Been using Code Climate for a long time; it's really fantastic. Bryan has done a great job finding the right things to point out that help improve our code quality.<p>The security stuff is pretty cool - it's really nice to have code-level audits that are continuous, ongoing, and automated. It won't replace the need for physical code review but it has already caught stuff our code reviews haven't.<p>I'm a huge fan of automation over manual labor and static code analysis is a great tool to help. For example, in our CI (CircleCI) we tie in different ruby gems (rails_best_practices, rcov, jshint, etc.) to help enforce code quality automagically. Violate one of our team-defined guidelines? The build will fail.<p>I often find it frustrating that teams introduce reams of documentation for code standards and then painstakingly hand-review code for adherence. Automate that and spend the rest of your time reviewing for things that can't be trivially automated (CodeClimate doesn't care about tabs v. spaces, of course)