Amnic’s monthly newsletter Building Blocks captures major news and trends in the developer community.
This month’s newsletter focuses on low-code/no-code movement and if it is a threat to developers; the findings of a recent DevSecOps Survey by GitLab and challenges to shift-left. Plus, some recommendations for the weekend and Meme-ops. At 790 words, this newsletter is a 4-minute read.
Happy reading!
IN FOCUS
Low-code, No-code vs Developers?
Can low-code/no-code platforms make developers redundant? In the last few years, this question has been often discussed and debated in developer circles.
As per a recent Gartner forecast, 70% of the new applications developed by enterprises will use low-code or no-code technologies by 2025 – and the market could grow up to $30 billion. Simply put, low-code/no-code software has little to no visible code and users work with drag-and-drop graphical interfaces to create or modify a business app.
Faced with skill shortage and ever-increasing business demands, low-code/no-code platforms can allow companies to encourage their non-engineering staff who have little to no coding experience to build a simple business app in little time.
But not everything about these platforms is hunky-dory. Security and visibility are major issues — especially when different business units in a company can work with multiple low-code platforms and the IT team may not even be in loop (think shadow IT).
While the use of low-code/no-code platforms has seen a huge jump in the wake of the pandemic, are they a threat to developers? More than a contest or threat, these platforms can enable senior devs in a team, often saddled with too many tasks, to offload some of the grunt work – freeing them up to focus on core business logic.
For complex and customizable tasks that require a deeper understanding of software and context, developers with years of experience will continue to enjoy an upper hand. Prashanth Chandrasekar, CEO of Stack Overflow, sums it up succinctly: “Early developers blindly using low code or no code tools without learning the fundamental principles of writing code will inevitably hit a ceiling… particularly when they have to unpack what they created.”
Shift Left and Dev Challenges
Late August, GitLab released the findings of its annual Global DevSecOps Survey wherein a majority of its 5000+ respondents said security would be their top area of investment in 2022. Further, 53% developers said they are “fully responsible” for security in their organizations, a sign that security is shifting left.
But some other noteworthy statistics were: 47% security pros said devs find 24% or less of the available bugs that could be found in existing code — in other words, 75% of the bugs were left for the sec team to detect. While 57% of those surveyed said security is a performance metric for devs in their organizations, 56% said it was difficult to get devs to prioritize code vulnerabilities. In the end, security vulnerabilities were likely to be found by the sec team after the code is merged in a test environment, said 59% respondents.
Even as everyone is talking about shift-left in the development cycle, the road to implementation is clearly not smooth. For developers, who are increasingly tasked with ops responsibility while chasing velocity and agility, security is yet another KPI to their workload. Further, devs are not trained security experts and with the security architecture becoming complex, a know-how of which tools to use, how to use and what to fix is no child’s play.
Given the bottlenecks, there is room for disruption in this space, with some suggesting that born-left solutions/tools that are particularly designed for devs as the end users — instead of the existing shift-left solutions that are modified for devs — and prioritize their need to maintain agility and security while enhancing dev experience hold potential.
RECOMMENDATIONS
One Event to Attend: KubeCon 2022
Detroit, best known for its automobile industry, will be home to the annual KubeCon | CloudNativeCon this year, from 24-28 October. The who’s who of the developer world will be in attendance at the flagship event of the CNCF which puts the spotlight on cloud-native technologies. If you are planning to drop by, do catch up with Team Amnic there.
One Long Read: The Case for ‘Developer Experience’
With the rise of developers as buyers and influencers over the past decade, developer experience or DX has become the talk of the town. But most talks and solutions aimed at DX, argues Jean Yang, founder and CEO of Akita Software, erroneously follow the assumption that developers work in planned gardens – in reality, the tech stacks they work with look more like rainforests. You can read the article in full here.
One Podcast to Listen to: Critical Skills That Every Engineer Should Master
Whether you are just starting out as a DevOps engineer or looking to add skills to your CV that can help you land the job you’ve been eyeing, this podcast may offer you some insights. Darin Pope and Viktor Farcic of DevOps Paradox, in conversation with serial entrepreneur Sashank Purighalla, discuss the importance of persistence and communication and warn against overdependence on tools.
MEME-OPS
(Credit: r/DevOpsMemes/posted by u/0739-41ab-bf9e-c6e6)