SlideShare una empresa de Scribd logo

Maintainability Sogeti Qx Day 2020

P
Peter Rombouts

Slidedeck October 1st 2020, Sogeti Qx Day

Tecnología
1 de 19
Descargar para leer sin conexión
QXDay2020 Team up for Quality Engineering Hoe zorg je dat code onderhoudbaar is? Peter Rombouts Senior Technology Consultant Sogeti
Security Classification © 2019 Sogeti. All rights reserved. 2Presentation title | Date 2 Wie ben ik https://peterrombouts.nl https://www.twitter.com/prombouts https://www.github.com/prombouts https://labs.sogeti.com Senior Technology Consultant Peter Rombouts Cloud Software Architect  Meer dan 18 jaar ervaring in IT  Gepassioneerd over Software Development, Architectuur en Cloud SogetiLabs Fellow  Azure  Cloud  Cognitive Services  Software Development Multi CloudQSD
Security Classification © 2019 Sogeti. All rights reserved. 3Presentation title | Date Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models Ook wel ISO 25010 genoemd Wat is Software Quality?
Security Classification © 2019 Sogeti. All rights reserved. 4Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 5Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 6Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
Security Classification © 2019 Sogeti. All rights reserved. 7Presentation title | Date Richtlijnen (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
Security Classification © 2019 Sogeti. All rights reserved. 8Presentation title | Date Richtlijnen (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
Security Classification © 2019 Sogeti. All rights reserved. 9Presentation title | Date Tools Hoe te kiezen: Static Code Analysis? Software Composition Analysis?
Security Classification © 2019 Sogeti. All rights reserved. 10Presentation title | Date Welke tooling is beschikbaar? Analyseert de (lines of) code. Normaliter in pipelines en geautomatiseerd. Voorbeelden: • SonarQube • PMD • NDepend • BinSkim Analyseert de dependencies Doorgaans standalone producten met notificaties. Wordt ook vaak ingezet om te controleren of licenties van open-source packages in lijn zijn met policies. Voorbeelden: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
Security Classification © 2019 Sogeti. All rights reserved. 11Presentation title | Date Welke tooling is beschikbaar? Analyseert de (lines of) code. Normaliter in pipelines en geautomatiseerd. Voorbeelden: • SonarQube • PMD • NDepend • BinSkim Analyseert de dependencies Doorgaans standalone producten met notificaties. Wordt ook vaak ingezet om te controleren of licenties van open-source packages in lijn zijn met policies. Voorbeelden: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
Security Classification © 2019 Sogeti. All rights reserved. 12Presentation title | Date Static Code Analysis: SonarQube
Security Classification © 2019 Sogeti. All rights reserved. 13Presentation title | Date Software Composition Analysis: WhiteSource Bolt
Security Classification © 2019 Sogeti. All rights reserved. 14Presentation title | Date Software Composition Analysis: WhiteSource Bolt
Security Classification © 2019 Sogeti. All rights reserved. 15Presentation title | Date Software Composition Analysis: WhiteSource Bolt
16Sogeti Global Overview | © 2019 Sogeti. All rights reserved.Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Mind The (Tool) Gap!
Security Classification © 2019 Sogeti. All rights reserved. 17Presentation title | Date Hoe nu verder?
Security Classification © 2019 Sogeti. All rights reserved. 18Presentation title | Date Hoe nu verder?
QXDay2020 Team up for Quality Engineering Vragen? peter.rombouts@sogeti.com https://peterrombouts.nl https://labs.sogeti.com Twitter @prombouts GitHub @prombouts

Recomendados

Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowPeter Rombouts
 
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewWebinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewSynopsys Software Integrity Group
 
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingWebinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingSynopsys Software Integrity Group
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisCarlos Andrés García
 
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Synopsys Software Integrity Group
 
Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Synopsys Software Integrity Group
 
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
 

Recomendados

Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowPeter Rombouts
 
Webinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewWebinar–The 2019 Open Source Year in Review
Webinar–The 2019 Open Source Year in ReviewSynopsys Software Integrity Group
 
Webinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingWebinar–What You Need To Know About Open Source Licensing
Webinar–What You Need To Know About Open Source LicensingSynopsys Software Integrity Group
 
OpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentOpenChain: How to manage OSS licenses for CI/CD development
OpenChain: How to manage OSS licenses for CI/CD developmentShane Coughlan
 
Automate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisAutomate and Enhance Application Security Analysis
Automate and Enhance Application Security AnalysisCarlos Andrés García
 
