Crowdsourced cloud development company CloudSpokes has announced its Thurgood tool for analyzing the build, quality, and security of code. The company asserts that more organizations today are turning to crowdsourced and outsourced developer talent, so this tool gives programming team leaders insight to determine the stability of submitted code and identify any risks.
- Building and Managing an IT Security Operations Program
- Global Threat Report: Year of the Next-Gen Cyberattack
- The State of Cyber Security Incident Response
- Online Malware & Threats: A Profile of Today's Security Posture
Thurgood works with all coding languages and offers what its makers would like to position as a "new standard" of authenticating and validating code, while enabling developers to immediately spot opportunities to improve their work.
"Crowdsourced development can seem like a Catch-22: Developers can claim to develop specific software, but how do businesses ensure quality throughout the entire process?" said Mike Morris, general manager, CloudSpokes. "Thurgood eliminates this uncertainty and allows developers to submit code early and often to both the developer and business to easily determine the caliber of the code and make the necessary tweaks. As more businesses crowdsource software development, Thurgood ensures submitted code is consistent, complete and ready for business."
NOTE: Thurgood was developed by CloudSpokes and incorporates Cloudbees Jenkins Enterprise and Checkmarx security and vulnerability scans. The software automatically configures code analysis tools depending on environment like code coverage, code formatting, unit test execution, bug detection, and security analysis.
Once a developer submits code to Thurgood, the code is downloaded, then the software generates the necessary build files before it is committed to a Git repository. The committed code is then scanned by Cloudbees and Checkmarx with the final results returned to the developer. Developers are able to see the entire submission and detailed partner feedback, eliminating the time previously needed to test code and creating code best practices. The Thurgood tool also provides the CloudSpokes team visibility into what community members are working on and their respective progress on challenges.
"Precautionary measures of secure coding are rapidly becoming a recognized necessity in the code development lifecycle," said David Hyman, vice president, SaaS operations, Checkmarx. "CloudSpoke's adoption of secure coding practice shows commitment to its customers and makes a clear statement that the community takes security seriously."