Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)

624 vues

Publié le

Qualimétrie et Securité logiciel et IT gouvernance
05/10/17 - Sophia Antipolis

Publié dans : Logiciels
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Soirée du Test Logiciel - Présentation de Kiuwan (Jack ABDO)

  2. 2. P R O D U C T & C O M P A N Y O V E R V I E W
  3. 3. P R O D U C T & C O M P A N Y O V E R V I E W Enterprise Software Analytics Solutions Enterprise Software Analytics Cloud Platform Born in 2008 US Headquarters ORLANDO, FLORIDA EU Headquarters MADRID, SPAIN
  4. 4. P R O D U C T & C O M P A N Y O V E R V I E W Madrid Florida Santiago de Chile Paris Milan Headquarters Offices
  5. 5. P R O D U C T & C O M P A N Y O V E R V I E W
  6. 6. P R O D U C T & C O M P A N Y O V E R V I E W … AND MANY MORE
  7. 7. P R O D U C T & C O M P A N Y O V E R V I E W Customers in COUNTRIES 25 4000+ USERS
  8. 8. P R O D U C T & C O M P A N Y O V E R V I E W
  9. 9. P R O D U C T & C O M P A N Y O V E R V I E W
  10. 10. P R O D U C T & C O M P A N Y O V E R V I E W • Time to Market • Cost of new functionalities • Do more with less • Decision times • Maintenance costs • Technical debt • Software defects • End customer experience • Added value from apps • Effectiveness in business and apps • Agility in bringing new products • Apps’ efficiency • Productivity developments • Software quality • Application performance • Security applications • Software architecture portfolio • Service loss risks • Security problems • SLA launch delivery breaches • Normative breaches • Defective deliverables • Development risk • Development extra efforts
  11. 11. P R O D U C T & C O M P A N Y O V E R V I E W How I can improve existing applications with less effort? What providers / team performs best? What is the most suitable supplier for a technology or business area? Which apps can go on to testing phase? Is there a supplier risk? In which business area should I invest more? What business areas and apps are more prone to security vulnerabilities? What would be the required effort if we want to get the most benefit when fixing defects and vulnerabilities? How does the behavior of a provider affect my Time To Market? How do I establish a technical SLA to a development provider?
  12. 12. P R O D U C T & C O M P A N Y O V E R V I E W With an increasing dependence on complex applications and infrastructures, you need the overall picture. To make informed decisions, Kiuwan offers a suite of products to solve your Security, Code Analysis, Application Architecture, Life Cycle and Governance needs, offering an Enterprise ready end-to-end platform.
  13. 13. P R O D U C T & C O M P A N Y O V E R V I E W The Kiuwan product platform CODE ANALYSIS CODE SECURITY ARCHITECTURE LIFE CYCLE GOVERNANCE (*) July 2017
  14. 14. P R O D U C T & C O M P A N Y O V E R V I E W CODE ANALYSIS Kiuwan Code Analysis offers developers unparalleled scope in the detection of errors and reduction of incidents during production, smoothly integrating within continuous development processes. Identify code defects in a collaborative, unlocalized manner and manage your remediation efforts. Includes a models visual configurator and tailored reports. Analyze more than 30 languages, such as… Gain unparalleled scope with extraordinary ease
  15. 15. P R O D U C T & C O M P A N Y O V E R V I E W CODE ANALYSIS Highlights • No installation. • No configuration. • Collaborative platform between development teams and software vendors. Create all the users you need. • Reduces production incidents and errors detected in early tests performing validations of source code. • It reduces development time making your development teams and suppliers comply with market standards. • The code never leaves your infrastructure (behind the firewall) using the local analyzer. • Visual configurator to create models to select the rules and properties of the analyzer. • Generation of indicators to make comparisons and measure developments and trends. • Technical debt reduction. Manages the effort needed to correct the major flaws found. • Make automatic or manual action plans and perform an automated monitoring of its implementation. • Analyze continuously with Jenkins every time you build your application. • Complete history of your analyses. • Differential reports to find out what defects have been introduced or removed in each version. • Editor deletions (defects mute) that recalculates metrics and indicators without having to re-analyze. • Grouping or filtering application portfolios to facilitate data analysis. • Code Analysis engine can also run PMD, Checkstyle and Findbugs rules. • Develop your own coding rules using Code Analysis development of rules and SDK for Eclipse. • Import defect metrics from external analyzers and enjoy the capabilities Code Analysis offers with that data: mute defects, action plans, setting rules, etc. • PDF report generation at executive level. • CSV generation with defects and metrics. • Export an action plan to Jira, PDF or CSV.
  16. 16. P R O D U C T & C O M P A N Y O V E R V I E W Code Analysis enforces a rigorous approach in the detection of security vulnerabilities. Integrated in the development process, Kiuwan’s Code Analysis provides risk and cost reduction thanks to the detection and correction of newly introduced vulnerabilities, as well as increasing the overall security of your applications. We strive to meet the most stringent requirements and our compliance reports meet the most stringent market standards: CODE SECURITY Focusing on security
