Global real estate company Lendlease drives change with GitLab

Global real estate company Lendlease drives change with GitLab

When Lendlease, an AUD $6 billion (USD $3.8 billion) multinational real estate company, needed to facilitate a culture change in their software development teams, they turned to GitLab and its DevSecOps platform.

That’s the message Ciaran Hennessy, Chief Software Architect for Lendlease Digital, a business unit of Lendlease, shared in an on-stage interview at the Melbourne, Australia, stop of GitLab’s DevSecOps World Tour. By beginning to eliminate a complicated toolchain with an end-to-end platform, the Sydney-based organisation has been able to fuel collaboration, increase visibility, and make everyone responsible for security.

“Radical visibility” a game-changer

When the COVID pandemic pushed businesses toward hybrid work structures, Lendlease saw it as the perfect time to change the way people not only get their jobs done but how they see their role and responsibilities inside a DevOps team, according to Hennessy. The challenge was to figure out how to give everyone from executives to coders and security specialists visibility into how projects were progressing, where stumbling blocks were popping up, and what solutions worked best.

Using a single platform gave them what Hennessy called “radical visibility.”

“We have no walls between our teams anymore,” Hennessy said. “Everybody can see everything. We’re empowering people to look at everything and learn about other parts of a project.”

Fuelling collaboration and shared security responsibility

The platform offered Lendlease the opportunity to fuel collaboration as well as make other changes to the way they handled security, visibility, and managing legacy technology.

“We gained shared knowledge and context,” said Hennessy. “The platform enabled people to contribute to what others were working on and it means an individual is able to produce more easily what they need to.”

A big part of the Lendlease’s collaboration was the fact that security was “baked into” the app. With the GitLab DevSecOps Platform, security is pushed left, meaning developers start thinking about security when they begin planning new features or projects. And everyone can participate in securing code, so features or products aren’t left to only be tested right before production, stalling work and slowing releases.

“Security is not an afterthought. It’s part of the culture that we brought in,” said Hennessy. “Security is not useful in your software development process unless everybody is a security person. Everyone is responsible for security and with a platform that works.”

Adapting for the future

By taking a thoughtful and strategic approach to integrating legacy tech, the business is able to leverage its full technological capabilities while also prioritising the needs of teams and stakeholders. Using GitLab’s platform, Hennessy’s teams push legacy code into pipelines and containerise it. By creating container images that mimic the company’s current environments and dependencies, new developers can use that to work on and test the applications, applying new methodologies and best practices.

“Good code never dies. It just becomes legacy,” said Hennessy. “We gave it new value.”

Hennessy is welcoming of generative AI, noting that he’s not really concerned about the technology replacing software developers’ jobs. He expects using generative AI will be like adding extra hands to his DevSecOps teams.

“The thing I find really interesting about it is you get a resource that you can use to help you create new value,” he said. “I’m really interested in how we can use it to massively accelerate creation.”