Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
Today's distributed workforce, vastly increased due to the global pandemic, is bringing more challenges for software development teams. With extensive remote collaboration, an effective code review process is more important than ever for ensuring long-term quality of the code base — both from a software defect perspective and for readability.
The link between code review and code quality has been confirmed for the fifth consecutive year in a survey conducted by SmartBear. The survey aims to establish benchmarks for how teams and organizations in the software industry around the world are developing high quality software. Recent findings are based upon aggregated responses from more than 740 software developers, testers, IT/operations professionals, and business leaders across 20 different industries.
Focus on Software Quality
Not surprising, many organizations and teams are focused on delivering quality software. Last year's survey saw an upward trend in satisfaction with quality. This year, satisfaction continued upward with 64% of respondents reporting being satisfied. Over the last five years, at least 55% of respondents indicated they are happy with the quality of software they help deliver.
The fact that more than half of respondents are satisfied with the solutions they are delivering speaks to the sense of ownership teams are having for their contribution and desire to ship quality products. The trend indicates that fewer teams are also sacrificing quality to meet deadlines. It's safe to assume that businesses know rushing unfinished product out the door is not a viable, long-term strategy.
Code Review is the Way to Quality
This year, 24% of respondents to the survey indicated that the number one way a company can improve code quality is through code review. Further, over 80% of respondents who were satisfied with their code review process were also satisfied with the overall quality of their software. This is a similar percentage compared to last year, indicating an unchanged opinion that code review is important in delivering quality.
Roughly 63% of respondents said they participate in some form of code review, at least on a weekly basis. Looking at the data, it's not surprising that the number of people who never do meeting-based reviews is higher than the number of people who never do ad-hoc and tool-based reviews. Meeting-based reviews are often seen as more time consuming than the other forms. Tools like Zoom and Microsoft Teams do make meeting-based reviews, though virtual, a feasible option, especially with the increase in remote workforces.
Improved software quality has been the No. 1 benefit of code reviews since starting this survey in 2016. This was followed by sharing knowledge across the team and the ability to mentor less-experienced developers. Since 2016, there has been a 12% increase in the importance of mentoring less-experienced developers and a 7% increase in knowledge sharing across the team.
Four out of five respondents agree that they often learn from others when they participate in code reviews. These investments by teams in long-term individual improvement create more productive and efficient teams — with better results down the line.
Code Review Recommendations
Based on this survey, these recommendations for using code review positively impact quality:
1. Conduct daily code reviews
2. Do more tool-based reviews
3. Make sure code reviews have clear guidelines
4. Pull reports to get insights on how to improve
5. Using code review plays double duty in onboarding and training new team members
Slow and Smooth Is Faster
US Navy SEALs train with the idea that slow is smooth and smooth is fast. Many software development organizations find themselves going fast and hoping for smooth results — quality, on-time releases. Taking time to review requirements and questions with customers and the entire cross-functional team may feel like a slow process at times, but this ensures the development process goes more smoothly.
If requirements change, which they inevitably do, the team can realign based on new information and continue to move forward in a “slow is smooth” approach. This process provides realignment and keeps everything running more smoothly, which is ultimately faster in the long run.
Industry News
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
Kindo formally launched its channel partner program.
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
Fastly announced the general availability of Fastly AI Accelerator.
Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.
vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.
Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.
CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.
Grid Dynamics announced the launch of its developer portal.
LTIMindtree announced a strategic partnership with GitHub.