Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
As the debate rages on within companies of all sizes on who should "own" software quality, and at what stage(s) of the SDLC should testing be performed, an interesting finding popped up in the most recent SmartBear State of Software Quality | Code Review report. Close to 800 participants in the survey — nearly 80% of which define their roles as either developers, architects, or systems engineers — stated that code review is the number one thing a company can do to improve code quality.
In looking at a previous years' findings, code review also took the top spot in 2020, but it was in a sharp decline from its highest-ever spot in 2019. At the same time, unit testing, which has come in second place each year, was on a sharp upswing in 2020's report, nearly tying code review for the top ranking. However, in 2021, code review is trending upward again, while unit testing is headed in the opposite direction.
No matter which of the two that respondents believe is the best contributor to overall code quality, code review and unit testing enable issues to be spotted and remediated early in the development lifecycle. When performed together — it should never be an "either/or" decision—these two can prevent higher costs to repair, greater threats to scheduled release dates, or bugs slipping through to production and being found by your customers.
As to how often code review sessions are being performed, and how often they perhaps should be performed (though, there is no "one size fits all" for anything in software development), more than 70% of respondents reported that they participate in code review on a weekly basis. At the same time, respondents were asked if they're satisfied with their team's current code review processes. Forty-three percent reported being satisfied, and 11% were very satisfied.
Personally, I'd love to speak with some of the 28%, a pretty large percentage, who reported being simply "neutral" about the code review processes currently being conducted by their teams. Questions like:
Does your whole team share this feeling?
What would make your team more satisfied with more code review frequency?
Moving from ad-hoc to tool-based?
What benefits, not just to your code, but what benefits are you receiving from your code review sessions?
What are you learning?"
Speaking of the learning opportunities available within code review sessions, I was thrilled to see that 82% of respondents (54% agree/28% strongly agree) don't just learn, but learn often, and learn from the other people, not just from the evolutions of their code. Improvements to software quality will likely always be the most important benefit of code review to most developers (90% said so), but 75% rated knowledge sharing highly, 61% said it helps with mentoring new developers, and 52% recognized code review's contribution toward increased collaboration. I love all of these responses.
The invaluable learning that can take place during code review sessions is immensely important to never lose sight of. As teams make knowledge sharing an even greater priority, I think, and hope, we'll see those who "strongly agree" with being satisfied with their current code review processes take up a lot more of the pie than it does today. And to the 11% who are highly satisfied today, congratulations! Now it's time to help others feel the same way.
Industry News
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
Kindo formally launched its channel partner program.
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
Fastly announced the general availability of Fastly AI Accelerator.
Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.
vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.
Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.
CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.
Grid Dynamics announced the launch of its developer portal.
LTIMindtree announced a strategic partnership with GitHub.