ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
For many of us in the application or software development industry, Application Performance Monitoring (APM) was supposed to be a magic bullet, a way to catch the occasional unforeseen mistake that slipped through to production releases. APM would alert us to the issue and allow us to deliver better performing applications. This was the promise.
In reality, even with APM tools reporting production issues, there has been no discernable increase in the quality of applications delivered. A recent BlueStripe survey found that despite the use of APM tools, 81 percent of companies still have more than a quarter of their application issues go unresolved.
In addition, 63 percent of respondents are dissatisfied with their APM solutions, while 36 percent reported learning about more than 25 percent of problems from user complaints.
What this data shows is that APM alone does not fix systemic problems that contribute to the lack of quality apps. But it can be part of the solution. With the increased complexity, shortened development cycles, and heightened user expectations caused by the rise of mobile, it is critical that monitoring be part of development and vice versa.
This is difficult in the 92 percent of organizations that separate monitoring, development, and testing into self-contained groups. Separate staffs, budgets, and organizational systems all make collaboration around APM data difficult. Programs and software often do not integrate or sync with each other. It might be impossible to directly export your APM data into your test lab or automatically sync performance SLOs from testing to monitoring systems.
Creating a data feedback loop between the two sides is the most efficient way to continually develop mobile apps that perform up to or exceed user expectation.
Companies can achieve this data feedback loop by activating a “DevOps Bridge”. This must be a concerted effort by both sides of the IT house to merge and share personnel, data and systems.
Data from 24/7 monitoring should be directly fed into a virtualized test environment. With that production data as a basis for their tests, testers can instantly see how small changes made to the next app iteration will affect user experience. Once they have that data, they can report what specific development or infrastructure steps are needed to maintain a constant, or improved, level of application performance.
This improved test data can be fed back into monitoring. The better you understand how the application performs in a virtualized production environment, monitoring alerts can more accurately reflect realistic and acceptable end user thresholds.
The five seconds it takes “Transaction A” to complete can now be seen as within an acceptable range. An alert will only be tripped if the transaction exceeds that time by a defined percentage based on testing. If five seconds is unacceptable, performance can be optimized before deployment and appropriate thresholds set as a result. With more accurate alerts and reports, IT is not constantly wasting resources to figure out and fix issues that are not issues at all.
As more organizations move toward continuous deployment cycles for mobile applications, it is no longer good enough for APM to stand alone. By the time APM data is dissected manually and translated for testers and developers, three new iterations of your app have already launched and angered your users with their sub-par performance. Only by creating and maintaining this data feedback loop will the APM data reach the correct people in time to impact the next application iteration, and improve ALM for your entire organization.
ABOUT Gary Jackson
Gary Jackson is CEO of Shunra Software, a Philadelphia-based company specializing in network virtualization to help firms worldwide ensure application performance and end user experience. He has more than 25 years of executive experience in the IT industry, specializing in leading emerging technology companies.