TheCUBE Research’s Dave Vellante and Paul Nashawaty open the AppDev Done Right Summit with insights into the current and future landscape of application development. Their conversation explores how end-to-end innovation — from edge to AI — is reshaping the development lifecycle in a digital-first world.
Nashawat outlines the event's key themes, including AI-assisted coding, secure software supply chains and the need for a unified DevSecOps strategy. The conversation highlights modernization trends, emerging technologies such as WebAssembly and serverless, and practical insights from recent GitOps and value stream management research.
The discussion highlights how observability, deployment velocity, and team alignment are becoming increasingly critical to application success. This grounded, research-backed dialogue sets the stage for a summit centered on closing skill gaps and delivering secure, scalable software at speed.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AppDev Done Right Summit. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AppDev Done Right Summit
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AppDev Done Right Summit.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AppDev Done Right Summit. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AppDev Done Right Summit
Please sign in with LinkedIn to continue to AppDev Done Right Summit. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Opening Keynote - New Era of App Dev
Dave Vellante, co-founder and co-CEO of SiliconANGLE Media, is joined by Paul Nashawaty, an analyst at theCUBE Research, at the AppDev Done Right Summit. This summit focuses on the future of application development, exploring innovative practices and tools necessary for the end-to-end development process in today's digital-first world.
The video begins with Vellante introducing Nashawaty, who leads the application development practice at theCUBE Research. Nashawaty outlines the summit's structure and themes, covering topics from low-latency edge deployments, AI-assisted development to secure software supply chains. The hosts delve into the significance of application modernization and how it is a pivotal moment for organizations to align business outcomes with the development lifecycle.
Key takeaways from the discussion include insights into the challenges of skill gaps and complexity in application modernization, as well as the adoption of cutting-edge technologies such as WebAssembly and serverless computing. According to research shared by Nashawaty, 69% of organizations improve deployment frequency using GitOps, and there is a notable increase in software efficiency among enterprises adopting value stream management. The video emphasizes the importance of observability and security across the Continuous Integration and Continuous Deployment pipeline, underlining the need for a unified approach in managing modern applications and systems.
TheCUBE Research’s Dave Vellante and Paul Nashawaty open the AppDev Done Right Summit with insights into the current and future landscape of application development. Their conversation explores how end-to-end innovation — from edge to AI — is reshaping the development lifecycle in a digital-first world.
Nashawat outlines the event's key themes, including AI-assisted coding, secure software supply chains and the need for a unified DevSecOps strategy. The conversation highlights modernization trends, emerging technologies such as WebAssembly and serverle...Read more
exploreKeep Exploring
What topics and themes are being discussed at the AppDev Done Right Summit?add
What percentage of organizations are implementing GitOps and how is it impacting their deployment efficiency?add
What topics will be discussed related to application development and the challenges faced in releasing code efficiently?add
What is the speaker's focus regarding security in the context of DevSecOps during the summit?add
>> Hi, everybody. Welcome to the AppDev Done Right Summit, where the future of application development takes center stage. Today's digital-first world, it demands more than just writing code. That's actually becoming second nature with LLMs. It requires end-to-end innovation and orchestration that spans ideation, development, deployment, and of course, very importantly, security. Now, whether you're a developer, a platform engineer, an architect, or a C-suite executive, this summit brings together the brightest minds, emerging practices, and the most effective tools for building and operating modern applications at scale with speed, and without compromises that we've normally seen in the app dev process now. So, as we kick off, we're diving deep into the entire application life cycle from low-latency edge deployments and secure software supply chains to AI-assisted development and platform engineering. And the challenges are real, but so are the opportunities. So, let's explore what it means to build software, not just fast, but done right. My name is Dave Vellante and I'm here with Paul Nashawaty, who leads the app dev practice at theCUBE Research and is the architect of this summit. Paul, thanks for making some time and great job putting this summit together.
Paul Nashawaty
>> Thank you, Dave, and thanks for kicking this off with me. It's really going to be an powerful and impactful summit. There's a lot of data here and a lot of information, really excited to be here.
Dave Vellante
>> Yes. I mean, what we're expecting is something, because you always bring the data, so it's going to be data packed with fresh research covering the application development and modernization space. Take us through why you launched the summit. What was the motivation here, how you're structuring it? It's over multiple days, what are the themes for each day and what are attendees going to learn?
