A vulnerability in a logging library that hadn't been fixed in four years caused a full-blown security meltdown.
The Log4Shell flaw in Log4j, an open source logging software that's found practically everywhere from online games to enterprise software and cloud data centers, claimed many victims due to its ubiquity. It was described by security experts as a design failure of catastrophic proportions.
AppMap wants to stop this bad code from ever being made into production. The startup claims that the open source dynamic code analysis tool is the first of its kind and is the brainchild of Elizabeth Lawler, who knows a lot about security. Prior to founding AppMap, she was the chief data officer for Generation Health and the founder of Conjur.
After selling two companies into large enterprises with a lot of legacy software, he witnessed how developers were struggling to understand the systems they were tasked with improving, and finding it difficult to deliver fast and secure code in complex microservices and cloud applications.
A mental model of how things work that is disconnected from how it actually works is surprising to me. We make best guesses when writing code when we don't know how the software works.
The image is called App Map.
AppMap was built on the idea that developers should be able to see the behavior of software as they write it in order to prevent problems when the software runs. AppMap, which was built from the ground up over a three-year period, shows developers which components are communicating with which components, at what throughput and latency, at what network speed and whether there are.
AppMap was designed with the help of comic book artists and musicians to make it as easy to use and intuitive as possible.
"I know how much data can be overwhelming, so I'm a data scientist." It was shown to us that maps can be personalized and local, so we used that as a jumping off point for the big data problem.
AppMap is launching three new features, including the ability to share and collaborate with other engineers, performance analysis that alert developers when code changes will impact performance, and security analysis that can identify software code issues in a developer's code editor.
The kind of issues that are rising in the Top 10 are visible to us. Dynamic issues that are design in nature have gone down in prevalence because we have good scanning for them.
AppMap is free for developers to use because it is based on open source. We don't think you should be charged for self-awareness in programming We have to provide some background functions or storage if we are going to integrate with you.
The image is called App Map.
AppMap, which is a seed-stage VC-backed pre-revenue startup, has more than 20,000 customers and is growing at 20% a month. It has a team that is made up of employees that have coding at some point in their career and have experience with test driven development. Kevin said his career highlight was delivering "build your vehicle online" pages for Ford.
The startup has a vision beyond preventing developers from shipping bad code. People think, design and create in this way. By having observability data in that moment, it will open up a lot of opportunities.