  17. 17. P R O D U C T & C O M P A N Y O V E R V I E W Security highlights • Polyglot: Up to 30 programming languages • Version comparison of vulnerabilities introduced or corrected during maintenance projects. • Generate custom action plans and automatically evaluate their enforcement. • Perform audits to meet code standards and regulatory requirements. • Security risk rating at application level. • Improve team scalability. • Custom rule creation • Incremental scan • Seamless IDE & SDLC integration Vulnerabilities • Uninitialized Variables • Application Misconfiguration • Credential/Session Prediction • Directory Indexing • Insufficient Authorization/Authentication • Automatic Reference Counting • Cross Site Request Forgery • Information Leakage • Insufficient Transport Layer Protection • Insufficient Binary Protection • Cross Site Scripting • Injection Attacks Reliability issues • Data Race • Deadlock • Null-Pointer dereference • Division by zero • Interprocess Communication • OS Commanding • Insecure Cryptography • SQL injection • Cryptographic Related Attacks • Buffer Overrun • Free Non-Heap Variable • Use After-Free • Double Free/Close • Format String Vulnerability • Return Pointer To Local • Double close • Dangerous Function Cast • Resource Leak CODE SECURITY
  18. 18. P R O D U C T & C O M P A N Y O V E R V I E W ARCHITECTURE Full visibility into applications’ architecture Kiuwan Architecture automatically creates visual application maps based on the dependencies an relationships of all their components. Works seamlessly with Kiuwan Code Analysis and Code Security to have all the security and quality information of individual components right on the map. Be in full control of your applications’ structure and run comprehensive impact analysis to find the components affected by any future change
  19. 19. P R O D U C T & C O M P A N Y O V E R V I E W LIFE CYCLE Full end-to-end control Kiuwan Life Cycle sensibly reduces development time, testing & integration prematurely by auditing, monitoring and automatically analyzing change requests within their respective environments. Be in full control of your applications’ deliveries from the start, with the ability to compare baseline modifications in order to detect new defects during the development process.
  20. 20. P R O D U C T & C O M P A N Y O V E R V I E W LIFE CYCLE Highlights • Monitor the base of your application online. • Define checkpoints and audits tailored to each type of project or change request. • Promotion analysis baseline delivery after acceptance of deliverable without rescanning. Change request promotion to baseline after acceptance of deliverable without rescanning. • Independent environments based on views to compare different versions of applications. VIews to compare different versions of applications in independent environments (Dev, test, production, etc.) • State management for change requests or development projects (in progress, resolved, etc). • Decide whether the status of the new versions is right to promote objective information using applications. • Automatically check control points continuously during the construction or maintenance phases to ensure that applications do not degrade over time after modifications. • Automate the entire process making Life Cycle connect with your continuous integration system (eg. Jenkins). • Define permissions and roles for your users. Control what information and what actions every member of the team can perform. • Reporting with defaults and effort required to repair deliveries. • Control the work being done by each development team or each software vendor. • Generate reports in PDF with detailed info on non-conformant deliveries delivery breaches.
  21. 21. P R O D U C T & C O M P A N Y O V E R V I E W GOVERNANCE Executive overview all the way to the deepest insights The most complete tool in the market to manage your application portfolio. Executive overview all the way to the deepest insights. Make fast and reliable decisions that will help the entire team. Learn your risks and anticipate them with the ability to measure the productivity and activity of your team or external providers to negotiate your SLA’s, understanding their path and enjoying a unique vantage point.
  22. 22. P R O D U C T & C O M P A N Y O V E R V I E W GOVERNANCE Highlights • Filter and group applications by portfolios created at any time. Filter and group information by applications portfolios at any time. • Analyze the most important business risks. • Compare different portfolios of applications for important information about suppliers, business areas, equipment or technology development. • Detect risky applications using different decision quadrants: • Detect business risks. • Detect production risks. • Detect applications and portfolios with low maintainability index. • Detect applications and portfolios with potential security vulnerabilities. • Analyze the evolution of your portfolio of applications to predict early form where they will become problems. • Record the activity of your development teams and software vendors, both in application and maintenance projects or change requests. • Compare number of rejected deliveries from suppliers. • Detect deviations from suppliers in compliance with industry standards. • Full historical information to know what was the exact situation at any given point in time. • Cross-reference data from different application portfolios. • Define permissions and roles for your users. Control what information and what actions every member of the team can perform. • Reporting of government meetings in PDF. • Define service-level agreements (SLA) to be met by each provider and verify compliance. • Measure and compare the level of productivity of each team member in a given time interval.
  23. 23. P R O D U C T & C O M P A N Y O V E R V I E W Headquarters 2600 Lake Lucien Drive Suite 115 Maitland. FL 32751. USA --------------------------- +1 9045 123 050 (USA) contact@kiuwan.com partners@kiuwan.com --------------------------- Try Kiuwan Software Analytics for free at kiuwan.com