News from the World of Software Development – February 2017

This fresh edition of the Betica Blog news digest contains a few interesting stories from an endlessly fascinating software development world. If interested, here is a link to last month’s article. Use these insights and ideas at your own shop to stay on the forefront of an ever-changing industry.

Developers and QA Engineers on the Frontlines of the Battle for Cybersecurity

Earlier this month, CIO Magazine reported on how software engineers and QA personnel can improve their efforts to prevent cybercriminals and other nefarious agents from hacking their systems and technical infrastructure. This battle is especially fierce considering the growing number of devices connected to the Web because of the Internet of Things (IoT) and mobile technology. Stronger coding practices and more thorough software testing are key factors in protecting applications.

Chris Wysopal, co-founder and CTO of the software security firm, Veracode, commented on the importance of stronger code and testing when considering cybersecurity. “In today’s technology environment, application security testing for vulnerabilities and flaws in software code should be a security best practice, regardless of an organization’s size or industry,” said Wysopal. Unfortunately, a survey by his company reported 83 percent of the respondents deployed code without a full vetting of the underlying application security.

The article noted companies must require developers to perform code reviews focused on security. Additionally, state of the art QA techniques, like static and dynamic application testing as well as white hat testing are needed to ensure an application is sufficiently protected before it’s released into production. While automated testing tools help somewhat, humans also need to be involved to assure the highest possible level of security.

CIO reported that the Open Web Application Security Project (OWASP) provides a valuable resource for companies looking to improve their cybersecurity efforts. It offers practical information on the best practices for ensuring an application’s code is safe. Ultimately, this freely-available information is vital for winning the war against hackers and other cybercriminals, especially concerning the current shortage of application security talent in the IT industry.

Is “Low-Code” the Next Wave in Software Development?

The problems discovered when forced to maintain and enhance legacy applications has led to a new paradigm focused on using tools that assemble pre-written functionality into a complete application. In a sense, this is a streamlined and highly-automated take on the current microservices trend in the industry. SiliconANGLE discussed low-code software development in a February article.

The app used by the ride-sharing service, Uber, is a highly public example of an application developed using low-code techniques. It pieces together functionality from a variety of sources, including Box Inc.’s Cloud storage, Google Inc.’s Maps, payment services from Braintree, Twilio for messaging, and SendGrid’s email services. Many pundits feel the flexibility offered by the low-code model suits today’s competitive business era better than traditional application coding techniques.

The industry research analyst group, Forrester, predicts the low-code software market will grow to over $10 billion over the next two years. “The market for these [low-code] platforms is growing fast, but selecting a platform that actually delivers without creating a [fourth-generation programming language]-like orphan in the software portfolio isn’t easy’” said Forrester. Obviously, this makes it a trend worth watching at your software development shop.

Keep coming back to the Betica Blog for additional news and information on the expanding software development universe. Thanks for reading!

Microservices – a Flexible Architecture for the Continuous Deployment Era

As more modern businesses embrace new organizational structures like DevOps, with a goal of achieving the continuous deployment of software, SOA architectures are becoming more granular. Microservices is a term used to describe these lightweight, highly portable applications used to build larger systems. Each microservice typically runs in its own process, communicating with other microservices using a protocol, such as HTTP.

Like many newer technology industry buzzwords, it is hard to explicitly define microservices, but enough common attributes exist to provide a high-level overview. Perhaps this architectural approach makes sense for your team’s next application design?

An Architecture to better support a Scalable Internet

The esteemed software architecture pundit, Martin Fowler, describes how the need for microservices grew out of the hassle of making relatively minor changes to large monolithic applications running in the Cloud. For example, a simple UI change required all the components in the application to be rebuilt and redeployed across multiple servers.

Improved scalability in a Cloud-based distributed environment is another major advantage of microservices. Older applications required all of their components to be scaled. On the other hand, software designed using microservices only needs the scaling of the most resource intensive portions of the application.

The fact that each microservice is individually deployable ultimately makes this process easier to manage for build engineers.

