Feedback is routinely requested and occasionally considered. Using feedback and doing something with it is nowhere near as routine, unfortunately. Perhaps this has been due to a lack of a practical application based on a focused understanding of feedback loops, and how to leverage them. We’ll look at Feedback Loops, the purposeful design of a … continue reading
Developers are always under pressure to increase code output, but without the proper controls and tooling in place, rushing through the development process can lead to problems down the road. Things like static code analysis (SCA) tools offer a way to verify quality, security, and compliance without adding too much extra time to the process. … continue reading
The DevOps Institute launched a new tiered membership program which includes Basic, Premium, Government/Nonprofit, Educator and Enterprise Membership options to help advance the careers of DevOps and IT leaders. Basic membership gives DevOps users an introductory glimpse into what DevOps Institute’s membership program offers and includes limited membership benefits. The Premium Membership gives anyone working … continue reading
ShiftLeft has announced an updated version of its NextGen Static Analysis solution. The release features new workflows designed to help developers improve security and enhance productivity. According to the company, developer productivity suffers when security isn’t automated or integrated into the life cycle. A recent ShiftLeft survey found 96% of developers felt a disconnect between … continue reading
Static code analysis is usually thought of in terms of preventing vulnerabilities from existing in code. And, it’s thought of in terms of things like memory leaks and tainted data. But as businesses become more reliant than ever on software to drive their revenues, it is important to think about the damage these vulnerabilities can … continue reading
If you’re not doing static code analysis (aka static analysis), now is the time to start. Delivering code faster has dubious value if the quality degrades as development cycles shrink. On the other hand, if you’re not doing static code analysis, you’re not alone. Despite the mature age of the tool category, not a lot … continue reading
Rogue Wave wants to make it even easier to find vulnerabilities on the fly with the release of Klocwork 2017. Klockwork is the company’s static code-analysis tool. The latest release introduces SmartRank, a defect-recommendation engine. “We knew our users were struggling with too many issues and no way to prioritize them,” said Walter Capitani, Klocwork … continue reading
Rogue Wave Software wants to help developers find defects and resolve them faster. The company has announced the release of Klocwork 2016 with continuous static code analysis. According to the company, a static code-analysis tool that supports Continuous Integration (CI) will be able to rapidly detect common mistakes and anti-patterns, and provide a healthier build. … continue reading
SD Times news digest: OMG’s Tools Output Integration Framework, PowerShell Core 6.0, and OurCrowd launches Cognitiv
The Object Management Group has announced a Request for Comment for its Tools Output Integration Framework (TOIF). The purpose is to create a common format to show the findings of static code analysis tools. The RFC will be open until February 19 and comments can be made on the RFC comment form. “TOIF will solve … continue reading