Skip to end of banner Go to start of banner

Tech Debt - Sonar Security

Skip to end of metadata

Created by Pranav Barar (Unlicensed) , last modified on Mar 11, 2024

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Overview
Definition (Hover Text)	Measures the evolution of effort required to fix all Vulnerabilities detected with Sonar in the code.
Source Tools	SonarQube, Sonar Cloud
Graph type	Line
Filters	Sonar Projects
Hover Format on KPI	Date Range:<<Weeks>>
Fields on Overlay	Project Job Name Code Quality Month
Business Logic
Calculation Formula	For each KPI a ratio is calculated which considers Numerator - KPI Variable (like security_remediation_effort) Denominator - effort invested in writing number of LOC (assumed 30 min for each LOC) Then for each time duration - Effort change is calculated based on the Ratio at the End of the interval and at the Beginning of the interval RATIO - RemediationEffortChange = Sec%\|TimeIntervalEnd/ Sec%\|TimeIntervalStart
Trend	Trend is downwards with increase in percentage
Maturity Levels	M1: > 120% M2: 100-120% M3: 50-100% M4: 0-50% M5: Zero
Instance level thresholds	50%
Configurations
Processor Fields
KPI Specific fields	Time (min) required to write 1 Line of code (LOC)
How to Validate KPI
Suggested ways of working
Sample JQLs
Benefits of KPI
How does the KPI help

C

No labels

© 2022 Publicis Sapient. All rights reserved.