March 29, 2021
Share on facebook
Share on twitter
Share on linkedin

file under

blog

Code audit: A home inspection for your code

You wouldn’t buy a house without a professional inspection. Houses can look perfect on the surface and still have hidden issues with the infrastructure that need to be addressed. The same thing is true with your code. It can look beautiful on the surface but have significant performance issues under the hood.

That’s why we start technical projects with a code audit. As your business grows, your original code base gets updated and changed along the way. Over time, it can become messy and complicated.

But simplifying code to make it work better for you is one of Ntara’s superpowers. No matter how many people may have contributed to writing your code, a professional audit can identify any critical errors, landmines, security risks, or performance issues. Knowing what is wrong is half the battle; the other half is cleaning it up to make your site, platform, or integration run better.

What exactly is a code audit?

The word “audit” may indicate a painful experience that lasts for weeks on end. But code audits are surprisingly straightforward and can quickly identify opportunities for improvement.

 

Illustration of a website code audit.

 

During a typical audit, we look for red flags, such as performance issues, security risks, errors, missing data, or manual processes. We assess the current risks and the maintainability of the current system. Does it do what it’s supposed to do? Does documentation exist? If so, is it accurate and easy to follow?

We don’t need to understand every single thing about your existing code base. All we need are your source files. One check we do is to see if we can click “build” and it works. This is to make sure that there are no mistakes or missing files with how the code was stored in source control. Then we can check for the other kinds of red flags to see if—at a high level—any of those potentially exist.

In one particularly surprising client example, we found that credit card information was being stored as plain text within their code—not at all encrypted and very easy to identify. As you can imagine, our client was stunned when, during the audit review, we were able to recite their credit card information. This is a great example of a critical security risk that can be identified through this process.

Luckily, most audits don’t return such troubling results.

When to conduct a code audit

While anytime is a good time check your code performance, code audits are always recommended when transitioning your digital assets from one agency partner to another. You want to make sure that the maintainability and deployment of code remains seamless. For that to happen, the new agency partner needs to make sure they can build and deploy the source code to the target location without a bunch of manual steps. Performing a code audit will illuminate any such issues and a plan can be put in place to resolve those. This is a critical part of any agency transition, while there is still time for the new agency partner to talk with the previous partner.

Why conduct a code audit?

Businesses need confidence in the integrity of their code to ensure they have clear paths forward for future platform upgrades. Programmers, both internally and externally, must be able to read and understand your code base. Ultimately, it’s about long-term maintainability and scalability of your code, security, efficiency, and performance. Code audits uncover issues with your code and supporting processes that must be addressed for your business to scale in the future.

Ensuring maintainability

This is all about reducing and simplifying areas of code. In development, when blitzing through code to solve a problem, programmers sometimes use a technique known as “brute force.” This involves copying and pasting parts of code over and over, creating hundreds or thousands more lines than needed. Later, when updates are required, the code needs to be changed in all those places instead of just a few. This creates opportunity for error. By making the code modular we can eliminate repeating lines and consolidate them.

Automation opportunities

Manual processes have a greater opportunity for error, which will likely cause bad outcomes over time. How does your code get from source control to the web server, so the world can see your website? How does your code get from source control to another platform to enable all the great features you’re paying for? If these processes are manual, the opportunity for error is extremely high.

We help our clients automate processes wherever possible. Automation not only saves you time, but also reduces headaches from manual deployments and compilations. It also reduces the dependency on your staff to remember and execute these processes, therefore reducing the opportunity for human error.

Looking for performance issues

The only true way to know if something is a performance issue is to use tools to analyze the running of the code and see what is causing the slowness. That said, after having worked on a lot of code over the years, there are some things you can look for that are sure to be issues.

One such example would be a for-loop, or even worse a nested for-loop, with API calls in them. A for-loop executes blocks of code repeatedly. Nested for-loops (something we see a lot) can waste time because they can exponentially increase the number of iterations. If there is an expensive call inside, it will significantly impact performance. However, we can leverage a variety of strategies, such as making bulk calls or aggregating calls ahead of time, to reduce the impact to performance. Additionally, we can store these calls in memory and access them there ahead of time moving forward.

In one case, an API call to the product information management system (PIM) was taking 20 minutes to respond. Within an hour, we identified this error and made some adjustments. Ultimately, we eliminated the over calling of the API, reducing response time to under one minute. That’s a significant time savings.

Getting started

Typically, code audits are needed to determine whether it makes more sense to clean up the current code base or to start over with new code. It’s a process of assessing current risks and maintainability of the current system.

Sometimes, simple fixes can make a world of difference. But if your code has critical errors, it’s best to know that up front. In many cases, it’s possible to generate a net new code base than to fix an existing mess.

If you would like to learn more about how a code audit could improve your business, get in touch.

Want to stay in the loop on future Ntara content? Subscribe to our blog.

Next up in

Subscribe to our blog

Get our latest insights, ideas, and inspiration in your inbox.

Your privacy is important. Review our privacy policy to learn more.

Subscribe to our blog

Get our latest insights, ideas, and inspiration in your inbox.