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...
Do Design Quality and Code Quality Matter in Merger and Acquisition Tech Due ...Synopsys Software Integrity Group
 
Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Webinar–You've Got Your Open Source Audit Report–Now What?
Webinar–You've Got Your Open Source Audit Report–Now What? Synopsys Software Integrity Group
 
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...
Bosch: AN UPDATE ON OUR ACTIVITIES IN AUTOMATING OSS COMPLIANCE: A WORKING SH...Shane Coughlan
 
Open Source at Scania
Open Source at ScaniaOpen Source at Scania
Open Source at ScaniaShane Coughlan
 
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...Shane Coughlan
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This WorksSynopsys Software Integrity Group
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixShane Coughlan
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introShane Coughlan
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photoboothiText Group nv
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Cisco
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite ProjectsTiberius Forrester
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesJuan Pablo Sáenz
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsProtecode
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsCisco Webex
 
Spo2 r33
Spo2 r33Spo2 r33
Spo2 r33SelectedPresentations
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Codemotion
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Black Duck by Synopsys
 
vivek_resume1
vivek_resume1vivek_resume1
vivek_resume1Vivek kumar Pandit
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainablePeter Rombouts
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfICS
 

Más contenido relacionado

La actualidad más candente

OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...Shane Coughlan
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonShane Coughlan
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixShane Coughlan
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introShane Coughlan
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photoboothiText Group nv
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Cisco
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021Shane Coughlan
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite ProjectsTiberius Forrester
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainShane Coughlan
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesJuan Pablo Sáenz
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesShane Coughlan
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsProtecode
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsCisco Webex
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Codemotion
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Black Duck by Synopsys
 

La actualidad más candente (20)

Open Source at Scania
Open Source at ScaniaOpen Source at Scania
Open Source at Scania
 
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
OpenChain Webinar #11 - Open Source Issues Remediation - Jari Koivisto - 2020...
 
Webinar–That is Not How This Works
Webinar–That is Not How This WorksWebinar–That is Not How This Works
Webinar–That is Not How This Works
 
OpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - LyonOpenChain Automotive Work Group Meeting #2 - Lyon
OpenChain Automotive Work Group Meeting #2 - Lyon
 
Osborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrixOsborne Clarke - OpenChain - FOSSmatrix
Osborne Clarke - OpenChain - FOSSmatrix
 
OpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-introOpenChain Webinar #11 - cii-bp-badge-intro
OpenChain Webinar #11 - cii-bp-badge-intro
 
Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photobooth
 
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
Embed Spark calling SDK in Your App - Olivier PROFFIT - Cisco Live Berlin 2017
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021
 
OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021OpenChain Automation Case Study - September to December 2021
OpenChain Automation Case Study - September to December 2021
 
Licensing in Composite Projects
Licensing in Composite ProjectsLicensing in Composite Projects
Licensing in Composite Projects
 
Free and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply ChainFree and Open Source Software - Challenges for the Automotive Supply Chain
Free and Open Source Software - Challenges for the Automotive Supply Chain
 
Easing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code RecipesEasing IoT Development for Novice Programmers Through Code Recipes
Easing IoT Development for Novice Programmers Through Code Recipes
 
OpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case StudiesOpenChain Continual Improvement Case Studies
OpenChain Continual Improvement Case Studies
 
Licensing in Composite Open Source Projects
Licensing in Composite Open Source ProjectsLicensing in Composite Open Source Projects
Licensing in Composite Open Source Projects
 
How to Effectively Manage Virtual Teams
How to Effectively Manage Virtual TeamsHow to Effectively Manage Virtual Teams
How to Effectively Manage Virtual Teams
 
Spo2 r33
Spo2 r33Spo2 r33
Spo2 r33
 
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
Fabrizio Cornelli - Securing Android Apps by Reversing - Codemotion Milan 2018
 
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
Strategies to Reap the Benefits of Software Patents in an Open Source Softwar...
 
vivek_resume1
vivek_resume1vivek_resume1
vivek_resume1
 

Similar a Maintainability Sogeti Qx Day 2020

Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainablePeter Rombouts
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfICS
 
How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?SecPod
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?Hank Preston
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsSynopsys Software Integrity Group
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel Bessie Wang
 
Cilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshChristian Posta
 
DevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDavide Cioccia
 
How to Implement Organization Wide Cyber Hygiene?
How to Implement Organization Wide Cyber Hygiene?How to Implement Organization Wide Cyber Hygiene?
How to Implement Organization Wide Cyber Hygiene?SecPod
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Denim Group
 
devops ppt for hjs jsdjhjd hsdbusinees.pptx
devops ppt for hjs jsdjhjd hsdbusinees.pptxdevops ppt for hjs jsdjhjd hsdbusinees.pptx
devops ppt for hjs jsdjhjd hsdbusinees.pptxDeepakgupta273447
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis Perforce
 
Preventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodePreventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodeDevOps.com
 
The Role of Standards in IoT Security
The Role of Standards in IoT SecurityThe Role of Standards in IoT Security
The Role of Standards in IoT SecurityHannes Tschofenig
 

Similar a Maintainability Sogeti Qx Day 2020 (20)

Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainable
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?How to Achieve NIST Compliance using SanerNow?
How to Achieve NIST Compliance using SanerNow?
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps
 
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software AssetsWebinar – Streamling Your Tech Due Diligence Process for Software Assets
Webinar – Streamling Your Tech Due Diligence Process for Software Assets
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel
 
Cilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo Mesh
 
DevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bddDevSecCon Boston2018 - advanced mobile security automation with bdd
DevSecCon Boston2018 - advanced mobile security automation with bdd
 
Webinar–Reviewing Modern JavaScript Applications
Webinar–Reviewing Modern JavaScript ApplicationsWebinar–Reviewing Modern JavaScript Applications
Webinar–Reviewing Modern JavaScript Applications
 
How to Implement Organization Wide Cyber Hygiene?
How to Implement Organization Wide Cyber Hygiene?How to Implement Organization Wide Cyber Hygiene?
How to Implement Organization Wide Cyber Hygiene?
 
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
Continuous Authority to Operate (ATO) with ThreadFix – Bringing Commercial In...
 
Webinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at ScaleWebinar–Best Practices for DevSecOps at Scale
Webinar–Best Practices for DevSecOps at Scale
 
devops ppt for hjs jsdjhjd hsdbusinees.pptx
devops ppt for hjs jsdjhjd hsdbusinees.pptxdevops ppt for hjs jsdjhjd hsdbusinees.pptx
devops ppt for hjs jsdjhjd hsdbusinees.pptx
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
 
Preventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodePreventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from Code
 
The Role of Standards in IoT Security
The Role of Standards in IoT SecurityThe Role of Standards in IoT Security
The Role of Standards in IoT Security
 

Último

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Último (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Maintainability Sogeti Qx Day 2020

