CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
In Part 2 of APMdigest's exclusive interview, Yoram Mizrachi, CTO of Perfecto Mobile talks about the DevOps and Continuous Quality in mobile development.
Start with Part 1 of the Interview
APM: What should DevOps teams be doing to help ensure mobile app quality?
YM: Two tactics that are essentially required for a high value mobile app today are:
Automation – If it can be automated, do so. By eliminating repetitive tasks, you give your team more time to solve real problems. You no longer have the luxury to have long cycles of manual testing and "stabilization periods" which can uncover unexpected problems.
Continuous Quality – it's incredibly important that applications are tested on all devices that they're offered on all the time. This can be a challenge, especially on operating systems that run on a wide variety of devices like Android, but also on iOS, which already have more than 40 popular combinations. The goal is to be able to know at any given moment what the version quality is on all relevant target devices. This is a DAILY task, not weekly and not monthly.
APM: What types of tools should DevOps teams be using to ensure mobile app quality?
YM: The best way to develop mobile applications is in a cloud-based environment that allows for multiple teams to collaborate remotely, protects data in case of a breach or error, and – possibly the most important – allows for automated testing to continuously run on the project when it is not actively being changed.
DevOps teams should be able to automate around 95 percent of all testing processes, and have this embedded throughout the entire mobile app development lifecycle. Unstable dev/test environment is the #1 enemy of DevOps. It causes teams to default to manual testing which results in a fragile release cycle. Cloud normally gives much higher uptime than any in-house lab or server.
APM: How does Continuous Quality change the equation for how Dev/Test teams embrace testing throughout the development lifecycle?
YM: Organizations who use old and traditional development methods simply cannot succeed with mobile. A team who does not practice a Continuous Quality workflow will end up working in a disconnected manner using very different tools from team to team, even within the same organization. There are a few mobile devices for testing on (and likely other purposes) on the developer's desk or QA desks, not hosted in a cloud environment and without governance and security.
The team heavily relies on manual and exploratory testing with some basic automation – this is far from a continuous integration machine, which can run thousands of tests overnight on multiple devices. This team has no tools to mimic end-user conditions, like various network profiles, carrier networks, GPS location testing, load testing etc., and therefore isn't testing a true user experience or truly covering the required testing needs.
The outcomes of such an outdated environment is limited visibility into the application quality and performance that often results in late and expensive defects identified by the field or customers. The effect of traditional practices in mobile is increased overtime and reduced quality, which is reflected in both app reviews and employee morale. This is because the app has more features, larger target devices and shorter time to release.
The key difference between a Continuous Quality process and other processes is that during the former, the barriers between developers, testers, and performance engineers are eliminated. The focus is put on quality from the beginning through a set of environmental assets, tools and a quality lab that provides the developers with a natural environment where they develop and test their mobile app in parallel, as part of their continuous integration (CI) workflow. Poor uptime of the lab will cause developers and testers to abandon it and as a result will push the Continuous Quality goal away.
APM: What are the new factors that DevOps must keep in mind when designing their mobile applications?
YM: The main new factors that I see affecting DevOps design structures are:
■ The wide variety of devices that are on the market, with new ones being released every day.
■ The ephemerality of device popularity – and, to some extent, OS popularity.
■ The need for a stable software development life cycle (SDLC) environment that includes testing capabilities.
■ DevOps needing to combine all types of testing into cycles, including security and load testing.
■ The need to limit manual testing processes to increase efficiency.
APM: How do you see mobile development changing in the near future?
YM: The SDLC will need to be managed in a cloud setting in order to ensure success, especially with DevOps, to allow for dispersed teams to collaborate effectively. Mobile development will change in the near future to create the best environment for developers— one that includes leveraging existing technology investments.
APM: Perfecto Mobile has been quoted as saying that you would like to combine the QA teams, monitoring and operations teams into one role. How would this change the organization?
YM: In general, with DevOps and agile processes, the combined team has visibility into everything. If developers can see what the effect of their work is in production, they will become more connected with business goals, and in turn will be more motivated and accountable.
APM: What benefits does Perfecto Mobile offer mobile development and DevOps teams?
YM: Perfecto Mobile offers the ability to embrace DevOps and test continuously throughout the development process, which ensures a level of quality and reliability that simply is not realistic for firms that rely on manual testing. Further, Perfecto Mobile also offers access to thousands of mobile devices (real ones, not virtual environments) to truly test the user experience. With this combination, Perfecto enables DevOps teams to focus on quality and fast development and not solving SDLC infrastructure problems such as logistics, abilities and availability.
ABOUT Yoram Mizrachi
Yoram Mizrachi founded Perfecto Mobile after serving as the CTO of Comverse Mobile Data Division. In this capacity, he handled a variety of technological aspects in mobile applications, WAP and location-based services. In 1999, Mizrachi was the CTO (and founder) of Exalink, which was later acquired by Comverse for $550 million. Prior to founding Exalink, Mizrachi held several technology-related positions in the fields of communication and cryptography.
Industry News
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd. announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.
Veracode has been granted a United States patent for its generative artificial intelligence security tool, Veracode Fix.
Zesty announced that its automated Kubernetes optimization platform, Kompass, now includes full pod scaling capabilities, with the addition of Vertical Pod Autoscaler (VPA) alongside the existing Horizontal Pod Autoscaler (HPA).
Check Point® Software Technologies Ltd. has emerged as a leading player in Attack Surface Management (ASM) with its acquisition of Cyberint, as highlighted in the recent GigaOm Radar report.