Hello World!

Kiran Kamity

Kiran Kamity

Passionate serial Silicon Valley entrepreneur. Head of product at Cisco Cloud BU. Founder/CEO at ContainerX (acquired by Cisco). Founder/VP at RingCube (acquired by Citrix). TEDx speaker. Loves nature, travel and food.
hero_trans@2x

Do you remember the overwhelming sensation of writing your first line of code?
Well, we do! And that’s exactly how excited we are today to announce DeepFactor, the first Continuous Pre-Production Monitoring™ platform for developers!

DeepFactor delivers security, performance, and behavior insights that developer teams need to ensure Runtime Ready™ releases. These insights form three pillars of visibility for applications:

  • Know your app behavior
  • Know your security & compliance
  • Know your performance

DeepFactor plays nicely with your existing tools and is seamlessly integrated with the DevOps pipeline so you can find and fix issues before deploying the release into production.

In today’s application-driven economy, developers & QA engineers are under a lot of stress and have to work with tight deadlines. As a profession, we have to build, test and deploy faster than ever before to meet business requirements. This means that most of the time we have to prioritize building & testing application functionality over security, behavior and performance.

Another growing trend is the use of open source to ship faster, which means rather than re-implementing functionality ourselves, our development teams go to public repositories on GitHub and npm to bring in a set of open source components as building blocks for projects. While the use of open source is a great catalyst for speed and innovation, open source components also come with inherited problems. The question here is: who audited these components for security and performance? Who verified that these components are doing what they’re supposed to be doing? Are they causing our application to be less secure or slower? And if we dive a level deeper, there are also dependencies of these dependencies (open source components) that we’ve implemented. What about their security, performance and behavior and the overall implications for our projects? What about the unpredictable runtime effects of the changes we’ve just made in our custom code?

Visibility into static code (SAST & SCA) is great, but the verbosity of insights can be overwhelming. It needs a runtime visibility counterpart, which can tell you exactly what the app did, to reduce the verbosity, and help prioritize the list of insights.

Hit release…. And brace for impact!

As developers, we lack visibility into the application’s runtime behavior, security & performance, in dev, test and staging environments resulting in costly runtime problems that are only discovered after releasing the code into production. Who can forget those “Oh, s***!!” moments after realizing we had a runtime issue again!? Then come the painful rollbacks, uptime issues and sometimes both, but always accompanied by chagrin… deep, long lasting chagrin.
Most of these runtime issues can be easily avoided if we had continuous visibility into runtime of applications – we could then get insights around the impact of the changes we’ve just introduced, and fix issues before deploying code. So, maybe we could kiss runtime chagrin goodbye for good?

DeepFactor set out to solve this problem, empower developers and fuel DevOps with runtime visibility. Continuous monitoring is the next frontier for DevOps, following continuous integration and continuous delivery. By embracing DevOps, we are already building fast, testing fast, deploying fast (I can’t help but quote Ricky Bobby here “I just wanna go fast!”) and now with DeepFactor, we can ‘monitor fast’, and get fast runtime feedback about releases in a pre-production environment. This is such a fundamental building block for DevOps pipelines at every organization and we believe DeepFactor will improve the confidence, efficiency and speed of CI/CD pipeline significantly – meaning more time to create cool stuff and way less chagrin when it comes to releases!

Is my application really doing what I think it’s doing /what it should be doing?

For developers and engineers in software development, there’s always this nagging question: “Is my application really doing what I think it’s doing or what it should be doing?” Well, you’d be surprised to see that more often than not, there are interesting surprises!
With DeepFactor, we found a different way to monitor applications and make sure they’re doing what they’re intended to be doing. This way, developers can view and fix these behavior issues before pushing code to production.

By monitoring application behavior, what we want to know are the answers to questions including:

  • What files is my application opening?
  • What libraries are being used?
  • What subcomponents are being brought in as part of my build and execution?
  • Who’s connecting to me?
  • Who am I connecting to?
  • What DNS lookups am I doing?
  • And a lot of other technical parameters.

We have identified over 170 such behavioral indicators, that, if monitored in pre-production environments, can give great visibility into the security, performance & behavior changes of applications, and the changes between releases. Overall, what we want to know is: “does the set of behaviors that I’m observing in my application match the expected set of behaviors?” If I wrote my application to do X, and then I observe that it’s actually doing X and Y, I need to know why.

In early tests with DeepFactor, we were surprised to observe that some applications that we thought would be clean and straightforward were exercising unexpected behaviors when you look at the behavior trace. It’s always a surprise for most developers when they see the insights that we provide for their own applications!

How can your team check it out?

Here are 3 easy ways your team can check DeepFactor out:

  1. DeepFactor Live Sandbox: You can start playing with DeepFactor on our live Sandbox. The sandbox requires no registration and provides an environment with monitored applications.
  2. DeepFactor Community Edition: DeepFactor is FREE forever for teams with fewer than 10 developers. You can register for the community edition on our website.
  3. DeepFactor for Open Source Projects: DeepFactor is completely free for non-commercial open source projects. If you are a contributor of such a project, you can register on our website to start using DeepFactor on your project.

Interested? Please read our blog post on how DeepFactor works