FutureStack 2022 - New Relic extends observability into security

Back on the ground in Las Vegas for its FutureStack 2022 conference, observability vendor New Relic is celebrating with a raft of around two dozen product enhancements, along with a new logo. There are five headline announcements, the most notable of which is an entry into the security market with the expansion of the New Relic One observability platform to add vulnerability management. Other highlights are:

• An expanded partnership with Microsoft that allows customers to choose to have their New Relic instance hosted on Azure as an alternative to AWS.
• An expansion of the New Relic ecosystem with more than 70 new integrations, including a particular push to integrate with CI/CD vendors.
• A major rearchitecture of the platform’s Kubernetes support, improving performance at scale and expanding the scope of Pixie integration.
• Bringing application logs directly into APM without the need to set up log forwarders.

We drilled into the announcements in a pre-briefing with Ishan Mukherjee, co-founder of Pixie Labs and now GVP of Product Marketing at New Relic. He believes its approach to adding vulnerability management, by integrating with existing specialists rather than creating its own native capability, is distinctive in the market. The goal is to put security on the radar of developers and Site Reliability Engineers (SREs), as he explains:

Our primary focus is to actually bring security shifted left and bring it to our application developers ...

I think just like how the CI/CD loop really made DevOps a continuous process, we use security as essentially like a blanket over that loop, where now security would be a continuous process of development — software planning, building, deploying and operating.

Potential threats would just become another alert that a developer sees, in the same way that they see a performance alert when building an application, and then take action accordingly. He elaborates:

Because our platform shines with any type of data, security data flows in, that's just another entity and you're actioning that to our workflows ...

As all data flows into New Relic, all data is the same, they essentially detect and enrich these entities. And once the entities are in, we have these horizontal experiences like Explorer, Service Level Management, AIOps, which are domain agnostic, so you can build these. And on top of those, we have these vertical experiences — APM, infra.

Getting closer to Azure, CI/CD, Kubernetes

The addition of Microsoft Azure as an official cloud provider takes New Relic into the multi-cloud world and answers the concerns of customers who may already have standardized on Azure for other compute loads. They can now opt to have their New Relic instance and all the associated telemetry data and analysis hosted and running on Azure, reducing costs and latency associated with data transfers to another cloud, while simplifying data residency and regulatory compliance. It's also now possible to access New Relic natively from within the Azure Portal.

Integrations are a big theme of today's announcements, with those being introduced including Akamai, Atlassian Bitbucket, CircleCI, Cloudflare, Netlify, PagerDuty, and Postman, along with an improved onboarding experience. The partnership with CircleCI is getting special emphasis. Mukherjee says:

This essentially gets a lot of pre-production data into New Relic, so that our primary core, which is the application developers, DevOps and SRE, can get CI/CD visibility inside New Relic.

The rearchitecture of the Kubernetes integration aims to make it modular and configurable, with particular emphasis on ramping performance in large clusters. Mukherjee comments:

We have driven orders of magnitude performance gains, which now allows you to to run New Relic in massively scale-out clusters.

What we're seeing is, large enterprises have adopted Kubernetes. And now that Kubernetes clusters are ranging to 500, 1,000+ nodes, we're seeing small, massive scale clusters. And our agent is now performing at that scale.

New features for Pixie, which New Relic acquired at the end of 2020 and subsequently donated to the Cloud Native Computing Foundation (CNCF), include the launch of a plugin framework that allows the open source ecosystem to funnel Pixie data more easily into New Relic. This is a response to widespread adoption of the self-managed version of Pixie that developers host on their own platform, rather than using a New Relic hosted instance. Mukherjee explains:

Until this plugin framework, you could only integrate New Relic for the hosted version of open source Pixie. Right now with this plugin, we're opening it up for all the self-managed versions of Pixie to easily formulate into New Relic ...

That's a big change. For us as a business, you're going to see Kubernetes in general, and Pixie, is growing at an astronomical pace.

APM futures

The final announcement provides access to debug and application logs directly from APM agents, instead of having to add separate node-level log forwarders. Mukherjee comments:

It seems like a minor thing, but it's a net-new capability in the whole market, where an application developer deploys an APM agent, and they get all the logs they need without doing any extra work.

Having said that, APM as a distinct function is gradually being replaced by more integrated use cases. He adds:

We're already seeing most of the engagement is moving from vertical experiences to horizontal experiences. And that is where we see the world of observability moving. I think in a year or two years, very few engineers — we're already seeing that — they they won't really be asking for APM or infra, they will be just asking, just give me an observability debugger. And that's going to be just a secular shift that's happening.

My take

It's surprising how distinct security typically is as a discipline within enterprise IT. It seems to make sense to integrate thinking about security much more closely into application development and operations — essentially, to design it in from the start.