CodeScan empowers Salesforce developers with code analysis tools. Below is our recent interview with Nitay Gold, COO at CodeScan:
Q: Could you provide our readers with a brief introduction to CodeScan?
A: We enable Salesforce development teams to increase productivity and efficiency over time. We also believe that applying code standards across the organization should be a common practice for developers at all levels. For that reason, we developed a static code analysis tool that seamlessly integrates with the development and deployment processes of Salesforce and scans for code vulnerabilities and quality checks along the process.
We have been here since 2014, HQ in San Diego, with a high performing team that is changing the life of 150 customers and more than 1,000 Developers.
Q: Why would I need a Static Code Analysis Tool and Why CodeScan?
A: This is a great question. We are asked every day. First, you don’t need a static code analysis tool in the same way you don’t need to have an email platform or a CRM account. Developers can still develop on the Salesforce platform without a code analysis tool in the same way everyone can use excel files to track customers or fax to send letters.
The problems are:
1) Cost of Error – Quality releases needed to be delivered on time. Coding and compliance standards need to be met. And mistakes are not an option in today’s world. Static Code Analysis helps the developers to push cleaner codes. That reduces the probability to bring the code back to the developers and reduce the cost to fix the error.
2) Speed – like anything in business, the faster you release software and put it on the shelf, the better it is for the company. The technology is evolving to improve the speed of the developers to push products out the door. Static Code Analysis reduces the overload of the testing phase in the development process and enables the team to move faster.
3) Code Standardization – Standards are one of the main factors to achieve speed and reduce the overload on testing teams. The better the code standard is implemented in the organization, the faster products are being developed. The problem is how to enforce standards. CodeScan allows users to create quality profiles and gates to ensure code is not being pushed before the gates are met. This is up to any org to define.
How do you solve that:
CodeScan developed a static code analysis with a method of debugging by examining source code before a program is run. It’s done by analyzing a set of code against a set (or multiple sets) of coding rules. Besides that and in order to improve and enforce code standardization, CodeScan allows the users to define the quality profiles and the quality gates and by this, it gives them the ability to enforce standards and use the tool to educate developers.
CodeScan offers more than 500 rules for security and quality and we also let the customers define their own rules.
Q: What’s the difference? Everyone can use PMD as a free open source tool.
A: Correct, developers can use a free open source tool in the same way they can develop without any code analysis tool. Our solution fits more to the enterprise model. Basically, organizations that give high value to standards and the importance of proper devops tooling. PMD is checking for APEX only and doesn’t check for Lightning Web Component nor Visual force. Moreover, it has a very limited amount of checks. If I remember correctly, 35 checks compared to 500 codescan offers.
Q: What is the biggest challenge you’ve faced in your business and how did you overcome it?
A: Our challenge as we describe above is speed. How fast we can get into our customers and offer our tool. The market is huge, but how fast we can penetrate that is the key. For that we developed a partnership model. Where we have been building a channel of resellers that work with us to open new doors for new customers. They also manage to add a complimentary product into their portfolio to attract more customers of their own.
Q: Can you give us any hints as to what else we might expect to see from CodeScan this year?
A: We are here for Salesforce. The Salesforce ecosystem is a huge market. There are 150,000 customers of salesforce out there. At least a third of them are actively developing on the salesforce platform. Therefore, we are here for the Salesforce Developers. You will not see us going into other platforms just yet. Due to that reason, we are investing a lot in improving our product and integrating it with the leading deployment tools of Salesforce to provide a better customer experience for our users.