Key Results
- ROI in less than 6 months
- Standardization of codebase across the organization
- Cleaner, more secure, more efficient code development without workflow disruption
- Time saved by not having to address bad code
About M&T Bank
Founded in 1856, M&T Bank is one of the top full-service U.S.-based commercial banks, with over 21,000 employees and a long history of community-focused banking.
The challenge
The banking industry is undergoing a massive digital transformation driven by changing consumer habits, competitive pressures, and technological advancements.
The trend towards an all-digital customer experience is causing rapid adoption of new technologies and, with it, comes the highest level of security and most stringent regulatory requirements to protect the highly sensitive data and transactions that the industry runs on every day.
Introducing software with problems is expensive, time-consuming, and a genuine business risk that can lead to catastrophic security breaches, financial losses, and reputational damage for the banking industry.
Banking organizations must ensure that the code their software runs on achieves specific quality standards and remains compliant to keep operations running smoothly. With a 165-year history guided by an innovative leadership team, M&T Bank recognized the challenge of establishing organization-wide Clean Code standards for its development team to support the maintainability and performance of its software.
They needed to minimize application maintenance time and associated costs while ensuring their software remained efficient, reliable, and secure.
The solution
After evaluating several code quality and security solutions, M&T Bank found SonarQube’s capabilities significantly more substantial than the competition.
They discovered that SonarQube excelled in speed of analysis, contextual guidance for developers when an issue appeared in their code, and broad support for coding languages, frameworks, and infrastructure technologies.
Since implementing SonarQube, M&T Bank’s developers have found SonarQube’s Quality Gates valuable in ensuring that code adheres to predefined quality and security standards without disrupting the development workflow, enabling real-time code quality checks, and supporting the Clean as You Code methodology, which allows for systemic removal of technical debt without sacrificing time on new products and features.
Additionally, the team leverages SonarQube’s enterprise portfolios and executive reporting features to gain regular insights into project progress and performance.
Results
M&T Bank’s investment in SonarQube brought a return in less than six months, and since implementing SonarQube into their development workflow, they have saved substantial time that was previously dedicated to addressing bad code.
SonarQube’s speed of analysis, contextual guidance to fix issues quickly and efficiently, and broad support for languages, frameworks, and infrastructure technologies have allowed them to standardize the quality and security of their codebase across the organization and reinforce coding best practices, ultimately leading to cleaner and more efficient code development.
The implementation of SonarQube is a critical component in M&T Bank's broader organizational code quality and security initiative and underlines its commitment to delivering secure and high-quality software solutions.
In 2023, the financial services sector was the second-most targeted industry by cyber security incidents resulting in data compromise.
