DEVOPSdigest

MuseDev launched on Github Marketplace the Early Access version of its code analysis platform, Muse, to help developers find and fix critical security, performance, and reliability bugs, efficiently, before they reach QA or production.

Muse makes Continuous Assurance easy to implement, saving time and money, and yielding better code.

Research shows that bugs are 10x more expensive to fix in production than in the development process, while finding errors during code review dramatically reduces these costs and yields higher fix rates. By incorporating code analysis earlier in the process, Muse brings Continuous Assurance to development teams, helping them achieve high security and quality standards without ever interrupting their flow.

"The Security/QA stage is often the last part of the development process to go agile. When security tools exist outside the development workflow, every bug they find slows down development by making developers revisit older code." said Stephen Magill, CEO and co-founder of MuseDev. " We wanted to make it easy to set up a process that delivers a high level of assurance without getting in the way. And that's what we've delivered with Muse."

- Muse finds the most elusive bugs and delivers curated, actionable results. Built for DevOps, Muse integrates seamlessly into the modern development practice with a workflow designed to make it easy for Security and Developer Teams to find and fix errors quickly and collaboratively. MuseBot, the key efficiency driver, automatically analyzes each pull request and delivers bug reports in Github as code review comments, allowing developers to use their current tools and code review processes to handle static analysis results.

- Muse' s advanced analyses are configured for low noise. Code analysis is most effective when a broad range of analyzers are implemented. But tools commonly generate too many false positives and this risk increases as more tools are added. Muse includes a broad set of robust tools that are customized and configured out-of-the-box for low noise Included in our default tool set are the first commercially-supported versions of three powerful tools built by Google and Facebook (ErrorProne, Infer, and Pyre).

- Muse's open platform supports a range of teams. Running on an open API, Muse is fully customizable and can meet the needs of large scale enterprises down to smaller, leaner teams. Muse serves as a central point of integration for automated code scanning, allowing security, development, and QA teams to all add tools that satisfy each of their requirements.

- Muse makes implementation easy. Because code analysis is new to many software organizations, MuseDev is offering program analysis professional services to help enterprises develop and deploy broadbased code analysis that addresses the needs of developers, security, QA engineers, and compliance/audit teams. These services will enable companies to develop and maintain consistent but customizable code analysis across their organizations.

Gene Kim, Wall Street Journal bestselling author, researcher, and multiple award-winning CTO adds: "MuseDev is bringing the incredible developer productivity, security tools, and practices from Google and Facebook and making them accessible to the rest of the world, bringing substantial productivity gains to every organization."

The Muse Early Access launch includes MusePro features, free, for a limited time.

Muse is available as a GitHub app and will always be free for open source projects and other public GitHub repositories. During the Early Access period, analysis of private repos is also available at no cost. Muse's self-hosted Enterprise version (available for Github, Bitbucket, and Gitlab) continues in private beta and will be generally available at the end of the year.