Your privacy is important. Review our privacy policy to learn more.
White Hunter fan logo
We helped Hunter Fan break into the industrial fan space for the first time with this brochure-site-turned-lead-generation engine.
0 %
increase in website leads
0
pageviews
0
unique sessions
White Bosma Enterprises logo
We created an online quiz about Indianapolis that educated audiences about Bosma’s services for the blind and visually impaired. This project created huge response for an important social issue—on a shoestring budget.
0
Average minutes on quiz
$ 0
Cost per impression
0 %
Quiz completion rate
White Vidant Health Logo
Vidant Health went through a system-wide redesign. As part of that transformation, we built them a website that served up geo-targeted content around events, programs, and messaging that was specific to each user’s location.
0 %
decrease in bounce rate
0 %
increase in overall sessions
0 %
increase in mobile traffic
White Hunter logo
We took Hunter Fan direct-to-consumer for the first time. We implemented PIM for their 100,000+ SKUs and built a beautiful, functional website to help customers navigate their extensive product offering.
0 X
Increased revenue year-over-year by
0 %
Improved average site load time by
0 %
Decreased bounce rate by
Crossville Studios Logo

Crossville Studios offers different products in different regions throughout the United States. This PIM solution enables custom user experiences on the site, so users see different products based on their zip code or IP address.

0
hour efficiency gain per year
0
systems consolidated
0 X
ROI projected in 1st year
White Vidant Health Logo
We combined Vidant Health’s disparate recruiting sites into one, cohesive experience and the site integrated with HR systems to simplify the application process. And we achieved double the application submissions—while maintaining quality and using less than half their previous annual budget.
0 %
increase in application submissions
0
increase in sessions
0 %
decrease in average page load time
Casablanca Fan white logo
We built an ecommerce website to handle the wide range of products that performs beautifully on desktop, tablet, smartphone, and touch-interface kiosks located in-store.
0 %
Session time increase
0
Engagement average minutes
0 +
retail point-of-sale deployments
White Envision Us logo
We created a streamlined UX while integrating three disparate back-end systems to enhance the online experience for the second largest employer of blind and visually impaired persons in the country.
0 %
increase in organic search traffic
0 %
decrease in bounce rate
0 %
improvement in site navigation
We designed a simpler homepage with benefits-focused content and built multiple microsites to launch their new look and feel.
$ 0 M
in additional sales
0 %
return on investment within 12 months
0 %
Online sales growth
White Mast General Store logo
After fully immersing into their brand culture, we bridged the “click and mortar” gap by creating an online experience that paid significant homage to their rich, in-store experience.
0 %
increase in online sales
0 %
increase in total time onsite (TTo)
0 %
growth in national reach
White teradata logo
We quickly designed, built, and launched a new website with thought leadership around a complex topic: big data. This solution generated the top-performing MQL generating asset in the company’s history.
1 x
organic traffic increase
0 +
keywords on the first page of Google
0
content downloads in the first month
White Royal Brass and Hose Logo
This PIM solution for Royal Brass and Hose enabled users to browse products, create shopping lists, and save bulk orders. It also gave the client visibility into customer behavior, with custom logic for increasing fulfillment efficiency.
0
items on the site
0
products and counting
$ 0 M
in revenue in the first QTR after launch
White The OuterBanks Hospital logo
We quickly designed, built, and launched a new website with thought leadership around a complex topic: big data. This solution generated the top-performing MQL generating asset in the company’s history.
0 %
increase in mobile traffic YOY
0 %
increase in organic traffic YOY
0 %
ROI for Urgent Care ad campaign
White Value Place logo
We helped ValuePlace establish their brand, segment and better understand their target audiences, build a website that anticipated customer needs, and execute persona-specific campaigns to drive conversion.
0 %
increase in online revenue
0 %
increase in organic search traffic
0 %
increase in email-generated revenue
White Vidant Health Logo
We developed web-based cancer screening assessments that provided at-risk patients access to care and improved overall population health. This solution helped users identify their risk and contact a professional for follow-up when needed.
0
new risk assessments in the first year
0 %
increase in traffic
0
new personal stories to influence behavior
White Vidant Health Logo
We used this website redesign to illustrate how donations change lives—giving the rural healthcare foundation recognition as a major contributor to the surrounding, close-knit communities.
0 %
increase in YoY sessions
0 %
increase in YoY donations
0 %
increase in YoY donation dollars
We created an automated, customizable, digital experience that empowered this salesforce to improve engagement with their prospects.
$ 0 M
in new opportunities identified in one quarter
0 %
acceleration of b2b sales cycle
0 %
decrease in time to contract signing
White Federal Mogul logo
With this PIM project, we passed more data through inriver than it had ever seen before, and we created ACES and PIES pre-processors to aid in data onboarding.
0 B
points of data aggregated
0 +
Automotive brands data integrated
0 +
concurrent users
We configured a complex PIM solution per ACES standards for this manufacturer of ATV parts and accessories, setting them up to standardize product data across Walmart, Ebay, Amazon, and more.
0
SKUs
0
system users
0
user roles
White PetSafe logo
This PIM solution for PetSafe streamlined their complex, international product data to save their internal team significant time and simplify the experience for end users.
0
users in the workflow
0
user roles in 14 different areas
0
languages and growing
White Hunter logo

We created a custom, centralized PIM and PLM system for Hunter Fan to handle the consistent and accurate output of product data across multiple outbound channels and hundreds of downstream data partner websites and apps.

0 +
years of part information
0 M
configurable part options
0 +
retailers using syndicated data
White Peter Millar logo
Our initial consulting engagement showed Peter Millar that implementing PIM could save significant time and money. We are currently working with this client to consolidate their disparate systems into one source of truth.
0 +
total SKUs
0 +
data sources aggregated
0
man hours per year of savings
White Royal Brass and Hose Logo

We conducted primary research for this parts manufacturer to identify their most profitable opportunities, implemented PIM for their organization, and moved them to ecommerce sales for the first time.

0 x
increase in online revenue in first 3 months
0 %
increase in users YoY
0 %
decrease in bounce rate