Your SlideShare is downloading. ×
Code Review | 2010
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Code Review | 2010


Published on

Published in: Technology

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Collaborative Code Review Klocwork Webinar Series Todd Landry & Brendan Harrison CONFIDENTIAL
  • 2. Klocwork Introduction
    • Klocwork provides a family of developer and team productivity tools built on our industry leading source code analysis capability
    • Technology pioneer, proven track record
      • First to market (2004) to provide both quality and security vulnerability analysis
    Passed 650 Customer milestone (Dec 2009) Introduced Integrated Continuous Analysis, Refactoring & Code Review (2009) Closed largest Q1 in company history (2009) First to market (2003) with architecture solution integrated with bug detection Awarded InfoWorld Technology of the Year Award (2007)
  • 3. Over 650 customers worldwide Network & Telecom Finance & Insurance Spotlight Success: 3 of the top 5 computer and internet and software companies 5 of the top 10 global medical device companies 5 of the top 7 US aerospace and defense firms 5 of the top 7 global chip manufacturers 5 of the top 10 global network equipment providers “ The addition of Klocwork's best-of-breed source code analysis solution for identifying defects early in the development process will allow us to further enhance our reputation for market leadership and innovation while reducing our development costs and improving the development process.“ Orly Nicklass, Ph.D. , Head of R&D of Carrier Switches, Nokia Siemens Networks KLOCWORK PROPRIETARY
  • 4. Klocwork Insight Pro Static Analysis | Peer Code Review | Refactoring CONFIDENTIAL
  • 5.
    • Klocwork Truepath™ static analysis engine is foundation for our capabilities
    • Uses a combination of build process comprehension, code compilation, dataflow, and symbolic execution techniques
    • Can detect a wide variety of issues in C, C++, Java and C#
    Quality & Reliability Memory and resource leaks Using de-allocated memory Incorrect memory de-allocation Dereferencing NULL pointers Usage of uninitialized data Resource management Concurrency violations … Security Vulnerability Buffer overflow Un-validated user input SQL injection Path injection File injection Cross-site scripting Information leakage Weak encryption Vulnerable coding practices … Maintainability Architectural violations Header file structure Dead code Unreachable code Calculated values that are never used Unused function parameters Unused local variables … KLOCWORK PROPRIETARY
  • 6. Ship higher quality and more secure products on-time KLOCWORK PROPRIETARY Test teams can focus on customer requirements not programming bugs Code Analysis & Refactoring: Errors and design cleaned-up prior to check-in Build Analysis: Builds are cleaner, more stable and reliable, leading to less downtime Architecture Analysis: Ensure architecture and maintainability doesn’t erode Collaborative Code Reviews: Focus on critical design & requirement issues
  • 7. Code Review – Necessary but Ad-hoc
    • Majority say code reviews mandatory but no formal process to determine participants
    KLOCWORK PROPRIETARY Source: A commissioned study conducted by Forrester Consulting on behalf of Klocwork, February 2010
  • 8. Collaborative Code Review Confidential
    • Combining Static Analysis with Peer Code Review
    • Issues found with automated analysis shown in code review interface
    • Allows review to focus on critical requirements and design
    • Enabling Collaboration & Communication
    • No need for in-person meetings – participants communicate remotely
    • All discussion threads and actions easily accessible and versioned
    • Incorporating Social Media Concepts
    • Simple “wall” concept for all code check-ins and actions
    • Customizable RSS to monitor check-ins most important to you
  • 9. Product Demo... CONFIDENTIAL
  • 10. Questions?
    • Todd Landry, Senior Product Manager
      • [email_address]
      • Twitter @todd_landry
    • Brendan Harrison, Director of Marketing
      • [email_address]
      • Twitter @brendanharrison