statement of work (SOW) designed to explain the entire upgrade process, taking into account all the things that might (and probably will…let’s face it) go wrong. Plan for the worst and hope for the best is advice that clearly should be taken to heart, in light of even the most minor upgrade. And to make things even worse, many upgrades require a restart or reboot, and often induce some sort of outage and downtime.
As a result, and in the context of an organization’s critical IT systems, upgrades often require after-hours work. Normally, it starts with diverting traffic to a redundant or secondary site, performing the upgrade on the primary site, testing the outcome, and then diverting traffic back to the primary site. Often, and to ensure all systems are running the same updated versions, the secondary site would have to be upgraded as well.
Once the secondary site was upgraded, operators would then divert traffic from primary to secondary and back again, to guarantee everything would work if there was an unplanned outage outside of the upgrade window. And then, the “fun” starts. Every software upgrade (major or minor) brings all the improvements and also, lots of uncertainty. The hope is that all the previous system-integrations and features will only get enhanced, and not get broken. So… this is why I (often) hate software upgrades.
But guess what? Not all upgrades are created equal. Our mission at Checkmarx, is to help organizations deliver secure software at scale. We work closely with the developer community to develop software and methods that integrate seamlessly into their day-to-day activities. When Checkmarx provides an upgrade or update, you are guaranteed that something is going to be vastly improved that makes the jobs of developers and AppSec teams better. So… what is this is all about?