In this RedMonk conversation, Manish Gupta, Chief Marketing Officer at LaunchDarkly, speaks with Kate Holterhoff, senior analyst at RedMonk, about the complexities of software development and the challenges of releasing bug-free software. They discuss the recent launch of LaunchDarkly’s Guardian Edition, which aims to help companies manage risk by implementing guarded releases. Manish emphasizes the need for a new approach to software releases that balances innovation with risk mitigation, allowing companies to move quickly without compromising user experience. The discussion also touches on the future challenges companies will face in adapting their risk posture in an increasingly complex software environment.

This RedMonk conversation is sponsored by LaunchDarkly.

Transcript

Kate Holterhoff (00:12)
Hello and welcome to this RedMonk conversation. My name is Kate Holterhoff, Senior Analyst at RedMonk, and with me today is Manish Gupta, Chief Marketing Officer at LaunchDarkly. Manish, thanks so much for joining me on the MonkCast.

Manish Gupta (00:23)
Good to be here, Kate

Kate Holterhoff (00:24)
All right. Over the last several months, we’ve been inundated with headlines of bad software releases having major global customer and financial impacts. How and why do you think bad releases are still happening? Why do companies still take the risk to ship buggy software?

Manish Gupta (00:39)
Kate, the software development lifecycle has gone through significant changes in the last 10-ish years, and GenAI has further accelerated that evolution. In this complex environment, bugs are a fact of life, whether they are functional bugs, performance bugs, compatibility bugs, security bugs, and so on. And it’s nirvana to expect 100 % bug-free state. I don’t think that’s achievable. Increased software complexity, mix of legacy.

and new code bases, need for speed, frequency of changes, and inclusion of third-party libraries just makes it very difficult to achieve that state. So given that this is a fact of life, and we know that no company really wants to ship bad software, they want to deliver the best user experience and deliver a value to the marketplace. However, many organizations have not taken the requisite steps to minimize the negative impact of bugs or prevent

them from hitting in the first place. Their software practices are likely outdated. They don’t necessarily separate deployment from releases. They ship code all at once. They ship releases to everybody, the entire audience base, instead of segmenting it. They perhaps can’t monitor or don’t monitor at a feature level, perhaps only do it at an application level. They don’t usually have the ability to change configurations in production. And in many cases don’t have the ability to roll back automatically or quickly once an issue has been detected or caused a negative effect in the marketplace.

Kate Holterhoff (02:13)
Yeah, these are really important items that you’re listing here. So I’m glad that you’ve outlined why this is such a big problem and one that we’re going to continue to see. You just announced a new product last week at LaunchDarkly’s Launch Week called “Guardian Edition,” which according to your blog post is intended to quote, “automatically catch bugs before they’re outages.” So tell me a little bit more about how Guardian is serving to advance LaunchDarkly’s larger mission of helping enterprises manage risk.

Manish Gupta (02:40)
Yeah, I think it’s really important on the approach that is taken by an organization. And so our recommendation is for the software development teams to evolve their practices to focus on shipping guarded releases. And this is a new notion that perhaps isn’t in the vernacular of the development organizations today. But there are very specific things that make up what a guarded release is all about. The first one is to set performance thresholds.

to ensure that every stage of the rollout meets the performance, latency, and application availability that’s needed in that particular environment. The second piece is to respond to errors quickly, if possible in milliseconds, with application auto-remediation. And so when you see that the performance thresholds are breached, you want to be able to take action immediately. And best, if you could roll back automatically to…

to the last good state if you can. And the third part to this is to maintain end-to-end visibility into the health of the releases with real-time insights into regressions and resolve those issues with release monitoring. So if you can institute those three things, you would then be able to offer your software as guarded release. And Guardian Edition incorporates all of these capabilities. In addition to that, it also has error monitoring,

with which you can debug issues, quickly inspect and triage errors, and any issues you might see with the user experience at feature level. And finally, it also has what we call session replay, ability to gain comprehensive view into the user journey for web and mobile apps, so that you can see release degradation in the user experience and behavior that will have long-term impact in the marketplace.

Kate Holterhoff (04:33)
It sounds to me like the real paradox you’re outlining here has to do with the often competing demands of innovation and safety. So historically, in order to move fast, companies have had to break things. And it sounds like LaunchDarkly is working toward a new paradigm of developer speed and risk mitigation. So I want to hear more about how you’re doing this at LaunchDarkly. Can companies mitigate risk while retaining or even improving their innovation velocity?

Manish Gupta (04:57)
You know, Kate, this has to be the new normal. You cannot say, because I’m moving fast, I’m going to break things. And it’s certainly not OK to break things. We have seen the impact to the brands, to the companies, to just long-term reputation of organizations. And to be competitive, enterprises have to move fast. The dynamics, the competitive posture in the marketplace has become such that you have no choice but to do that. You have to innovate quickly.

And if you do it in a ways that you’re not breaking things along the way. And so, you know, can you afford to have major incidents? No, you cannot. And so the answer is how do you achieve this balance between faster innovation without breaking? Our recommendation is a shift in approach to how software is taken to marketplace. What has been forever the status quo is you identify and you discover that the incident has occurred.

You then go back and try to figure out what the root cause is. You develop a fix for it. You test the fix. And then you put that back into the marketplace. And that cycle can take a long time. From the first time you discover the incident to the actual fix. And the longer this takes, the bigger the impact and the blast radius for the marketplace. What we recommend is an approach with guarded releases is to be able to make a change in your release.

And if you see a degradation, detect the problem instantaneously, you flag, and you auto-recover before the user even experiences the effect of that degradation. And if you can do this new approach of guarded releases, then in most cases, you will minimize the impact, the negative impact of any bug that you may have. And in many cases, you will never have that impact even show up in end user environment. Hence, you achieve this notion of…You can move fast while protecting the company and the brand and the users from bad experiences.

Kate Holterhoff (07:00)
And as we head into the new year, I’m curious what challenges you foresee for companies as they assess their risk posture. How should they be adapting to prevent incidents?

Manish Gupta (07:11)
You know, companies will face continued stream of challenges from increased speed, higher complexity of software environments, pervasiveness of now AI across the enterprise, and mismatch of in-house technical competency to the evolving dynamics of the marketplace. With all of these changing elements, our recommendation for the enterprise to reduce risk is to institute guarded releases as the only way to release every release across the organization.

Kate Holterhoff (07:41)
I’ve really enjoyed speaking with you, Manish. Again, my name is Kate Holterhoff, Senior Analyst at Redmonk. If you enjoyed this conversation, please like, subscribe, and review the MonkCast on your podcast platform of choice. If you are watching us on RedMonk’s YouTube channel, please like, subscribe, and engage with us in the comments.