Improved Flexibility when designing Applications

Being able to leverage collections of microservices is a boon for organizations looking at code reuse for quickly architecting, designing, and building a web-based application. This echoes some of the original promises of SOA – or even piecing together desktop software using components – but the improved granularity of a smaller microservice works better in this era of the Cloud. 

Using microservices also makes it easier to organize an application’s architecture. Fowler notes many enterprises create teams based on the business capability for a microservice. This means each cross-functional team includes personnel responsible for the UX, database, middleware, etc.

From an organizational standpoint, this is a structure similar to the Agile Tribes concept used at the Internet music streaming company, Spotify. Fowler mentioned that companies organizing their software development teams around their chosen application architecture is another example of Conway’s Law influencing the software engineering process – a process we talked about last year.

Designed for Continuous Delivery

As mentioned earlier, application design using microservices helps organizations achieve a continuous delivery model compared to older software architectures. Given a scenario where only a small portion of a microservice needs updating, it is easier to rebuild that granular piece instead of an entire application. Organizations are able to leverage automated test and build routines to streamline the entire process.

Still an Emerging Software Development Model

Fowler feels it is too soon to anoint microservices as the future of software development. “While our experiences so far are positive compared to monolithic applications, we’re conscious of the fact that not enough time has passed for us to make a full judgment. Often the true consequences of your architectural decisions are only evident several years after you made them,” said Fowler.

There’s no denying that microservices architecture is worthy of further analysis by your software development organization. It just may be the missing link on your path to highly scalable and easily deployable applications.

Keep returning to the Betica Blog for additional insights on the software development world. Thanks for reading!

Agile and DevOps make Perfect Partners

A recent technology report came to a conclusion that won’t be a surprise to many of you. It seems Agile and DevOps offer more benefits when paired together at an organization compared to when they are implemented individually. This makes sense when considering DevOps grew out of a need for a better organizational structure for technology projects using Agile.

With the hopes of making your application development process more efficient, this article looks at the details of the report to find those actionable insights relevant to your software engineering organization. Good luck in your efforts!

The CA Technologies Report on Agile and DevOps

CA Technologies commissioned a study by Coleman Parkes Research to ask technology executives on how their organizations’ implementation of Agile and DevOps is transforming their business operations. The study’s lead conclusion noted that 81 percent of the surveyed executives feel Agile and DevOps are a vital aspect of their operational evolution. The study’s other insights also provide food for thought for your managerial team.

Over 80 percent of those surveyed said their organizations are currently using either Agile or DevOps. Still, only one-third of those senior executives felt either methodology was sufficiently implemented at their business. CA Technologies concluded that this highlighted a maturity gap needing to be fixed for those businesses to truly evolve their operations.

The Benefits of Mature Agile and DevOps Programs are Numerous

Companies able to successfully implement both Agile and DevOps all across their organization see numerous benefits according to the executives in the survey. Advanced Agile users are able to act on important decisions sooner than those new to the methodology. Experienced DevOps enterprises implement ideas 42 percent faster than those companies not using the organizational structure.

Adding DevOps to an organization already well-versed in Agile causes new business growth to increase by 63 percent compared to companies only doing Agile. Operational efficiency also improves by 41 percent. These last two conclusions from the study should be enough to convince most larger technology shops to combine Agile and DevOps instead of merely doing one or the other.

The survey also noted some of the leading factors preventing a company-wide implementation of Agile and DevOps. Security issues ranked as the top reason for both methodologies, followed by budgetary concerns, and the lack of integration tools. Organizational culture and resistance to change are also contributing factors.

Using Agile beyond Information Technology

The CA Technologies study also mentioned that Agile offers benefits to organizations that go beyond their IT department. Some of the surveyed executives noted their companies use Agile in the marketing (54 percent), customer service (53 percent), and sales departments (52 percent.) Finally, only six percent of the companies have implemented Agile across their entire enterprise.

Angela Tucci, CA Technologies’ general manager for Agile management summed up the survey’s conclusion. “Agile and DevOps practices lead to happier, more productive employees…which in turn leads to happier, more satisfied customers. And when Agile and DevOps are practiced together, the benefits are even better,” said Tucci.

When you need additional insights on the ever-changing software development world, come back to the Betica Blog. Thanks for your readership!