Posted in

从头开始编写代码带来的新风险_AI阅读总结 — 包阅AI

包阅导读总结

1. 关键词:CodeOps、代码复用、风险降低、软件开发、组织创新

2. 总结:文章指出组织开发数字资产无需从头开始,现有大量可用代码。CodeOps 能促进系统代码复用,降低从头写代码带来的多方面风险,包括安全、治理合规、预算、人力及代码质量等,节省时间和资金。

3. 主要内容:

– 组织需要创新的数字资产,但不必从头开发应用

– 新开发项目大部分所需代码已存在

– 但优先代码复用面临挑战

– CodeOps 及代码复用的好处

– 避免浪费时间,降低风险

– 如减少安全漏洞、符合治理合规、节省预算、缓解人力压力、避免劣质代码

– 具体风险及应对

– 安全:复用审查过的代码防漏洞,保护数据

– 治理合规:避免违规受罚,定期审计代码

– 预算:节省测试新代码的资源

– 人力:缓解开发者压力,专注创新

– 劣质代码:造成时间和资金损失

思维导图:

文章地址:https://thenewstack.io/coding-from-scratch-creates-new-risks/

文章来源:thenewstack.io

作者:Anand Kulkarni

发布时间:2024/6/21 20:03

语言:英文

总字数:890字

预计阅读时间:4分钟

评分:84分

标签:投稿,软件开发,CodeOps,人工智能,安全


以下为原文内容

本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com

Digital assets, including apps and websites, are a must-have for organizations, and those that are innovative, intuitive, and fun to use can go a long way toward building long-lasting customer relationships. Creativity helps businesses stand out in a crowded marketplace, but many need to realize that they don’t need to reinvent the wheel and start the app development process from scratch.

In many new app development projects, a significant portion of the required code has already been written — up to 70% is often readily available. This code may originate from open source projects or have been previously developed by developers within the organization.

Despite the abundance of existing code, efforts to prioritize code reuse have historically faced challenges. Solutions such as low- or no-code platforms often force disruption and demand new, non-transferable skill sets, contributing to resistance and failure. Many of these solutions also need more technical maturity to deliver on their promises.

This is why organizations turn to CodeOps, an AI-driven software development process prioritizing systematic code reuse. This helps teams avoid wasting time reinventing the wheel and, more importantly, significantly reduces the risks associated with writing code from scratch, including:

1. Security. Software security issues are widespread. According to a Gartner survey, over half of organizations report experiencing software-related security issues within the past six months. The sources of those security issues varied — 42% said open source code, 40% said code in purchased tools, and 38% cited legacy code.

The best way to ensure an app does not have code-based security vulnerabilities is to reuse vetted and scanned code. Organizations should implement ongoing security and vulnerability updates on all dependencies using tools such as GitHub’s Dependabot. The idea is to prevent new vulnerabilities from infiltrating an app using regular and automated scans and machine learning for better accuracy.

Data-centric organizations should take additional precautions as appropriate to protect sensitive or confidential data, but leveraging pre-vetted code provides assurances that vulnerabilities will not stem from the code level of an application.

2. Governance and compliance. The rise of data protection regulations such as GDPR in Europe and CCPA in California has created even more risk. While a data security breach could be bad for business for reasons including lost revenue, a damaged reputation, or lower customer satisfaction, organizations are now also subject to legal penalties if they don’t properly protect sensitive data. Properly protecting data is a shared responsibility, but software developers play a significant role.

The penalties can be hefty depending on the size of the breach. In fact, some organizations have paid hundreds of millions of dollars for not properly protecting data. Similarly to security, reusing already compliant code significantly reduces the risk of violating these regulations. That said, as new regulations emerge and existing regulations continue to evolve, it’s important for organizations to regularly audit their code to keep risk at a minimum. Having a centrally managed repository of shared, reusable code modules makes the ongoing code maintenance for regulatory changes far more effective.

3. Budget. Coding from scratch requires talent and resources, but writing code is only the first step — organizations must also test and verify all-new code. Research finds that 38% of businesses spend more than half of their software development lifecycle on testing, indicating that reducing this strain could free team members up to focus on new innovations.

Using already tested and verified code allows teams to expedite (or even eliminate) this step, saving valuable resources and helping organizations get their digital products to market faster.

4. Human capital/capacity. Building on the previous point, beginning a new project from scratch requires hiring or outsourcing teams to actually write the code, but there’s evidence that the developer workforce is becoming increasingly strained. One survey found that roughly 70% of software projects fail to be delivered on time, while more than 80% of software engineers report suffering from burnout.

Further, an IDC forecast says there could be a global shortfall of four million developers by 2025, translating to more than $8 trillion in unrealized revenue by the decade’s end. Implementing a policy of systematic code reuse helps combat these trends by enabling organizations to do more with less.

Furthermore, taking advantage of reusable code to reduce developer toil by handling the commodified elements of an application frees up developers to focus more of their time on the new, differentiated features of an application. This pragmatic approach fosters innovation and helps developers generate new value they otherwise would have never had the bandwidth to deliver.

5. Bad code. Wrong or ineffective code costs organizations both time and money. One study found that accumulating bad code over a five-year span could cost an organization up to $1.5 million, or more than 27,000 developer hours. And that doesn’t consider the potential revenue lost by delaying new features or waning customer satisfaction if bad code creates a poor user experience.

Each of these individual risks has the potential to harm an organization, and combining two or more of them compounds the problem further. The good news for organizations is that CodeOps combines AI and human ingenuity to minimize these risks while saving time and money, a classic case of making dollars and sense.

YOUTUBE.COM/THENEWSTACK

Tech moves fast, don’t miss an episode. Subscribe to our YouTubechannel to stream all our podcasts, interviews, demos, and more.

GroupCreated with Sketch.