Information Technology & Services

Mavens

Protecting sensitive data by enforcing top-class security best practices.
480,000
Lines of code scanned per month
50
Severe bugs and vulnerabilities prevented per month
+38%
Development capacity increase
340 h
Post-release reworks avoided per month

About Mavens

Mavens combines best-in-industry consultants with best-in-cloud software and solutions for biotech, speciality pharma, and rare disease companies. They help life science leaders of all kinds drive better outcomes for their businesses and their products.
Location Chicago, IL, USA
Number of employees 100+
Industry Information Technology and Services
Go live date
November 2018

Background

Mavens have extensive experience in customizing Salesforce to meet the needs of both growing organizations and established enterprises transforming the way organizations engage with healthcare professionals, patients, and consumers.

Mavens' is committed to delivering cloud solutions with unparalleled security and quality standards, making sure that sensitive customer data is always secure.

Problem & Challenges

Healthcare solutions handle highly sensitive data; Mavens wanted a systematic way to enforce security best practices from the very early stages of development.

Mavens’ engineering team had set up a homegrown code analysis tooling based on PMD. This solution was ultimately abandoned due to the amount of noise and false detection continuously reported to developers.

Mavens needed a better, more accurate, solution that could help developers identify security threats early and reliably without slowing down their development workflow.

Solution

Mavens' engineering team use a feature-branch git workflow for all their application developments. Every new feature or proposed change results in a pull request on GitHub, that kicks off an automated, real-time scan by Clayton.
Clayton made our code review process so much faster. It catches best practice issues earlier and automatically, with very high accuracy. Our developers can now fix any problems before peer review, which results in an increased velocity for our team.
Kai Amundsen
Technical Architect
Clayton performs an in-depth analysis of the proposed change to validate whether or not it complies with Mavens' code quality and AppSec standards. Code that isn't compliant is blocked and must be reworked by developers before it can be accepted and merged into the main development branch.

Key Features

GitHub integration
Automated code reviews
Quality gate
Review Criteria alignment
Any problems found in the application code are highlighted with inline comments on the pull request itself, so developers know what needs to be changed and can act quickly, without any need for human intervention. As soon as all issues are resolved, the pull request gets approved by Clayton and developers can move to a peer review with a colleague before the change is accepted and merged.
Any incorrect detections are flagged by developers and managed via an in-app workflow, that discards irrelevant findings and keeps a fully auditable track record of what detections have been dismissed, and by whom.

Outcome

Thanks to Clayton, we can focus on delivering value to the business faster, ensuring the top-class security standards and best practices are always applied to our Salesforce implementation.
Larry Jovanovic
VP of Products

Agility

  • New developers are on-boarded more rapidly, as Clayton contributes speeding up this process and provide a safety net for mistakes that might be made by less experienced team members.
  • The accumulation of technical debt throughout development is minimized; up to 340 hours/month of future reworks are avoided thanks to early problem resolutions.

Efficiency

Human-led code reviews are faster and more meaningful, as every aspect of security and quality compliance are dealt with in advance.

Security

Mavens engineering team write more secure and robust code; an average of 50 problems are prevented each month thanks to early detections by Clayton.

Technical best practices

The overall quality of their application has improved, with more than 1,500 issues resolved in the first 12 months of operation.
Meet Clayton
Try Clayton now
Up and running in clicks. 14 days free trial. Cancel anytime.