Skip to main content

Ketryx 2.6

Moving toward a unified SDLC
Erez Kaminski
  •  
March 29, 2024

Developing regulated software is hard (but important!), and it’s even harder when you have to leave your favorite tools to manually update your RTM

That’s why we’re excited to launch Ketryx 2.6 which introduces a new set of features that let you keep working in the tools you already use while Ketryx automatically manages traceability across the entire SDLC. With this latest release, software development teams take another step toward validated CI/CD through more connections to systems, better cybersecurity automation, and a deeper integration with Git and other common developer tools. 

Guidance on actions tells you what to do next

We are always seeking to reduce complexity. In 2.6, your Projects dashboard now includes information on every screen about what actions you should take next, removing ambiguity of where the team is in its process. Next time you log into Ketryx, you’ll immediately see where you are, your next steps, and instructions on how to complete your next item of work. Plus, you can now configure those checklists to match each step of your procedure, so that your workflows are faster and smoother than ever. 

Push reports from other systems into Ketryx automatically

Ketryx is built on the principle that teams should be able to use any system they want to accomplish their goals while still maintaining TPLC control. Now, your team can run a report in any connected tool, and have it pushed automatically into Ketryx. 

You can even gate releases based on the presence of the required report, meaning that the system will block approvals unless the required documents are in place. With this expanded API capability, you can ensure robust documentation and traceability in a single source of truth across every tool in your tech stack. 

Managing transitive dependencies for enhanced cybersecurity

Managing transitive dependencies is critical as the FDA continues to emphasize the importance of cybersecurity in medical device software. With 2.6, when you report an SPDX into Ketryx through the open API, Ketryx now displays both dependencies at the top level as well as all of the transitive dependencies and their vulnerabilities. This feature helps you monitor and provide FDA-required evidence for your entire dependency tree. While other tools produce a flat list of thousands of transitive dependencies, Ketryx makes it easy to find transitive dependencies by clicking into a simplified view of top-level dependencies. 

Enforce pull request traceability & gate releases

One of the critical controls for teams implementing CI/CD is the ability to ensure that every pull request has a corresponding design control and test. Without this control, you risk losing traceability during development. This documentation is vital as it is a common request from FDA auditors. To speed up this process and enforce compliance, Ketryx 2.6 now provides full traceability on which items in Jira are connected to each pull request. This eliminates manual workflows like commit spreadsheets, which can include thousands of lines of pull requests and their affiliated design controls and tests. With 2.6, approvers can now gate releases until all pull requests have been tied to the appropriate Jira items and the corresponding version. This means that a release only happens in Ketryx once all pull requests have been appropriately labeled.

Expanded Git-based item support to source code

Ketryx continues to expand Git-based item support to source code, so that you’ll have connectivity between Ketryx and wherever you choose to house your tests. This update represents a deepening of our integration with Git repositories including GitHub, GitLab, and Bitbucket. Developers no longer need to write test cases in multiple places; instead, Ketryx automatically identifies test cases in your code base with the required tag and creates configuration items. This way, developers can build out the test plan while working in the code, where it’s most convenient. Quality professionals don’t need to ask developers for additional documentation since they can see the configuration item in Ketryx. The expansion of Ketryx’s Git integration to identify configuration items directly from the source code is a game-changer for both developers and quality teams, since it keeps developers in the code and ensures the traceability that quality teams need. 

Document typing and enforcement in EDMS

Teams work with a variety of document types, including policies, plans, and SOPs. Ketryx 2.6 unveils document typing within the EDMS, which enables you to have as many different documents as you want with configurable approval rules. This means that you can decide how many approvals each document needs, and from whom, depending on the type of document it is. For example, you may not need any approvals for manuals, whereas a policy document might require approval from 10 different individuals and in a specific order. In Ketryx, configuring these approval rules for each document type streamlines your workflow and saves your team time, avoiding unnecessary approvals and enforcing necessary ones. 

Systems of systems support with advanced document templating 

We introduced Dynamic Templates in Ketryx 2.5 and expand on it with 2.6. Now, with cross-project referencing (i.e. System of Systems) fully enabled in the document templating feature, you can pull information from any Ketryx project into your template. This gives you more control over your document templates so that you can cross-reference and pull in information from any relevant project, and helps you be audit-ready with your documentation. 

Ketryx 2.6 moves us forward in our journey to make teams more productive and accelerate the timeline of the software manufacturing process. At a time when the FDA is continually releasing new guidance on AI/ML and cybersecurity, it’s vital that software development and quality teams have processes in place that let them release faster, manage risk, and remain audit-ready. 

Interview transcript