Once you have obtained security and quality metrics and defects of your application, the most probable questions you will have will be some of the following:
- Where should I start to improve?
- How much time does it take me to repair each one of them?
- Which are the optimal path and action plan to reach my quality goals?
- I only have 20 hours to fix errors before the next delivery. What should I fix to aim the best possible quality?
Kiuwan provides a module to create Action Plans, i.e. a concrete and defined set of goals and actions to be performed on your application. Once defined, you will be able to share it (by exporting to PDF or as Jira issues) and track progress based on analysis results.
In order to create an Action Plan, you can follow two different approaches.
Based on current analysis defects, you might build your action plan based completely on your more important criteria (high-security vulnerabilities, available man-power, etc.).
A different approach might be asking Kiuwan to build an optimized action plan. For that, Kiuwan provides a complete module (“What-If”) where Kiuwan will provide to you with concrete actions depending on the strategy your prefer: either setting specific goals for metrics (e.g. what are the actions and effort to reach a target of 90 in Security?) or specifying the effort you may invest in remediation tasks (e.g. with 40 h, how can I obtain the best gain?).
Whatever be the approach, once you decide the right simulation scenario, Kiuwan generates an Action Plan for you to implement the simulation. After the generation of that action plan, you will be able to track the Remediation Progress (i.e. the consecution of that action plan).
Please visit Kiuwan Code Analysis and Action Plans for further info.