Let’s just say that our sweet spot is leveraging from the analysis of source code for any given system and creating insights not only for the software engineers behind it but also for the higher and C-level management of an organization.
The proprietary and accredited (according to the ISO 17025 standard) SIGRID platform of our partner SIG, enables the analysis of the source code and the architecture of any given software system based on the ISO 25010 international standard for software product quality.
At Code4Thought we notice that organizations and governments invest a remarkably high amount of money in cyber security in order to protect their sensitive information and systems from unauthorized activities but not always with the expected success.
What we also experience is that even though the software development process has moved towards an “Agile” and faster feedback way of working, security most of the time still follows the traditional “Waterfall” step-after-step style. Mass effort and budget are spent to ensure software security on the last steps of the SDLC (Software Development Life Cycle) process, mainly via penetration tests. However, by integrating it in the prior steps including designing and development, we strongly believe effort and budget will be reduced, by at least 50%, and vulnerabilities will be significantly decreased.
During an IT Due Diligence, we do what we know best, that is to dive deep into the source code underlying digital assets to identify and quantify hidden investment risks and opportunities.
A typical IT due diligence barely scratches the surface, including little more than interviews with the target company’s IT leaders, review of documentation, and a demo of the software. The result? Investors buy a “black box” of software, and only later find out that it can’t support their strategic goals.
Most industries are being disrupted by new digital companies (i.e. startups or challengers). Those digital companies utilize modern technologies and best practices such as DevOps, are more flexible and able to invest more in innovation. As a result they can deliver faster services and be more customer centric by receiving faster feedback and having better data analytics.
Large traditional organizations in those industries (i.e. corporations, incumbents) strive to prepare for the digital world in order to keep their businesses relevant to the market needs (IT transformation process). Corporate and IT leadership in those organizations are in the process of defining a concrete strategy plan that will make this transformation feasible.
One of the problems they face is that they do not even know the current state of their IT landscape and the role of their systems inside the business functions; the latter also known as “Enterprise Architecture”. Our Enterprise Architecture Mapping solution is here to help
Cloud Migration: Get on the trend with pragmatism and transparency
The term “Cloud Migration” is becoming as popular and topical as “Digital Transformation”
Stop doing security the ‘right’ way
Deep dive into the Dos and Don’ts of this approach based on the experiences we’ve accumulated by looking into tenths of systems and development teams of large organisations.
Why is investing in software product and system quality necessary?
Companies, organisations and institutions are required to systematically check the quality of the software they produce.