August 27, 2024

Automating ServiceNow Pipelines: A Call to Action From the CrowdStrike Disaster

Scott Willson

The CrowdStrike disaster in mid-July serves as a stark reminder of the catastrophic consequences that can arise from derelict software development and deployment practices. When CrowdStrike, a leading cybersecurity company, released a faulty software update, it resulted in a worldwide outage, affecting 8.5 million Windows devices and causing significant disruption across various industries, including banks, airlines, retailers, and hospitals. The root cause was a configuration file update that led to a Null Pointer Exception (NPE) without appropriate exception handling.

A Scenario Closer to Home

While ServiceNow teams might not deal directly with cybersecurity threats, the CrowdStrike incident underscores the importance of following and enforcing best practices to avoid outages, errors, and conflicts. These issues can cause ServiceNow developers to spend excessive time troubleshooting, time that could be better spent developing new update sets and applications.

Imagine deploying a problematic plugin to production, which causes a significant issue and results in a multi-week code freeze while the issue is troubleshooted and resolved. How can such an event occur? We see a couple of common scenarios:

  1. Since non-prod instances are not production-like, the plugin didn't cause problems in lower environments, providing a false positive sign that it would work in production.
  2. Developers bypassed non-production instances and deployed the plugin directly into production first - aka cowboy deployment.

The Importance of Production-Like Environments

Addressing the first scenario is the necessity of ensuring that non-production instances are as production-like as possible. Most ServiceNow customers assume the way to accomplish this is by regularly cloning. However, cloning is time-consuming and also requires developer downtime.

Controlled Instance Synchronization provided by xtype's Instance Management Platform ensures all instances are as production-like as possible, reducing the likelihood of false-positive issues. As update sets are deployed to one instance, all other instances are bi-directionally synchronized with this same update set.

Automating the Pipeline: The Key to Consistency and Reliability

A primary takeaway from the CrowdStrike disaster is the critical need to automate the software delivery pipeline. A pipeline is the process that developers use to move code to testing, deploying, and maintaining it. While this sounds straightforward, many developers skip parts of the process, particularly when under pressure to deliver quickly. This tendency to take shortcuts can lead to catastrophic failures.

Automating the pipeline ensures that no steps are skipped and imposes a rigorous structure that helps catch errors early. This automation is essential for large organizations where ad hoc changes are not allowed. Automation ensures speed, reducing the desire to skip best practices when under pressure.

The Role of xtype's Instance Management Platform

Automating the delivery pipeline for ServiceNow teams is essential for avoiding unplanned errors, cowboy deployments, and code freezes. xtype's Instance Management Platform provides the tools necessary to achieve this automation, ensuring that the pipeline is both unskippable and efficient.

Key Features of xtype's Instance Management Platform:

  1. Visibility: xtype offers real-time visibility into all ServiceNow environments, enabling teams to identify and address issues promptly. This real-time feedback ensures that potential problems are detected early, reducing downtime and improving overall performance.
  2. Governance: xtype enforces standardized processes across all instances, ensuring that best practices are followed consistently. This includes role-based access control and immutable audit trails that track all changes made to ServiceNow environments.
  3. Automation: xtype integrates automated quality checks, approval gates, and instance scans into the deployment process. This automation ensures that every update meets high-quality and security standards, reducing the risk of production failures.

The Benefits of Automating ServiceNow Pipelines

By automating the ServiceNow delivery pipeline with xtype, organizations can achieve several critical benefits:

  • Reduced Risk of Errors: All updates are thoroughly vetted before deployment, reducing the likelihood of errors and production failures.
  • Faster Delivery: Standardized workflows and automated processes accelerate the deployment process.
  • Improved Compliance: Governed deployment flows ensure that updates adhere to organizational policies and regulatory requirements.
  • Operational Efficiency: Automation reduces the manual effort required for deployments, allowing teams to focus on strategic initiatives and improving overall operational efficiency.

Conclusion

The CrowdStrike disaster is a rallying cry for ServiceNow teams to automate their delivery pipelines. Automating the pipeline ensures that best practices are followed consistently, reducing the risk of errors and production failures. xtype's Instance Management Platform provides the means necessary for achieving this at scale.

Get the free ebook

xtype's 6 Principles to ServiceNow Platform Engineering Success

Instant Demo

Check out how xtype provides the ability to meet ANY level of demand from the business on the ServiceNow platform.

Your one-stop destination for the latest and greatest happenings at xtype.

Previous article
Back to all articles

Not enough people in the platform team?

Loved by Platform Architects, Trusted by Platform Owners and the Business