Paul Nashawaty
>> Absolutely, Dave. Well, first and foremost, I want to start with when we think about the timing of application development and modernization, this couldn't be a more critical time to get the information that organizations need to get going, really to understand what they're doing. When I talk about application development and modernization in my practice, I talk to a variety of different organizations from large and small organizations to different levels, whether it's practitioners or business decision makers or C-suites or whatever it may be, and board members as well. And there's a whole slew of different things that happen with regards to app dev. And what we talk about in the context of the practice, we talk about in the context of past, present and future. There is an element of what is currently running the organization today, the operation today? What is the current state of where trends are going? Not just trends, but where should organizations be running for operational efficiencies? And then, also, where should organizations be looking in the next generation? So, when we think about these things, we think about maybe heritage environments, which may be silos of applications that may be siloed infrastructures that are running on single monolithic databases or maybe even VMs. To think VMs as heritage is a little bit weird to me, but it is.
And in today's state, we think about containerization and orchestration and cloud-native and what that means. So, when we start thinking about the next generation and what's going to happen next, we have to explore technology stacks like WebAssembly, Wasm, or serverless technologies. And the deployment locations, whether it be core to edge to cloud, and anywhere between, you bring all this together with AI-enabled applications and technologies that really the need for application development and modernization practices. So, Dave, back to your question, why did I think this was a good idea to put this together? Well, when I talk to the CIOs and they tell me that their number one challenge for their organization is application modernization, I think about it. Okay, application modernization, that's a challenge, but what are the barriers for application modernization? And they run into things like skill gap issues and complexity. Those are the challenges that these organizations run into. But when we think about this, it touches everything across the CI/CD pipeline and everything across the SCLC. So, what we've structured here is a program, a seminar here or sessions here that cover day zero, day one, day two in DevSecOps. Day zero being the build cycle, day one being the release cycle, day two being the operational side. And then, DevSecOps of course is security, overlaying everything in the CI/CD pipeline and anything that touches DSDLC. So, lots to go over, lots to talk about in this session in the summer, and lots to go through, Dave.
Dave Vellante
>> Yeah, and you've got some data here. Let's start with the day zero, you're setting the foundation. Really, what's that platform look like that you're building on? What's the readiness of that platform? And I know you have some data about the percentage of organizations that are implementing GitOps, how they're improving deployment efficiency. Share with some of the data with us, if you would.
Paul Nashawaty
>> Oh, of course, of course. I mean, data is kind the key to all of this because we can all have opinions on how we do this. And again, opinions only matter in a lot of discussions, but really, it does matter about where organizations are in their own maturity and their own journey and delivering. So, when we talk about the data for day zero, we look at day zero as a strategic tone that really does, as you said, sets the platform for readiness, for developer enablement and aligning to the business outcomes for the application developer. So, when we talk to these leaders, they really want to understand the blueprints of modern software development, and that really emphasizes around the velocity, but they can't sacrifice things like compliance and governance. They also have to align their vision with the execution. So, when we think about this, we see that 69% of organizations, so we just... Let me take a step back. We ran a series of surveys. So, each one of these pillars, day zero, day one, day two in DevSecOps, we ran surveys. We have research, fresh researchers coming back from the field, it's ready to go. We have all this compiled information. So, the datasets that we're talking about comes from this new research, theCUBE Research, we're excited to share that with you. So, we see that 69% of organizations are implementing GitOps reports, improving deployment frequency and reliability. 84% of DevOps teams are using GitOps believed to improve developer productivity and rollbacks complexity. So, these are some of those challenges that we were talking about. And then, also, 70% of organizations are building and planning to an IDP-streamlined developer onboarding to reduce time to value. Reducing complexity, reducing skill gap issues. Those are the two main barriers that we were talking about earlier, and that's really where I think day zero is really going to start really popping here.
Dave Vellante
>> All right. So, that covers day zero. The next day, which you call day one is focused on build, release and scale. What specifically, Paul, do you mean by that? And more importantly, what are people going to learn?
