Some days ago, an investor asked me whether or not a fund should invest in a testing/SQA company. Here is my non-expert answer.
This post is talking about the software editor companies that creates Software quality tools.The investor concern is about how big is the threat of the opensource and how a company can create enough value to exists.
Opensource code quality tools are everywhere
To be honest, an age has existed where the offer in SQA tools was scarce, the life of software editors higher and the job of salesman easier. Nowadays, almost every language (non proprietary as 4G languages and antediluvian dialects) has at least an opensource formatter, a linter (syntax checker). The most popular languages can also have their own security tools and testing/ coverage analysis tools.
De facto, it’s tough for a company to fight on the sole fact that the company has its own parsers until getting very technical in the answer.
This immediate availability of a remarkable wide offer of opensource tools had many impacts on the SQA companies.
The race for bigger weapons
A race exists between some SQA vendors and their supposed opensource competitors in how well, precise, fast, exhaustive are their products.
The competition can be about how many frameworks they are covering, how many rules they have implemented, the number of false positives, the speed.
This competition can be a real danger for the company financial resources and in my opinion, the proof of another issue, the lack of global added value or of an original use case like I encountered with Tocea.
I have summarized three opportunities.
Under this phrase, I describe all features dedicated to a better understanding of the software, it’s structure and also the use of code metrics in the domain of Application Lifecycle management.
Tools like Codacy or the latest product of Cast are great dashboard examples , where various data and metrics are cleanly organized to help the managers in their decision and at the same time giving immediate inputs and support for each developer.
Tools like Ndepend and Sonargraph are also two good examples of Software intelligence tools. The underlying complexity of a code requires sometimes tools of high-level of expertise that only few companies are able to deliver.
SQA tools are tedious of use. Dozen of parameters, of flags to position, configuration files, and then tuning the results. Onboarding a new project, a remote team can become really cumbersome.
Several products are clearly orienting their unique value on this segment. Full integration to GitHub, Gitlab are a must to have that Sonarqube has understood and made some real big steps lately through their site.
The possibility of a cloud analysis like with the Kiuwan product while keeping a high-level of privacy is also an interesting way to be different.
Breaking the SQA tool paradigm
Usually tools are simple to understand. Green it’s good, red an issue to fix. This natural binary common understanding of the quality is, IMHO, the main lever of disruption in the future years.
It’s a perfectly match with the Artificial intelligence tempo,and the recent progress. A startup like Yagaan offers many interesting new use-cases that I believe could disrupt deeply the existing offer.
Since many AI algorithms are scoring patterns with a confidence score, the future software editors that will make evolve their tools and educate their users will win. How to pass from a red/Green system to a trust ratio in presence of an error?
The other biggest threat of all the SQA tools are the recent progress in the predictive code bugs detection powered by AI. A simple system is able to find real bugs without the assistance of an software editor to produce code quality rules, targeted for a specific system.