GitLab announced the general availability of GitLab Duo Self-Hosted.
Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2023. Part 6 covers APIs.
Start with: 2023 DevOps Predictions - Part 1
Start with: 2023 DevOps Predictions - Part 2
Start with: 2023 DevOps Predictions - Part 3
Start with: 2023 DevOps Predictions - Part 4
Start with: 2023 DevOps Predictions - Part 5
DEDICATED API TEAMS
Over the past year, APIs have become the dominant target for hackers looking to disrupt supply chains and steal or ransom data. A major reason for this has been the lack of an API strategy. In 2023, organizations will need to address these issues by having dedicated API teams, not just for security purposes but because APIs have become essential building blocks for software, from eliminating mundane tasks for developers like installing and upgrading applications to creating new ways for organizations to monetize their data.
Alessandro Chimera
Director, Digitalization Strategy, TIBCO(link is external)
API TEST STRATEGY
More companies recognize APIs as the building blocks of modern software (State of API). The rise of serverless architecture, the growth of API management, and the growth of artificial intelligence and machine learning are just some of the trends driving the proliferation of APIs. Hence, creating a proper test strategy for APIs will be more critical than ever. A proper test strategy will include at least: designing API first, creating contract tests to ensure appropriate communication between services, utilizing technology and tools to be able to mock out 3rd party APIs, testing for performance and reliability, testing for security. Skilled engineers utilizing the appropriate methodologies and tools will be in massive demand.
Nikolay Advolodkin
Senior Solutions Architect, Sauce Labs(link is external)
FASTER INTEGRATION
With the rise of APIs as products, we are stepping into this gray zone of API implementation which is far from being great. People are still spending days and weeks on learning and implementations. Companies will start to invest more and more in the form of no code, low code tools that will allow developers to integrate faster with those APIs.
Iddo Gino
Co-Founder and CEO, Rapid(link is external)
POLYGLOT API
APIs > dashboards — it's like comparing a store that sells fresh produce to a flower shop. Sure flowers are pretty but produce is nourishing and can be mixed together in all kinds of ways. 2023 is the year of APIs that are polyglot — joining data across database, systems and clouds to make DevOps more powerful but with added complexity.
Chetan Venkatesh
CEO, Macrometa(link is external)
API OFFERS OPERATIONAL EFFICIENCY
As the recession takes a toll on tech workplaces, APIs will continue to offer what every company is looking for — operational efficiency. With the help of APIs, teams can do more with less and in a much faster way. While APIs can't solve all problems, they can drastically increase workflow and enable automation to offer better experiences for employees across all industries.
Gleb Polyakov
CEO and Co-Founder, Nylas(link is external)
BUSINESS SIDE USES API
As API-first companies continue to prevail, I firmly believe that business units such as HR and marketing will increasingly be testing and automating their essential business capabilities using APIs throughout 2023.
Kin Lane
Chief Evangelist, Postman(link is external)
API REGULATIONS
The use of APIs has greatly expanded the ability for developers to innovate and reduced the time required to deliver new apps and features. But there is a well-understood dark side: a massive increase in points of potential vulnerability within complex enterprise code bases. 2023 will usher in regulatory activity intended to ensure API endpoints are known (a surprisingly large number are not) and controlled. This regulatory activity will increasingly have financial "teeth" (i.e., stiff fines for failure to comply) and will also be more prescriptive in terms of technology. Specifically, many will require systems able to continuously scan codebases in order to build and maintain accurate inventories of API endpoints. An example is the New York Department of Financial Services, which is amending its 2017 cybersecurity regs (23 NYCRR Part 500) to include the requirement to maintain a complete and up-to-date asset inventory, which most interpret to include APIs.
Eric Minick
VP Product, CodeLogic(link is external)
API SECURITY IS CRITICAL
With the continued adoption and reliance in the industry of Microservices Architectures, API Security is a critical component of any organization out there in 2023 as an outage or targeted disruption of APIs leads to entire web applications unable to serve end-users. Ensuring that the right security mechanisms are in-place to protect against this phenomenon will be critical. Helpful guidelines such as the OWASP API Top 10 can help in reducing the attack surface and properly anticipate against common API attacks.
Mike Elissen
Senior Developer Advocate, Akamai(link is external)
SHARED MODEL FOR API SECURITY
API sprawl and protection will be the biggest thing that development contends with in the coming year, and how security teams can start to shift left the right way, the prioritizing of development needs with security priorities. Additionally, next year, we'll start to see a shared model for API security that doesn't treat different stages of the pipeline as disconnected points. End-to-end API security platforms will start to recognize problems in development that are only discovered during runtime today.
Sanjay Nagaraj
Co-Founder and CTO, Traceable.ai(link is external)
API MARKETPLACES
The external API marketplace will become a common enterprise offering — In 2023, we will see many companies start releasing external API marketplaces for both increased visibility and the monetization of APIs. Traditionally, these external marketplaces were only common for specific companies such as eBay and Salesforce, but this is quickly changing.
Iddo Gino
Co-Founder and CEO, Rapid(link is external)
API MONETIZATION
With mounting economic pressures in 2023, companies will be trying harder than ever to make every asset of the organization profitable. Whether it's data, services, functionality or otherwise, APIs will be a go-to for monetization and creating new revenue streams quickly. Because of this, organizations will also continue to invest in top developer talent.
Iddo Gino
Co-Founder and CEO, Rapid(link is external)
GATEWAYS WILL BECOME A COMMODITIZED SERVICE
Open source tools or cloud vendors are providing their gateways next to free. With that, we will begin to see a tumultuous time for legacy gateway vendors no longer able to rely on vendor lock-in driven by table stakes API management functionality. Separating the winners and the losers will really come down to who focuses on delivering a seamless developer experience that offers a path for utilizing multiple gateways.
Iddo Gino
Co-Founder and CEO, Rapid(link is external)
Start with: 2023 DevOps Predictions - Part 7, covering automation.
Industry News
Tigera announced the introduction of several new innovations to Calico, including a new Ingress Gateway capability for Calico Cloud and Calico Enterprise, and the launch of Calico Dashboards.
Copado introduced three AI-powered DevOps apps for Slack.
Gearset announced that it now supports Salesforce's Agentforce.
Sonar announced the acquisition of AutoCodeRover, an autonomous AI agent platform for software development.
Faros AI announced a collaboration with Microsoft to deliver its AI-powered platform for optimizing engineering workflows on Azure.
Apollo GraphQL announced the general availability of Apollo Connectors for REST APIs and new GraphOS platform enhancements — giving enterprises a faster, more efficient way to execute their API strategies.
Check Point® Software Technologies Ltd.(link is external) announced that its Check Point CloudGuard solution has been recognized as a Leader across three key GigaOm Radar reports: Application & API Security, Cloud Network Security, and Cloud Workload Security.
LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.
SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).
ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.
Genkit for Node.js is now at version 1.0 and ready for production use.
JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).
mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.
Check Point® Software Technologies Ltd.(link is external) announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.