Mavens combines best-in-industry consultants with best-in-cloud software and solutions for biotech, speciality pharma, and rare disease companies. They help life science leaders of all kinds drive better outcomes for their businesses and their products.
Information Technology & Services
Mavens
Protecting sensitive data by enforcing top-class security best practices.
480,000
Lines of code scanned per month
50
Severe bugs and vulnerabilities prevented per month
+38%
Development capacity increase
340 h
Post-release reworks avoided per month
Background
Mavens have extensive experience in customizing Salesforce to meet the needs of both growing organizations and established enterprises transforming the way organizations engage with healthcare professionals, patients, and consumers.
Mavens' is committed to delivering cloud solutions with unparalleled security and quality standards, making sure that sensitive customer data is always secure.
Mavens' is committed to delivering cloud solutions with unparalleled security and quality standards, making sure that sensitive customer data is always secure.
Problem & Challenges
Healthcare solutions handle highly sensitive data; Mavens wanted a systematic way to enforce security best practices from the very early stages of development.
Mavens’ engineering team had set up a homegrown code analysis tooling based on PMD. This solution was ultimately abandoned due to the amount of noise and false detection continuously reported to developers.
Mavens needed a better, more accurate, solution that could help developers identify security threats early and reliably without slowing down their development workflow.
Mavens’ engineering team had set up a homegrown code analysis tooling based on PMD. This solution was ultimately abandoned due to the amount of noise and false detection continuously reported to developers.
Mavens needed a better, more accurate, solution that could help developers identify security threats early and reliably without slowing down their development workflow.
Solution
Mavens' engineering team use a feature-branch git workflow for all their application developments. Every new feature or proposed change results in a pull request on GitHub, that kicks off an automated, real-time scan by Clayton.
Clayton made our code review process so much faster. It catches best practice issues earlier and automatically, with very high accuracy. Our developers can now fix any problems before peer review, which results in an increased velocity for our team.
Kai Amundsen
Technical Architect
Clayton performs an in-depth analysis of the proposed change to validate whether or not it complies with Mavens' code quality and AppSec standards. Code that isn't compliant is blocked and must be reworked by developers before it can be accepted and merged into the main development branch.
Key Features
GitHub integration
Automated code reviews
Quality gate
Review Criteria alignment
Any problems found in the application code are highlighted with inline comments on the pull request itself, so developers know what needs to be changed and can act quickly, without any need for human intervention. As soon as all issues are resolved, the pull request gets approved by Clayton and developers can move to a peer review with a colleague before the change is accepted and merged.
Any incorrect detections are flagged by developers and managed via an in-app workflow, that discards irrelevant findings and keeps a fully auditable track record of what detections have been dismissed, and by whom.
Outcome
Thanks to Clayton, we can focus on delivering value to the business faster, ensuring the top-class security standards and best practices are always applied to our Salesforce implementation.
Larry Jovanovic
VP of Products
Agility
- New developers are on-boarded more rapidly, as Clayton contributes speeding up this process and provide a safety net for mistakes that might be made by less experienced team members.
- The accumulation of technical debt throughout development is minimized; up to 340 hours/month of future reworks are avoided thanks to early problem resolutions.
Efficiency
Human-led code reviews are faster and more meaningful, as every aspect of security and quality compliance are dealt with in advance.
Security
Mavens engineering team write more secure and robust code; an average of 50 problems are prevented each month thanks to early detections by Clayton.
Technical best practices
The overall quality of their application has improved, with more than 1,500 issues resolved in the first 12 months of operation.