Prism Technology

What it is

Reflective’s Prism technology is designed to automatically assess source code for quality and security issues without reliance on developers or changing the customer’s existing software development processes. The objective of Prism’s technology is to automatically detect issues that could have a direct impact on the quality or safety of the application with minimal human involvement.

What it does

The core of Prism’s technology enables customers to automatically scans the entire application portfolio for potential quality and security issues, measure changes in the software down to the line-of-code level, and then tracks and reports on those issues and changes. Prism reports enable the Development Manager to assess the overall status of every application in the pipeline and assign appropriate resources; the QA Engineer to identify quality issues for resolution by development and the Security Analyst to locate potential exploitation opportunities in the code. 

 

The Prism platform uses multiple analyzers, an issues classification knowledgebase, and a rules and instance database that together provide the foundation for greater software transparency. Different software testing modules reside on top of the Prism analysis engine. The customer initiates the testing modules they’d like to run on their code (quality, security, change management, etc.) and Prism delivers results reports associated with each of those tests.


 

Figure 1 - Prism Testing Process

Why it matters

With Prism, the organization can set its own standards for software quality and security and monitor the entire code base for deviations from those standards regardless of who developed the code. Prism’s ability to measure changes in software at the line-of-code level as well as changes in the software architecture itself means the development manager has an objective picture regarding the rate of change in every application under development as well as the readiness of the software for the next stage of in the lifecycle. The issues Prism identifies and the metrics Prism generates means the QA manager can set and monitor software quality compliance standards for every application. The vulnerability detection capability of Prism’s security analyzer module means that the security analyst can check more code more often for the issues the analyst cares most about. Prism enables the Project leader to assess code for quality SLA compliance prior to acceptance from an outsourced or third party developer.

Achieving Better Application Quality - Everyone agrees that better software quality is a good thing. However, how an enterprise begins improving its software quality can be as different as companies are. Every development environment is unique. A key component of software quality is the ability for each group in the development organization to make a series of good decisions throughout the lifecycle of the application. With Prism, development management, QA and security can work together to make better decisions as to what, how and when to improve the quality of their code.

Having the enterprise properly set its own software quality standards and then holding everyone accountable to meeting those standards offers is an essential step for consistent, high quality applications development.