从头开始编写代码带来的新风险_AI阅读总结 — 包阅AI

Digital assets, including apps and websites, are a must-have for organizations, and those that are innovative, intuitive, and fun to use can go a long way toward building long-lasting customer relationships. Creativity helps businesses stand out in a crowded marketplace, but many need to realize that they don’t need to reinvent the wheel and start the app development process from scratch.

In many new app development projects, a significant portion of the required code has already been written — up to 70% is often readily available. This code may originate from open source projects or have been previously developed by developers within the organization.

Despite the abundance of existing code, efforts to prioritize code reuse have historically faced challenges. Solutions such as low- or no-code platforms often force disruption and demand new, non-transferable skill sets, contributing to resistance and failure. Many of these solutions also need more technical maturity to deliver on their promises.

This is why organizations turn to CodeOps, an AI-driven software development process prioritizing systematic code reuse. This helps teams avoid wasting time reinventing the wheel and, more importantly, significantly reduces the risks associated with writing code from scratch, including:

1. Security. Software security issues are widespread. According to a Gartner survey, over half of organizations report experiencing software-related security issues within the past six months. The sources of those security issues varied — 42% said open source code, 40% said code in purchased tools, and 38% cited legacy code.

The best way to ensure an app does not have code-based security vulnerabilities is to reuse vetted and scanned code. Organizations should implement ongoing security and vulnerability updates on all dependencies using tools such as GitHub’s Dependabot. The idea is to prevent new vulnerabilities from infiltrating an app using regular and automated scans and machine learning for better accuracy.

Data-centric organizations should take additional precautions as appropriate to protect sensitive or confidential data, but leveraging pre-vetted code provides assurances that vulnerabilities will not stem from the code level of an application.

2. Governance and compliance. The rise of data protection regulations such as GDPR in Europe and CCPA in California has created even more risk. While a data security breach could be bad for business for reasons including lost revenue, a damaged reputation, or lower customer satisfaction, organizations are now also subject to legal penalties if they don’t properly protect sensitive data. Properly protecting data is a shared responsibility, but software developers play a significant role.

The penalties can be hefty depending on the size of the breach. In fact, some organizations have paid hundreds of millions of dollars for not properly protecting data. Similarly to security, reusing already compliant code significantly reduces the risk of violating these regulations. That said, as new regulations emerge and existing regulations continue to evolve, it’s important for organizations to regularly audit their code to keep risk at a minimum. Having a centrally managed repository of shared, reusable code modules makes the ongoing code maintenance for regulatory changes far more effective.

3. Budget. Coding from scratch requires talent and resources, but writing code is only the first step — organizations must also test and verify all-new code. Research finds that 38% of businesses spend more than half of their software development lifecycle on testing, indicating that reducing this strain could free team members up to focus on new innovations.

Using already tested and verified code allows teams to expedite (or even eliminate) this step, saving valuable resources and helping organizations get their digital products to market faster.

4. Human capital/capacity. Building on the previous point, beginning a new project from scratch requires hiring or outsourcing teams to actually write the code, but there’s evidence that the developer workforce is becoming increasingly strained. One survey found that roughly 70% of software projects fail to be delivered on time, while more than 80% of software engineers report suffering from burnout.

Further, an IDC forecast says there could be a global shortfall of four million developers by 2025, translating to more than $8 trillion in unrealized revenue by the decade’s end. Implementing a policy of systematic code reuse helps combat these trends by enabling organizations to do more with less.

Furthermore, taking advantage of reusable code to reduce developer toil by handling the commodified elements of an application frees up developers to focus more of their time on the new, differentiated features of an application. This pragmatic approach fosters innovation and helps developers generate new value they otherwise would have never had the bandwidth to deliver.

5. Bad code. Wrong or ineffective code costs organizations both time and money. One study found that accumulating bad code over a five-year span could cost an organization up to $1.5 million, or more than 27,000 developer hours. And that doesn’t consider the potential revenue lost by delaying new features or waning customer satisfaction if bad code creates a poor user experience.

Each of these individual risks has the potential to harm an organization, and combining two or more of them compounds the problem further. The good news for organizations is that CodeOps combines AI and human ingenuity to minimize these risks while saving time and money, a classic case of making dollars and sense.