CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
In Part 1 of APMdigest's exclusive interview, Yoram Mizrachi, CTO of Perfecto Mobile talks about the challenges of mobile development.
APM: How is mobile app development and testing different than web and traditional app development?
YM: Development environment – When developing for web, all you need is a normal workstation and standard browser. With mobile, you need devices (which you must manage the inventory and maintenance of) attached to the workstation, either physically or through a cloud platform. As oppose to web, where your tools are the same as your target, with mobile, emulators are not always true to the real devices that are in consumers' hands.
Skill set – Native mobile app development requires a different skill set than web, especially depending on the platform – for example, developing for iOS (Objective-C or Swift) isn't the same as developing for Android (Java). While there are differences between browsers, because they all use the same language (HTML & JavaScript), and there are certain standards that all implement, it's much easier to develop for a multitude of browsers and can usually be done in parallel.
Functionality – Mobile offers many more engagements available for mobile that do not exist for web apps. Take sensors for example. There's a whole range of capabilities for mobile that involve sensors, location based, accelerometer or things like opening your hotel room door or tracking daily fitness. Plus, web browsers lack push notifications, which are arguably one of the most important features of mobile apps. With web development, push notification usually came in the form of "sending an email". With mobile, this is completely interactive and part of the overall user engagement.
APM: What factors determine success in the mobile development space?
YM: User engagement and experience is the most critical success factor. Because mobile apps feel much more personal than websites, users are giving experience much higher importance than they would with a website. Your quality is immediately reported publicly in the form of app store reviews and other social networks. This is not the case with web, where the overall quality is a much less discussed matter. If you don't have a good app, your users – or former users – will talk about it and write about it, and word will spread. Mobile is all about the user experience.
APM: What percentage of enterprises base their entire mobile software development life cycle on traditional waterfall or pre-agile practices?
YM: No more than 20 percent are strictly waterfall whereas about 80 percent practice agile, but of that agile group I estimate that 80 percent are in the beginning stages.
APM: What challenges do these enterprises face?
YM: The three biggest challenges:
Change of mindset. It's the movement from develop > quality assurance > Operations > DevOps. This means that at any given moment, you need full visibility into the product's state of quality.
Developers have to start thinking of quality first, instead of submitting hastily written code and relying on the quality assurance teams to catch their mistakes every time. Now they are the quality assurance team, as well as the development team. There's a greater sense of accountability for developers. While this may sound harsh, there is an impressive positive side effect – they're better developers that turn out better products. While it seems simplistic, attaching the original developer to a bug does encourage thorough adherence to both testing and best practices, as well as a greater focus on logical architecture and thus, fewer shortcuts that will be costly in the long run.
Finally, operations have to optimize. They need to upgrade continuously – often in 24-hour cycles, depending on the product.
APM: Is DevOps the answer to these challenges for mobile app development?
YM: Yes, with two caveats.
First, DevOps needs to become more enterprise friendly, or easily scalable, without sacrificing quality.
Secondly, in order to be able to truly implement DevOps, you need to have 95 percent of your testing automated, with the goal being that products can be released at any time without unknown bugs popping up. Manual testing cannot be part of this accelerated cycle. The mobile market environment does not allow you the time that Waterfall offered: you can't release a support for the new iPhone 6 months after its being released, this is simply not an option, so the question is not "is DevOps?" but "how DevOps?"
Industry News
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd. announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
Check Point® Software Technologies Ltd. has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.