Jerome Chiampi
Jerome Chiampi - Product Owner
Jerome Chiampi is a Product Owner at CAST and is responsible for helping clients leverage Software Intelligence products to reduce software risk. He has 20 years of experience working in the software industry and is a trained software development engineer with expertise in assessing software and application security.

Measuring application quality to get useful results requires proper analysis of the right source code perimeter in the most relevant way. But it doesn’t stop with just one measurement, you can follow the evolution of indicators for a given period in order to anticipate potential troubles and to be in a position to make good decisions.

To each task its tool

Here we go again. You probably have heard, since it’s been reported everywhere, that American Airlines was grounded Tuesday, leaving passengers stranded for several hours due to a “computer glitch” in the reservation system. Because of the glitch, gate agents were unable to print boarding passes; and some passengers described being stuck for long stretches on planes on the runway unable to take off or, having landed, initially unable to move to a gate.

Keep an eye on legacy apps, COBOL’s not dead!

False positives are unavoidable and appear in every software application measurement system, with more or less importance. There are several causes to that situation.

False positives in SAM -- Achilles’ heel or Samson's hair?

software quality: Management and development teams put specific processes in place to scan the source code (automatically or not) and control the architecture of the applications they are in charge of. Multiple analyzers are deployed to parse the files that are involved in application implementation and configuration, and they generate results like lists of violations, ranking indexes, quality grades, and health factors.

Use static analysis tools to increase developers’ knowledge

Modern Integrated development environments (IDEs) are equipped with more and more tools to help developers code faster and better. Among these are plug-ins that allow developers to scan the source code for error-prone constructs, dangerous or deprecated statements, or practices that should be avoided. IDEs come in a variety of flavors -- both free and commercial -- but in all cases, developers can install them to improve the quality of the code they produce.

Does an IDE improve software quality?

For enterprise IT applications, it’s all about processing data defined through multiple types and in large volumes of code. Then the number of lines of code devoted to data handling is high enough to encapsulate a large number of software bugs that are waiting for specific events to damage the IT system and impact the business.

Don't Underestimate the Impact of Data Handling