3rd Party Dependencies
Do you have full control over your own product or application?
Chances are you don’t.
In fact, it’s standard practice for developers to leverage third-party tools, systems and code to make an application work. According to CA Veracode’s State of Software Security report, up to 70% of applications that are thought of as “internally developed” are actually comprised of third-party libraries and components. And, Sonatype’s 2016 State of the Software Supply Chain indicates that modern applications typically consist of 80-90% component parts.
What do we mean by “third-party”?
“A third-party software component is a reusable software component developed to be either freely distributed or sold by an entity other than the original vendor of the development platform.”
Essentially, third-party tools are those that contain code not created by your internal teams. For example, if your solution allows for in-app purchase, the eCommerce functionality might very well be a third-party component. Alternatively, if your application captures user information through a web form, the library supporting this functionality might be third-party developed.
Why do developers use third-party tools?
Developers don’t want to reinvent the wheel. Third-party tools allow them to include necessary functions without having to build them from scratch. This can save time and money. It also gives developers more freedom to ideate and innovate.
But while third-party code can save development time, money and personnel resources, these tools need to be reassessed periodically to ensure that they remain high value components in the long term.
Auditing third-party dependencies
In fact, one of the things we hear most often from new clients is that one or more of the third-party tools necessary to run their application is failing them. Maybe it has become too expensive. Maybe it’s not working the way it needs to work. Or maybe the application’s requirements have changed and the third-party tool is simply no longer the right fit for its needs. Whatever the case, auditing third-party dependencies is a best practice that can improve application performance and user experience.
Dev IQ helps clients assess their technology, find instances of technical debt (e.g. a third-party tool that’s not delivering what’s expected) and determine where risk lies within their applications and components. If this assessment determines that a client needs to replace its third-party components, we can help them source other options available in the marketplace or build custom functionality that becomes part of the core component.
For example, our client, Skywriter MD, needed to replace an inefficient WebRTC product that was no longer servicing their needs. It didn’t offer the support, monitoring or metrics that Skywriter needed, and it was too expensive. To resolve these issues, Dev IQ built a proprietary WebRTC platform specifically for Skywriter that helped the company deliver higher quality service and dramatically improved customer experiences.
SkywriterMD uses live conferencing to connect healthcare providers with virtual scribes – the WebRTC solution is key to the business.
Skywriter MD Case Study
Read more about how Dev IQ helped SkywriterMD regain control over their workflow & eliminate downtime.
Ready to see how Dev IQ can help your organization audit its third-party dependencies? Contact us directly or check out our SkyWriter MD case study for more information.