Code analysis (QA)

// PLATFORMS: AVAILABLE ON ALL PLATFORMS

Safeguard the future of your application

Kiuwan Code-Analysis (QA) employs a rigorous approach to identify technical debts in your code and seamlessly integrates into continuous development processes. With Kiuwan QA you can quickly deploy relevant countermeasures in a collaborative and de-central environment to deal with technical debt identified in your applications. Kiuwan Code Analysis gives you objective information about the status of your application: what risks does the code hide, how complex is the application, and to what extent are you ready for the future?

Advantages

Consistent analysis of the entire organisation using centrally managed guidelines

Identification of quality shortfalls during development in the IDE

Quality assurance prior to Release


Reduce technical debt and avoid new problems


Assess code defects for objective prioritisation of remedies

Appropriate for every SDLC approach including DevOps


Avoiding problems as early as possible within the SDLC (Shift Left)

Properly record code quality

Software quality management solutions use automated tests that draw on static analysis approaches to generate software quality indicators.

With its ability to parse code in almost any current programming language, static analysis helps to assess software against five key quality indicators: software system security, code reliability, code storage efficiency, maintainability and portability. Collectively, these indicators represent the most important characteristics of high-quality code. Developers and decision makers need to draw on the indicators generated by static analysis for quality control. This means: the focus lies on producing secure, reliable, maintainable, portable and scalable code.

Quality – the basis for further development

There is no alternative to securing and improving cope quality or complexity as a basis for further application development and modernisation. For a long time, code quality was a secondary consideration in development. Instead, continuously increasing requirements and features were emphasised for applications. And yet, not taking code quality into account can lead to dead ends in application development, be it new applications or legacy applications. Kiuwan is a starting point to generate objective information about an application’s maintainability, portability, reliability and relevance. This information can then be assessed in a targeted manner. Fixing or removing code fragments such as dead or duplicate code and complex, nested IF functions makes code more easy to understand and provides a solid foundation for ongoing development and modernisation into a cooperative environment.

“It takes just one glance to see any risks related to your project.”

ThinkApps

Why Kiuwan?

Kiuwan Code Analysis is a cutting edge QA solution. There is much more to it than only its ability to conduct static security analysis. With QA, Kiuwan aimed to achieve fast and accurate results. QA is easy to install, has an intuitive user interface and comes complete with an extensive start configuration. Kiuwan reduced the implementation time substantially to just a few days. Scan results are available in seconds rather than days, are highly accurate and have a low false positive incidence. The solution is highly configurable to suit your specific needs.

Additional functions

Kiuwan Code Analysis provides a comprehensive overview of all security vulnerabilities identified in the source code. It uses industry standard criteria to assess the threat level inherent in identified vulnerabilities. You can create action plans to fix weak spots by either estimating the amount of developer effort needed or defining your target assessment. You determine how you want to evaluate application risks. As a multi-language solution, Kiuwan Code Analysis covers most programming languages which means that every single application can be tested.

Kiuwan in your developer IDE

    • Kiuwan offers plug-ins for Eclipse and IBM Rational Application Developer IDEs.
    • Code is automatically analysed with every save.
    • Identified errors are shown in a dedicated panel.
    • Selecting an error in the panel opens the affected file in the editor at the relevant code line.
    • The editor lists all errors found in the file and highlights error priorities and tool tips along with descriptions.
    • Filter function for identified errors.
    • Additional panel with relevant intrinsic code metrics such as cyclomatic complexity and more.
    • Automatic plug-in updates

Governance dashboard

    • Decision matrices – identify risky applications using decision matrices.
    • Evolution – Predictive analysis of your application’s portfolio development.
    • Activity – Document your developer team and software provider activities in application and maintenance projects and in relation to changing requirements.