Enabling Developer Education & Continuous Improvement with CAST AIP

by

 “Continuous improvement is the act of continuously doing whatever helps to become better and thus more valuable” – Ben Linders

Continuous Improvement has become an integral part of most Software Engineering teams across the globe. Today, the goal of software engineering is not only to solve a problem, but also to take care of the way the problem is solved. Continuous improvement involves examining processes to proactively determine improvement opportunities. This stands true even when it comes to maintaining the quality of the software.

We, at CAST, understand the need of the engineering team to continuously improve and educating the developers in order to help them deliver better quality, risk-free software. With CAST Dashboard version 1.8, we are pleased to announce the launch of the “Education & Continuous Improvement” feature where a Dev manager can select certain rules for developer’s education, communicate with the team clearly about the importance of the rules with documentation, then monitor the rules for continuous improvement. Let’s see how.

CAST_Add Violations

In Risk investigation, Application investigation, or transaction investigation views, a dev manager can select “Educate on the related rules” option which essentially gives them an opportunity to select whether she wants her team to take action (solving the violations) on the violations or wants to just educate the team on the rules and then monitor the rules for future improvement.  When the “Mark for Action” option is selected, all the newly added violation will move into Action Plan view in the next snapshot. But otherwise, she can just choose to educate the developers on the rule and monitor the progress on the rules for Continuous Improvement.

CAST_Rule Education

The selected rules will be accessible in the Education Tab with actions selected by the dev manager. The dev manager can then send an email to the entire team about related documentation of the rules and notify the team members about the continuous improvement plan. The goal here is to provide relevant documentation on rules that seem important to the team and make sure the team does not create any new violations going forward and remove the violations wherever possible.

CAST_Rules Triggered

The Dev Manager and the team can then access the Improvement page where they can visualize the continuous improvement summary on the rules that have been selected for Continuous Improvement. The screen displays the total, added, removed violations for the rules selected for CI for all the snapshot, which essentially gives a birds-eye view for the team how they are improving. The page displays the key performance indicators –

  • No of violations added/removed in the current snapshot
  • No of violations added/removed since initial snapshot
  • How the total no of violations has progressed over multiple snapshots


The team can then drill down to see the details of violations that have been added and removed in the current snapshot. They can browse through all the added violations, if there is any, and decide the fix them.

CAST_Continuous Improvement

At CAST, we work every day very passionately with a single mission – to provide transparency and visibility into Software Engineering processes and help developers build great software that can change the world. The “Education and Continuous Improvement” feature has been tailor-made for the new-age Engineering teams for them to thrive on learning the best practices in Software Engineering and Continuous improvement. With this feature, we hope our code ninjas of the world will be greatly benefited with their mission of continuous improvement and the organizations will be able to deliver robust, secure, efficient, maintainable software better and faster, with less time to market.

In case you have feedback on the feature, please click here. We are listening!

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Arkapravo Chakraborty
Arkapravo Chakraborty Senior Product Manager
A global product manager, strategic marketing leader, and an IIM Calcutta alumnus, Arka leads the product vision, strategy, and development efforts for CAST Dashboards, Report Generator, and Rest API with the mission to enable the benefits of Software Intelligence for entire Software fraternity. Arka is always keen to explore various software development and management challenges and figure out the ways Software Intelligence can make life better for Software Professionals.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|