Paul Nashawaty
>> Yeah, absolutely. And then, as people are building, they have to obviously release. So, when I talk about day one, I talk about in the context of build, release and scale. And day one, it really dives into the core of the application development, from that rapid prototyping of the CI/CD pipeline and platform engineering is basically servicing orchestration, right? So, it gets to that point of releasing that application into the environment. So, what we're talking about, what we're sharing in this summit is real-world practitioner and innovators are sharing how they ship resilient, scalable applications faster. And what we find in our research, we find that out of over 847 respondents, I said out of... It's about right. 847 respondents indicated that 24% want to ship code on an hourly basis, yet only 8% are able to do so. And that's about delivering the value continuously with the right platforms and pipelines in place. So,. What we see, and this isn't just us that... So, let's talk about this. So, take industry information, we're compiling that against harmonizing across the different metrics in the environment. So, take the DORA metrics, if you're familiar with DORA, the DevOps metrics that's used, elite performance teams deploy 973 times faster and more frequently and 6,578 times faster lead times than lower-performers. That's just straight out of the DORA metrics. But if we look at our research, theCUBE Research, what we have is companies adopting the CI/CD pipeline report 60% to 80% reduction in deployment times, and this includes faster feedback leads, improving that product quality. And then, also organizations that are adopting value stream management, they're seeing 15% to 20% increase in software efficiencies across software teams. So, Dave, really powerful stuff here. I think it's important to understand and measure against your peer groups if you're looking at this and to understand where you are in your own journey.
Dave Vellante
>> It's interesting, Paul, I think people have concerns about LLMs and probabilistic AI, but one of the areas that is very clearly gaining mega traction is software development and coding. I've seen demos where the developer is actually interacting, like talking to the LLM and the LLM is... It's like a collaboration. The LLM is challenging the developer, "Why are you doing it this way?" And the developer explains, "Well, I'm thinking about two chess moves down the road." "Oh, okay, that makes sense. In that case..." And then... it writes the code. I mean, it's phenomenal what we're seeing there. And I've talked to organizations, JPMC, Dollar General, some big tech companies, like Salesforce and IBM and Cisco. And the developer productivity, to your point, that they're getting out of this is really off the charts and they're just getting started. Okay, so the next day you're calling day two, your focus is on operate, observe, and optimize. So, what's the intent there?
Paul Nashawaty
>> Yeah, absolutely. I do want to respond to the LLM comment that you made there, Dave, because I think it's important to note that application monetization and development is only as good as the data that's behind it. So, of course the SLM and the LLM that's behind it, we used to call that big data, we used to call it data pools and datasets. Now, all that information is critical to be part of a marginalized application development cycle. And that does tie into what we call day two. And day two is what I would call as operations, right? And this explores a critical, but sometimes overlooked disciplines of operations of observability and incident response. And sometimes this is an area where organizations really should be spotlighting the platform reliability, actionable telemetry, as well as automated redemption or remediation, I should say. But the goal here is to build the systems that don't just work, they evolve, learn, and recover in real time. And that ties back to your AI comments or AIOps plays into this from the infrastructure side, but also, observability applies across the entire ecosystem. So, you can have actionable insights. What we find is it is very fragmented, right? In our research, we find 75% of respondents indicate they're using six to 15 different tools to measure observability. Six to 15 different tools, so the complexity around that is a lot. 54% of those respondents indicated that they are in favor of changing out these bespoke solutions into more of a unified full-stack observability solution. We see that 87% of IATDMs consider observability is essential to modern application performance and reliability. And full-stack observability solutions reduce mean time to detection, or the NTDD by upwards, of 68%, right? And observability to market, we see it overall is projected to reach $9.3 billion by 2028, driven by the demand for proactive operations. What we're seeing is a pivot point in the market right now in day two that is showing that we can see the unified approach across things, like not just monitoring, but logging, tracing, all the MELT metrics that are in place, APM, NPM, and everything that goes along with a full-stack observability solution. So, there's a lot happening here, but these actionable insights are important in the CI/CD pipeline and the SDLC in order to take action across delivering your applications faster.
