• Save
Code Review | 2010
Upcoming SlideShare
Loading in...5
×
 

Code Review | 2010

on

  • 659 views

 

Statistics

Views

Total Views
659
Views on SlideShare
659
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Code Review | 2010 Code Review | 2010 Presentation Transcript

  • Collaborative Code Review Klocwork Webinar Series Todd Landry & Brendan Harrison CONFIDENTIAL
  • Klocwork Introduction
    • Klocwork provides a family of developer and team productivity tools built on our industry leading source code analysis capability
    • Technology pioneer, proven track record
    KLOCWORK PROPRIETARY
      • First to market (2004) to provide both quality and security vulnerability analysis
    Passed 650 Customer milestone (Dec 2009) Introduced Integrated Continuous Analysis, Refactoring & Code Review (2009) Closed largest Q1 in company history (2009) First to market (2003) with architecture solution integrated with bug detection Awarded InfoWorld Technology of the Year Award (2007)
  • Over 650 customers worldwide Network & Telecom Finance & Insurance Spotlight Success: 3 of the top 5 computer and internet and software companies 5 of the top 10 global medical device companies 5 of the top 7 US aerospace and defense firms 5 of the top 7 global chip manufacturers 5 of the top 10 global network equipment providers “ The addition of Klocwork's best-of-breed source code analysis solution for identifying defects early in the development process will allow us to further enhance our reputation for market leadership and innovation while reducing our development costs and improving the development process.“ Orly Nicklass, Ph.D. , Head of R&D of Carrier Switches, Nokia Siemens Networks KLOCWORK PROPRIETARY
  • Klocwork Insight Pro Static Analysis | Peer Code Review | Refactoring CONFIDENTIAL
    • Klocwork Truepath™ static analysis engine is foundation for our capabilities
    • Uses a combination of build process comprehension, code compilation, dataflow, and symbolic execution techniques
    • Can detect a wide variety of issues in C, C++, Java and C#
    Quality & Reliability Memory and resource leaks Using de-allocated memory Incorrect memory de-allocation Dereferencing NULL pointers Usage of uninitialized data Resource management Concurrency violations … Security Vulnerability Buffer overflow Un-validated user input SQL injection Path injection File injection Cross-site scripting Information leakage Weak encryption Vulnerable coding practices … Maintainability Architectural violations Header file structure Dead code Unreachable code Calculated values that are never used Unused function parameters Unused local variables … KLOCWORK PROPRIETARY
  • Ship higher quality and more secure products on-time KLOCWORK PROPRIETARY Test teams can focus on customer requirements not programming bugs Code Analysis & Refactoring: Errors and design cleaned-up prior to check-in Build Analysis: Builds are cleaner, more stable and reliable, leading to less downtime Architecture Analysis: Ensure architecture and maintainability doesn’t erode Collaborative Code Reviews: Focus on critical design & requirement issues
  • Code Review – Necessary but Ad-hoc
    • Majority say code reviews mandatory but no formal process to determine participants
    KLOCWORK PROPRIETARY Source: A commissioned study conducted by Forrester Consulting on behalf of Klocwork, February 2010
  • Collaborative Code Review Confidential
    • Combining Static Analysis with Peer Code Review
    • Issues found with automated analysis shown in code review interface
    • Allows review to focus on critical requirements and design
    • Enabling Collaboration & Communication
    • No need for in-person meetings – participants communicate remotely
    • All discussion threads and actions easily accessible and versioned
    • Incorporating Social Media Concepts
    • Simple “wall” concept for all code check-ins and actions
    • Customizable RSS to monitor check-ins most important to you
  • Product Demo... CONFIDENTIAL
  • Questions?
    • Todd Landry, Senior Product Manager
      • [email_address]
      • Twitter @todd_landry
    • Brendan Harrison, Director of Marketing
      • [email_address]
      • Twitter @brendanharrison
    Confidential