Skip to main content
DevOps icon showing cogs

This post is from the XebiaLabs blog and has not been updated since the original publish date.

Last Updated Jan 16, 2019 — DevOps Expert

How a Release Chain of Custody Secures the Software Delivery Process



If you’ve ever watched Law & Order or read a John Grisham novel, you probably know how important it is to record the chain of custody for a piece of evidence in a legal case. The chain of custody doesn’t just detect and prevent evidence tampering; it also establishes that the evidence is actually related to the crime in question.

In the world of software delivery, a release’s chain of custody is equally important. It represents everything about a release at any given time: the release tasks that are involved, when those tasks were executed, and who executed them. Just as the chain of custody for a piece of evidence involved in a legal case proves that that evidence was handled properly, the chain of custody for a release proves what happened, when it happened, and who made it happen. An accurate, visible chain of custody enables stakeholders across the organization to track features as they move from code to Production and to verify that required security, compliance, and quality checks are run during the release process. An immutable, detailed chain of custody is also crucial for completed releases because it ensures that teams can satisfy audit and regulatory requirements, even after the release is out the door and in Production.

Visualize the Release Chain of Custody with XebiaLabs

The XebiaLabs DevOps Platform secures the complete release chain of custody for all types of releases; from legacy applications running on-premises to next-gen apps running on public, private, or hybrid clouds. For example, the new deployment dashboard allows everyone involved in the software delivery process—developers, QA testers, release managers, and business stakeholders—to see who took action on a release, what action they took, and when they took that action. The dashboard provides an advanced view of the entire deployment landscape: from applications and teams, to deployment tools and processes, to target environments both on-premises and in the cloud. It enables both technical and business stakeholders to:

  • Monitor the release chain of custody in real time, including what is being deployed, who is deploying it, and deployment status—no matter what deployment tools are being used, or what type of environments are being targeted
  • Drill down into the chain of custody for completed releases to identify slow processes, bottlenecks, pain points, and areas for improvement and increased automation
  • See exactly which version of each application is deployed to each environment and track it back to which features are part of each application version, eliminating confusion for all stakeholders
  • Identify security and compliance problems as soon as they are introduced thanks to automatic trend analysis
  • Verify the security and compliance checks that were run for each release, making IT audits faster and easier for everyone involved
  • Shift security and compliance concerns left, so teams can fix application vulnerabilities and IT governance violations during the development phase of the software delivery process
  • Filter release and deployment information based on team, project, application, environment, target technology—whatever makes sense for your organization

Learn More

Need more evidence? Check out these resources:


More from the Blog

View more
Ascension Launch Banner
Apr 26, 2022

Get ready for peak performance with’s newest AI-Powered DevOps Platform Ascension Release

Today, is excited to announce our latest AI-Powered DevOps ...
Read More
Jan 24, 2022 Value Stream Delivery for SAFe®: The key to amazing business outcomes

The Scaled Agile Framework (SAFe) is the world’s leading framework for ...
Read More
Dec 09, 2021

How SaaS and cloud-based solutions helped the U.S. Department of Veterans Affairs achieve digital transformation

Modernizing legacy systems was an ongoing goal for the U.S. Department ...
Read More
Nov 29, 2021

Increase velocity and reduce risk with AI and machine learning

Artificial Intelligence (AI) and machine learning (ML) have proven use ...
Read More
Contact Us