Code Review | 2010


Published on

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Code Review | 2010

  1. 1. Collaborative Code Review Klocwork Webinar Series Todd Landry & Brendan Harrison CONFIDENTIAL
  2. 2. Klocwork Introduction <ul><li>Klocwork provides a family of developer and team productivity tools built on our industry leading source code analysis capability </li></ul><ul><li>Technology pioneer, proven track record </li></ul>KLOCWORK PROPRIETARY <ul><ul><li>First to market (2004) to provide both quality and security vulnerability analysis </li></ul></ul>Passed 650 Customer milestone (Dec 2009) Introduced Integrated Continuous Analysis, Refactoring & Code Review (2009) Closed largest Q1 in company history (2009) First to market (2003) with architecture solution integrated with bug detection Awarded InfoWorld Technology of the Year Award (2007)
  3. 3. Over 650 customers worldwide Network & Telecom Finance & Insurance Spotlight Success: 3 of the top 5 computer and internet and software companies 5 of the top 10 global medical device companies 5 of the top 7 US aerospace and defense firms 5 of the top 7 global chip manufacturers 5 of the top 10 global network equipment providers “ The addition of Klocwork's best-of-breed source code analysis solution for identifying defects early in the development process will allow us to further enhance our reputation for market leadership and innovation while reducing our development costs and improving the development process.“ Orly Nicklass, Ph.D. , Head of R&D of Carrier Switches, Nokia Siemens Networks KLOCWORK PROPRIETARY
  4. 4. Klocwork Insight Pro Static Analysis | Peer Code Review | Refactoring CONFIDENTIAL
  5. 5. <ul><li>Klocwork Truepath™ static analysis engine is foundation for our capabilities </li></ul><ul><li>Uses a combination of build process comprehension, code compilation, dataflow, and symbolic execution techniques </li></ul><ul><li>Can detect a wide variety of issues in C, C++, Java and C# </li></ul>Quality & Reliability Memory and resource leaks Using de-allocated memory Incorrect memory de-allocation Dereferencing NULL pointers Usage of uninitialized data Resource management Concurrency violations … Security Vulnerability Buffer overflow Un-validated user input SQL injection Path injection File injection Cross-site scripting Information leakage Weak encryption Vulnerable coding practices … Maintainability Architectural violations Header file structure Dead code Unreachable code Calculated values that are never used Unused function parameters Unused local variables … KLOCWORK PROPRIETARY
  6. 6. Ship higher quality and more secure products on-time KLOCWORK PROPRIETARY Test teams can focus on customer requirements not programming bugs Code Analysis & Refactoring: Errors and design cleaned-up prior to check-in Build Analysis: Builds are cleaner, more stable and reliable, leading to less downtime Architecture Analysis: Ensure architecture and maintainability doesn’t erode Collaborative Code Reviews: Focus on critical design & requirement issues
  7. 7. Code Review – Necessary but Ad-hoc <ul><li>Majority say code reviews mandatory but no formal process to determine participants </li></ul>KLOCWORK PROPRIETARY Source: A commissioned study conducted by Forrester Consulting on behalf of Klocwork, February 2010
  8. 8. Collaborative Code Review Confidential <ul><li>Combining Static Analysis with Peer Code Review </li></ul><ul><li>Issues found with automated analysis shown in code review interface </li></ul><ul><li>Allows review to focus on critical requirements and design </li></ul><ul><li>Enabling Collaboration & Communication </li></ul><ul><li>No need for in-person meetings – participants communicate remotely </li></ul><ul><li>All discussion threads and actions easily accessible and versioned </li></ul><ul><li>Incorporating Social Media Concepts </li></ul><ul><li>Simple “wall” concept for all code check-ins and actions </li></ul><ul><li>Customizable RSS to monitor check-ins most important to you </li></ul>
  9. 9. Product Demo... CONFIDENTIAL
  10. 10. Questions? <ul><li>Todd Landry, Senior Product Manager </li></ul><ul><ul><li>[email_address] </li></ul></ul><ul><ul><li>Twitter @todd_landry </li></ul></ul><ul><li>Brendan Harrison, Director of Marketing </li></ul><ul><ul><li>[email_address] </li></ul></ul><ul><ul><li>Twitter @brendanharrison </li></ul></ul>Confidential