Leveraging dynamic configuration for seamless and compliant software changes


In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster response times during incidents.

Niemiec explains how dynamic configuration evolves feature flagging, supports operational agility, and addresses compliance challenges across various sectors.

How does dynamic configuration contribute to avoiding system outages? How does it enable faster response and resolution times during incidents?

Before dynamic configuration, every issue needed to be resolved by a dangerous rollback or a fix forward, needing a rebuild and a redeploy, all requiring significant engineering input and risk assessment. Dynamic configuration systems enable faster response and resolution because a configuration rollout allows the deployed code to stay the same, with less time and risk than a full rebuild and redeploy.

For software on end-user machines, making security upgrades mandatory and prompt can become significantly easier. We are evolving from and beyond existing feature flagging techniques, which increase the number of possible code paths and result in slipping untested code to customers.

Lekko additionally allows teams to avoid these issues before they occur by applying techniques like type safety, validation, and CI. AI-assisted issue prevention will spot problematic configuration combinations and identify conflicting code paths, helping prevent the next CrowdStrike outage.

In what ways does dynamic configuration support operational agility and faster deployment cycles?

Dynamic configuration evolves the feature flagging concept, which separates feature deployment from code deployment. Lekko addresses the problems of when engineering meets the business:

  • Costly Incidents — Misconfigurations account for most software outages, not just Crowdstrike! Slipping untested code or bugs to customers leads to revenue loss.
  • Technical Debt — Feature Flagging ends up littering code with stale feature flags, creating a web of unclear code paths that make testing, debugging, and root-cause issues difficult. These zombie flags can also pop up when you least expect it to cause issues.
  • Wasted Resources — Engineers need to respond to incidents and issues, but they also get bothered by simple changes that could be self-serve to the rest of the business. Tech debt slows down engineers today and accumulates interest going forward as the code gets more complex.
What are some specific compliance challenges that dynamic configuration helps to address?

Dynamic configuration ensures that every software system change is appropriately vetted and reviewed. Lekko lets companies reduce the number of configurations of their product and system to reliably ensure that all variants comply. It can also extend compliance enforcement, such as data locality, like ensuring EU user data stays in the EU.

How do different sectors, such as finance or healthcare, leverage dynamic configuration differently?

Specific regulations in each of these industries mean that historically, many more controls have been in place regarding shipping code, resulting in slower development. Dynamic configuration will help companies in these industries stay compliant without sacrificing the delivery of quality products to their customers.

How does Lekko utilize AI for dynamic configuration, and what unique advantages does this offer?

Unlike, say, Copilot, which lives in the cloud and can only see what you’re actively editing in your IDE, Lekko’s SDK can have your permission to examine your entire repository and history specific to your code. The latest AI techniques make more code easily understood by Lekko and our users. This way, Lekko can use AI to keep codebases clean by identifying conflicting code paths, spotting problematic configuration combinations, and preventing configuration issues from making it into production.

We don’t claim to developers — or their managers — that AI will do their job for them. Rather, it will help Lekko know when to speak up and ask, “Are you sure you want to do this?”



Source link