  • 1. QXDay2020 Team up for Quality Engineering Hoe zorg je dat code onderhoudbaar is? Peter Rombouts Senior Technology Consultant Sogeti
  • 2. Security Classification © 2019 Sogeti. All rights reserved. 2Presentation title | Date 2 Wie ben ik https://peterrombouts.nl https://www.twitter.com/prombouts https://www.github.com/prombouts https://labs.sogeti.com Senior Technology Consultant Peter Rombouts Cloud Software Architect  Meer dan 18 jaar ervaring in IT  Gepassioneerd over Software Development, Architectuur en Cloud SogetiLabs Fellow  Azure  Cloud  Cognitive Services  Software Development Multi CloudQSD
  • 3. Security Classification © 2019 Sogeti. All rights reserved. 3Presentation title | Date Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models Ook wel ISO 25010 genoemd Wat is Software Quality?
  • 4. Security Classification © 2019 Sogeti. All rights reserved. 4Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
  • 5. Security Classification © 2019 Sogeti. All rights reserved. 5Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
  • 6. Security Classification © 2019 Sogeti. All rights reserved. 6Presentation title | Date De Internationale Standaard definieert: Quality in Use Model Product Quality Model
  • 7. Security Classification © 2019 Sogeti. All rights reserved. 7Presentation title | Date Richtlijnen (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
  • 8. Security Classification © 2019 Sogeti. All rights reserved. 8Presentation title | Date Richtlijnen (SIG) 1. Write Short Units of Code 2. Write Simple Units of Code 3. Write Code Once 4. Keep Unit Interfaces Small 5. Separate Concerns in Modules 6. Couple Architecture Components Loosely 7. Keep Architecture Components Balanced 8. Keep Your Codebase Small 9. Automate Tests 10.Write Clean Code SIG was established in 2000. Its roots can be traced back to the Dutch National Research Institute for Mathematics and Computer Science (Centrum voor Wiskunde en Informatica [CWI]).
  • 9. Security Classification © 2019 Sogeti. All rights reserved. 9Presentation title | Date Tools Hoe te kiezen: Static Code Analysis? Software Composition Analysis?
  • 10. Security Classification © 2019 Sogeti. All rights reserved. 10Presentation title | Date Welke tooling is beschikbaar? Analyseert de (lines of) code. Normaliter in pipelines en geautomatiseerd. Voorbeelden: • SonarQube • PMD • NDepend • BinSkim Analyseert de dependencies Doorgaans standalone producten met notificaties. Wordt ook vaak ingezet om te controleren of licenties van open-source packages in lijn zijn met policies. Voorbeelden: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
  • 11. Security Classification © 2019 Sogeti. All rights reserved. 11Presentation title | Date Welke tooling is beschikbaar? Analyseert de (lines of) code. Normaliter in pipelines en geautomatiseerd. Voorbeelden: • SonarQube • PMD • NDepend • BinSkim Analyseert de dependencies Doorgaans standalone producten met notificaties. Wordt ook vaak ingezet om te controleren of licenties van open-source packages in lijn zijn met policies. Voorbeelden: • WhiteSource • WhiteSource Bolt • Snyk • Fossa • npm-audit • David (Node.JS) Static Code Analysis Software Composition Analysis
  • 12. Security Classification © 2019 Sogeti. All rights reserved. 12Presentation title | Date Static Code Analysis: SonarQube
  • 13. Security Classification © 2019 Sogeti. All rights reserved. 13Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 14. Security Classification © 2019 Sogeti. All rights reserved. 14Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 15. Security Classification © 2019 Sogeti. All rights reserved. 15Presentation title | Date Software Composition Analysis: WhiteSource Bolt
  • 16. 16Sogeti Global Overview | © 2019 Sogeti. All rights reserved.Sogeti Global Overview | © 2019 Sogeti. All rights reserved. Mind The (Tool) Gap!
  • 17. Security Classification © 2019 Sogeti. All rights reserved. 17Presentation title | Date Hoe nu verder?
  • 18. Security Classification © 2019 Sogeti. All rights reserved. 18Presentation title | Date Hoe nu verder?
  • 19. QXDay2020 Team up for Quality Engineering Vragen? peter.rombouts@sogeti.com https://peterrombouts.nl https://labs.sogeti.com Twitter @prombouts GitHub @prombouts

Notas del editor

  1. Quality in Use -> 5 characteristics related to outcomes of interaction with a system (including users) Product Quality Model -> Focuses on target computer system that includes the target software product.
  2. Quality in Use -> 5 characteristics related to outcomes of interaction with a system (including users) Product Quality Model -> Focuses on target computer system that includes the target software product.
  3. 1. Modularity 2. Reusability 3. Analyzability 4. Modifiability 5. Testability
  4. At the time of writing, in total SIG has analyzed 7.1 billion lines of code, and 72.7 million new lines of code are uploaded to SIG weekly. SIG is the only organization in the world certified by TÜViT for Trusted Product Maintainability. we have selected metrics that: • Are contained in a set as small as possible • Are technology-independent • Are easy to measure • Enable a meaningful comparison of real-world enterprise software systems
  5. At the time of writing, in total SIG has analyzed 7.1 billion lines of code, and 72.7 million new lines of code are uploaded to SIG weekly. SIG is the only organization in the world certified by TÜViT for Trusted Product Maintainability. we have selected metrics that: • Are contained in a set as small as possible • Are technology-independent • Are easy to measure • Enable a meaningful comparison of real-world enterprise software systems
  6. Many tools, what is the ‘golden record’ Another time, another session! C? XML? T-SQL, PL-SQL NIET gratis?
  7. RDP Session
  8. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  9. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  10. Edge: https://dev.azure.com/sogetiazurefundamentals/sogetiazurefundamentals/_build/results?buildId=258&view=whitesource.ws-bolt.build-tab.wss
  11. Tool gap! Hard to interpret Will never replace pair programming. Peer review, Expert review.
  12. Turning the Guidelines into Practice Ensuring that your code is easy to maintain depends on two behaviors in your daily routine: discipline and setting priorities. Discipline Lower-Level (Unit) Guidelines Take Precedence Over Higher-Level (Component) Guidelines\ Remember That Every Commit Counts
  13. Turning the Guidelines into Practice Ensuring that your code is easy to maintain depends on two behaviors in your daily routine: discipline and setting priorities. Discipline Lower-Level (Unit) Guidelines Take Precedence Over Higher-Level (Component) Guidelines\ Remember That Every Commit Counts 15 -> SKIP INDIEN NO TIME