API SDLC: 8 Trends to watch out for

We at Conektto believe Software Development Life Cycle (SDLC) will undergo even more changes as it plays a more vital role in digital transformation. As a result, architects and developers will increasingly adopt a different mindset and a whole new set of tools and processes. Here are eight important trends we've observed from research, talking to customers, our API platform development, and discussions with industry observers.

1. Mach Speed No, not that Mach of Top Gun, but MACH stands for Microservices based, API-first, Cloud-native SaaS, and Headless. We expect it to give companies a deeper level of agility, allowing them to deliver new features to customers quickly. In addition, it could change how enterprise software is developed and utilized across every industry and roll out new features quickly. To be clear, the components of MACH are not new, and the concept has been around for a few years. What's different now is them all coming together, maturing, synchronizing with digital transformation, and finding their way into many types of business that could create fantastic opportunities.

2.No code, low code?

We expect a whole wave of SDLC based on the 'low code or no code' principle to develop apps, websites, and innovative ideas powered by AI and citizen developers. For example, with Conektto's platform, even non-techies can create APIs, configure, and manage with no or low code in minutes as opposed to days or weeks before. Gartner estimates that low-code application development will be responsible for more than 65% of activity by 2024 and is set to reach a tremendous $65 billion market cap by 2026.

There are already scores of all-purpose and specialist low-code platforms. Take Codex, built by OpenAI, which creates simple automation with a few lines of code. GitHub Copilot is an autocomplete function for coders to speed up their work. DeepMind, a subsidiary of Alphabet, has an AI tool capable of writing complete code to solve complex problems posed to it as conversational text. Microsoft's Power Platform users can generate simple apps by describing them. From training AI models to chat, recognizing objects (computer vision), predictive analysis, and even creative tasks such as design and ideas we are yet to see, this will create a new wave.

3. Microservices but a macro influence

We expect a shift towards microservices. In such decoupled architectures, services are fine-grained, and protocols are lightweight. The benefit is that more services can be worked on modularly, which makes the application development easier to develop, test, and resilient.

But enabling thousands of microservices to work together also creates the risk of introducing technology sprawl and recreating the pitfalls of monolithic architecture to end up with "microservice islands." So, is this a solution creating unfamiliar problems? Let's see.

4. Newer Types of APIs

REST is the most popular (the specs were defined back in 2000) and has a head start. However, we expect newer types of APIs to rise, with GraphQL usage tripling in the last three years and Asynchronous API usage quadrupling. Gartner predicts that by 2024, over 50% of enterprises will use GraphQL in production - from less than 10% in 2021. GraphQL was introduced in 2015.

GraphQL's query language lets developers operate over a single endpoint to query data from multiple apps and services with a single API call; aggregate and deliver the exact data requested by a client from various microservices without over/under fetching data. GraphQL is still evolving and has pros and cons, but its adoption will continue to increase.

APIs are thus moving beyond the two-way synchronous communication mechanism between a client and a server to an event-driven mechanism.

5. Higher hybrid

Larger enterprises still must stay on multiple, fragmented-but-cohesive sets of API and integration platforms. With evolving vendor landscapes and capabilities, M&A, recouping existing IT investments, and other factors, we only expect a future with a hybrid API and integration platform with heterogeneous IT environments, multiple clouds, and software vendors.

As a result, hybrid API architectures that complement existing technologies will increase. Expect to see more hybrid API management that reaps all the benefits of API management—including visibility, security, and analytics, regardless of where it comes from - across any on-premises or multi-cloud environment for internal or external consumption.

6. Automation becomes autonomous?

Automation offers a remedy for businesses looking to do more with fewer job vacancies, high inflation and operational costs. It's already been here for a few years as robotic process automation (RPA). Now fuelled by AI, it's now making way for hyper-automation. This will create a new wave of use cases from DevOps, security, vulnerability assessment, and beyond.

The global RPA and hyper automation market will grow from $9.2 billion in 2022 to $26 billion by 2027, at a CAGR of 23.1%. By 2024, Gartner estimates, organizations will lower opex by 30% by using hyper-automation.

Further, autonomous self-learning algorithms are evolving to create a driverless experience, drone cameras, and physical robots; the next significant evolution is autonomous software creation. Soon, software packages and SAAS platforms will have auto-upgrade features for autonomous features that are learning through supervised and unsupervised training.

This stirs the age-old debate: Will automation cause the loss of jobs and make us obsolete? Gulp. Unlikely. Over time, autonomous SDLC will augment and create more human jobs than replace them, and those it replaces are more likely to be in either dangerous, unproductive, or repetitive roles. In the short term, upskilling, reskilling, friction, and uncertainty are bound to happen. Historically, the IT industry has created millions more jobs than it may have displaced or replaced. This is no different.

7. The 'S' in SDLC may soon mean security

US companies face a combined $12 to $23 billion in losses in 2022 from compromises linked to APIs - protection is not keeping up with usage. Concern over security vulnerabilities has risen alongside the number of APIs, which today power the world's digital ecosystems. The application's primary attack surface will not be the web or mobile apps – but misused third-party APIs.

32% of companies stated that automated bot attacks are one of the most common threats to APIs. Regarding detecting, 29% say they rely on alerts from an API gateway, and 21% rely on web app firewalls. This leaves APIs vulnerable and exposed to common threats as enterprises become more open and distributed.

As a result, the fixed security perimeters of the past are slowly vanishing. Instead, we expect to see moving towards models that prioritize zero-trust and layered defense based on encryption, application identity, strong authentication and authorization.

8. Richer SDLC

The software development will get richer (and complex) with newer interfaces, form factors, and more diverse endpoints and interfaces than we are familiar with today - block-chain software with distributed databases; AI, and conversational APIs to generate new interactions with voice assistants that are everywhere; metaverse-based software (virtual learning, e-commerce, advertising, and gaming), and AR/VR apps, it's only going to get more exciting and lead to more innovation.

What do you think? Are there any SDLC trends or developments we missed? Please tell us in the comments section below.

Citations 2021 survey from Solace 2019 Gartner Magic Quadrant for enterprise low code application


19 views0 comments