Dave Vellante
>> Well, talk about tools creep, Paul, there's no market that's more onerous in that regard than security, which is the next theme that you're exploring at the summit. When cloud really became mainstream, it became the first line of defense for security, but there's the shared responsibility model. And with infrastructure as code, a lot of the burden for securing apps and data fell on the DevSecOps team. And so, the whole shift left thing. And look, developers want to write code. They're not security pros, so it's this added line or added veil or vein of complexity that they've had to deal with. So, this is what you're hitting security across the software development lifecycle. So, what are the insights from the community that you're hoping to get?
Paul Nashawaty
>> Yeah, Dave, you're spot on. Actually, I just want to be very crystal clear here. I'm not looking at this in the lens of application security like some of my colleagues have with the other summits that have been held. They've done a really good job in explaining some of the real details around security. What I'm really focused on in this summit is how DevSecOps is woven throughout the entire ecosystem and emphasizing the need to shift security left, enabling it to, in every stage of the CI/CD pipeline, from code to cloud, as you said, right? It's a critical part, but this also applies to securing software supply chains, policy as code, real time threat detection and cloud native environments. And since we're moving towards that, today's state, that cloud native state, it's important imperative that security plays a big part in it. So, in this era, security isn't just a gate, it's a continuous threat of trust. So, when you look at it, 70% of security issues originated from the code state, yet 29% of developers run security scans locally. So, what we're trying to understand here is like, okay, how is this evolving? And looking at the data, what does this mean? 81% of CIOs say sustainability is now a critical factor in software and cloud infrastructure decisions. So, they want to make sure that they're understanding how this is working, and it also open source dependencies really make up over 75% of code base increasing the importance of SBOMs and supply chain scanning. So, when we think about these things, it's incredibly important when you think of new policies that are going in place, like the EU CRA that's going in place, that it's a mandate has to be delivered by December 2027 for all software. This is an important part of the SDLC and the CI/CD pipeline. And then, once the application is deployed, once that tech stack is in play, then you can worry about the things that... You have AppSec and all that goes along with this, right? That's a different level of security. But for here, I'm looking at it in the context of making sure that code, like SBOMs and such, are tracked and known and understood, and our research is identifying where the threats are in the development cycle.
Dave Vellante
>> And again, I love how you're always bringing the data. It's new fresh data. So, stay with us on this because Paul is going to be in the community, will be introducing new data points that you can use in your business. So, let's summarize. Here's a picture of... So, let's take a look at the AppDev Done Right Summit's focus. Paul, give us the rundown and the insights you hope to be sharing with the community, and then give us the last word.
Paul Nashawaty
>> Yeah, as I said, this is really a focus summit around that day's era, the foundational part of the development cycle and the strategy, the build, release and scaling part of day one. We'll get operations and observability and optimizing on day two. And of course, the security across the SDLC. These are the core parts of the SDLC, the software development life cycle. And it really is important whether you're starting your journey now or very well mature in your journey, it's important to understand where you call it stack rank against the industry. Understand the market challenges, and also know that you're not alone. There's many, many organizations that are going down the same challenges, same path that you're going down, and there's ways to resolve these issues. So, we're definitely looking at sharing some of that with some of the customers and clients and vendors that we have to share their use cases, their examples, and their solutions on solving these problems. So, stay tuned to the summit. There's a lot coming out here, and again, exciting times. It's a pivot point in the industry and it's definitely going to be dynamic and fluid. So, hang on and buckle up because you're in for a ride.
Dave Vellante
>> Awesome, Paul. Okay, as we wrap up this opening session of AppDev Done Right Summit, one thing is clear is that building modern applications, it's not just about shipping code. That's part of it, but that's really table stakes. It's about delivering value continuously and securely, very importantly, across the entire life cycle. So, throughout the summit, we're going to explore how strategy meets execution on day zero. How to scale innovation on day one. And how to operate with intelligence and resilience on day two. And we've seen how DevSecOps isn't a siloed discipline. It can't just be bolted on. It's got to be a shared responsibility that connects developers, operators, and security teams, and business users with a common goal, trusted, reliable software. Thank you for attending. Get ready for some insights and stories and lessons learned from vendors, from industry experts, from practitioners covering this area. Let's take a look at what we've heard. We're going to dig into the challenges and that conventional thinking and keep pushing the boundaries of what's possible in application development. AppDev Done Right doesn't stop here, it starts right now. Thanks for watching.
Paul Nashawaty