How APAC firms can keep pace with software quality and security

Businesses in Asia-Pacific (APAC) will need to get a grip on software quality and security or risk losing their agility and control of service quality, according to a top executive at Dynatrace.

Speaking to Computer Weekly in an interview, Rafi Katanasho, Dynatrace’s chief technology officer and vice-president of solution sales in APAC, noted that the region’s businesses delivered significantly more digital services and transactions amid the pandemic, including banking, commerce, and e-government.

But with ICT architectures becoming more complex than ever, ensuring software quality and security in shorter release cycles was tediously manual and time consuming. This was exacerbated by the adoption of hybrid and multi-cloud environments which created challenges in IT management.

Katanasho said: “Running these environments is great because you get scalability and it speeds up time-to-market, but it also increases the complexity of the tech stack you’re running by multiple folds.

“[There may be] billions of dependencies just to run a single transaction. Adding to that complexity is your datacentre and multi-cloud platforms, with each cloud [needing] its own tooling and metrics as well as app workloads sitting on top of it,” he said. “So, you have disparate tools from different datacentres and cloud vendors, and your team needs to be trained on these different tools.”

Data also remained in silos and disconnected, leaving IT and development teams to do most of the heavy lifting and manually assess the information. “It’s what we call ‘eyeball analytics’,” he quipped.

IT leaders have started to feel the heat, with 49% admitting they had limited data as well as visibility on how users were responding to digital services, according to a Dynatrace survey that polled 700 CIOs globally. Another 40% noted that limited collaboration between teams made it more challenging to ascertain how serious an issue was and mitigate its impact on the business.

In another global Dynatrace study, 63% acknowledged that the complexity of their cloud environment had outpaced people’s ability to manage it. In addition, IT and cloud operations teams spent 44% of their time on manual and routine work, costing their organisations $4.8m a year.

And while IT leaders used an average of 10 monitoring tools across their technology stacks, their teams had full visibility of just 11% of the organisation’s application and infrastructure platforms.

In fact, 61% of CIOs said the dynamic trait of hybrid and multi-cloud ecosystems today had created so much more complexity that their IT environment changed every minute or less. For another 32%, there was a change at least once every second.

Visibility and automation
Against this backdrop, businesses would need to establish full visibility and automate where possible, across their technology stack and multi-cloud environment.

This would enable them to manage their infrastructure with reduced complexity and risks, so they could innovate and scale quickly and efficiently, Katanasho said. Failing to do so could not only mean costly delays in product releases, but also quality issues, he cautioned.

Dynatrace has been working to help its customers navigate this changing landscape, unveiling several new and enhanced product releases at its Perform event earlier this year to help enterprises better manage their ICT environment.

For instance, a new module has been added to its software platform to orchestrate the application development lifecycle, which includes automating code tests and quality checks against the organisation’s service level objectives. This will ensure applications meet quality standards before they are ready to move to the next stage of the software lifecycle.

Powered by Keptn, an open-source project, the new Dynatrace Cloud Automation module is touted to enable software development, DevOps, and site reliability engineering teams to create and manage cloud-native applications more efficiently. It will allow them to innovate more quickly and at lower risks.

The new module also taps Dynatrace’s artificial intelligence (AI) and automation capabilities to offer features such as automated, closed-loop remediation of releases that fail in production. These include deployment rollbacks and automated version comparison to continuously assess the performance of each release version.

In addition, Dynatrace has enhanced its digital experience module to support session replay for native-mobile apps, so development teams will be able to monitor every click, swipe, and tap from the user’s perspective. This information can be tapped to optimise mobile apps for performance and features.

Data privacy is secured by design, according to Dynatrace, so organisations in highly regulated industries, including banking, that must comply with legislations such as Europe’s GDPR (General Data Privacy Regulation) will still be able to use customer behavioural and experience data to enhance user experience and service delivery.

All announced features are available in APAC, according to Katanasho.

He added that Dynatrace aimed to offer a new release every week as well as a new feature every fortnight, introducing at least 25 new capabilities a year.

This was critical to support new use cases and keep pace with changes in the industry, such as the impending rollouts of 5G networks across the region and growing adoption of edge computing and the internet-of-things (IoT), he said.

To make sense of the data created through new 5G, IoT and other applications, businesses will have to be able to explore the data and cut-and-dice it in a flexible and intuitive way.

“People don’t just need data. They need the data put into context,” he said, pointing to the ability, for instance, to see the different links shrouding an application and the data it required to process a transaction.

Furthermore, the same capabilities that helped to stitch together software dependencies required for an application to facilitate transactions could be tapped to ascertain run-code vulnerabilities from custom codes and generate a risk assessment.

Enterprises would then be able to identify, in real-time, critical issues that could expose sensitive data.

“You can assess vulnerabilities and integrate that as part of your DevSecOps process and automate the process of detecting not just static scanning of your code, but also running code,” Katanasho said, adding that these features were integrated into Dynatrace’s application security module.

Dynatrace commissioned TechTarget APAC to produce the above content which was not reviewed or influenced prior to publication.