Rookout Debugging Tool Expanded to Third Party Code

Third party code has long presented a problem for developers and programmers. Rookout looks to ease that pain by expanding its debugging tool.

Businesses are always looking for ways to go faster, to do more in less time. It’s one of the reasons security has been skimped on, because business leaders don’t want to take the time to deal with it. That is changing, however, as cyberattacks plagued 2020. One of the big issues in 2020 was malicious package deployment in open-source and npm repositories. Shared code is a necessity for anyone who writes code – you can’t build everything from scratch, which is why threat actors targeted it. While businesses still need to review security protocols, devs are getting some help from some innovative debugging tools, which can allow debugging of 3rd party code without tearing it apart.

While certain tools like snyk can look for malicious code in 3rd party packages, what about bugs and collisions with your integrated code? Tools like Rookout are emerging, which allow you to debug third party code without editing it. And it doesn’t just work for openly shared code, it also works for any code not written by the dev using it. This could include former employees and proprietary code as well as shared repository code, making it easier for the dev to understand and manipulate. It’s not unrealistic for a stack complexity in living software to have thousands of variables being tracked.

“Debugging becomes even more difficult when you run into code that you didn’t write — which in today’s modern distributed environments can be the large majority of code keeping the application running,” said Liran Haimovitch, CTO and Co-Founder of Rookout. “…even adding a log line to one of those 3rd party dependencies seemed like an insurmountable task, but that is all changing… ”

He is absolutely correct, before this new generation of tools, manipulating code written by someone else was an arduous task. If you’re not familiar with how coding works, the complexity of it is difficult to explain. Businesses are on the hook for bugs and interactions with every open-source package they use, plus the dependencies each one of them has, on top of the years of code written before a new-hire even touches the code base. The coder has to dissect, evaluate and learn how the previous person did things before they can even try to work with it. This tool can help accelerate investigations into unexpected outcomes. But we should also caution this tool doesn’t eliminate that complexity, just makes it easier to see what’s going on under the hood.

As businesses learn that coders, developers, programmers and other tech employees can do their jobs from anywhere, the remote environment is going to increase in the sector. Which means that devs can’t walk around the corner to a colleague’s desk to ask a question about a piece of code they wrote. It means continued use of open-source and other 3rd party code for every project, which means more opportunity for flaws and mistakes. Rookout’s tool could help to eliminate a large part of that problem when trying to debug – the last phase of all coding.

The world of technology is ever-changing, ever-evolving. And the more changes happen, the more developers and coders will come and go. The problem of third party code is not going anywhere. Whether it’s open-source, written by a previous employee, something that was outsourced or something else, third party code is going to be here for the foreseeable future. Right now, we only have one company working on the problem of 3rd party code, one company offering a solution to this need.

As more companies move into the digital landscape and work to move fast, eliminating pain points like having to re-write code because it won’t work with new code or search for flaws in code written by someone else, that speed can happen. IDC’s Worldwide Developer and DevOps 2020 Predictions says that they anticipate the “re-use of third-party code in new apps and digital solutions will increase from 40% in 2020 to 80% of code in 2024.”

More and more companies are adopting DevOps and DevSecOps. More and more companies are going digital and moving to the cloud. Every single one of those businesses has to deal with 3rd party code, you are not alone. Hopefully Rookout’s tool is the first of many to help devs navigate this problem. Make sure you bring in an expert to help you understand it all and ensure you are moving in the direction that most benefits your business. Every business has its own needs, systems and processes. Understanding your options is the best way to safeguard your business’ future.

About the Author

Pieter VanIperen, Managing Partner of PWV Consultants, leads a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. He is a 20-year software engineering veteran, who founded or co-founder several companies. He acts as a trusted advisor and mentor to numerous early stage startups, and has held the titles of software and software security executive, consultant and professor. His expert consulting and advisory work spans several industries in finance, media, medical tech, and defense contracting. Has also authored the highly influential precursor HAZL (jADE) programming language.

Contact us

Contact Us About Anything

Need Project Savers, Tech Debt Wranglers, Bleeding Edge Pushers?

Please drop us a note let us know how we can help. If you need help in a crunch make sure to mark your note as Urgent. If we can't help you solve your tech problem, we will help you find someone who can.

1350 Avenue of the Americas, New York City, NY