The Software Intelligence Blog

Jonathan Bloom - Writer, Blogger & PR Consultant
Jonathan is an experienced writer with over 20 years writing about the Technology industry. Jon has written more than 750 journal and magazine articles, blogs and other materials that have been published throughout the U.S. and Canada. He has expertise in a wide range of subjects within the IT industry including software development, enterprise software, mobile, database, security, BI, SaaS/Cloud, Health Care IT and Sustainable Technology. In his free time, Jon enjoys attending sporting events, cooking, studying American history and listening to Bruce Springsteen music.
  • Don’t Be ‘Forever’ Vulnerable: Improve Your AppSec Posture

    Don’t Be ‘Forever’ Vulnerable: Improve Your AppSec Posture
    Fashion retailer Forever 21 joined a very trendy, yet unexclusive club earlier this month when it announced its point-of-sales systems may have been breached. This blog examines how to integrate automated code review into application security strategies.
  • Will Cybersecurity Efforts Change the Game for Software Modernization?

    Will Cybersecurity Efforts Change the Game for Software Modernization?
    Cybersecurity is a hot-button issue these days. You can barely go a few weeks without hearing about a company suffering a breach that puts the business at risk. With all eyes focused on making software more secure, a happy side effect might just be a streamlining of software modernization initiatives.
  • An Encore for Equifax?

    An Encore for Equifax?
    When you are a consumer credit company, victimized recently by a serious security breach where hackers exploited an application vulnerability to steal the personal information of roughly 143 million people, what do you do for an encore? For Equifax, the encore may be “get hacked a second time.”
  • CRASH Report: Customized SAP Apps Increase Application Risk, Decrease Business Performance

    Companies worldwide use SAP, but SAP by itself does not resolve all of an organizations issues. As a result, a number of organizations need to customize SAP applications to suit their purposes, but this has met with mixed results.

    CAST today released the results of the 2014-2015 CRASH Report for SAP, which revealed more than half of those organizations opting to customize SAP applications have encountered increased application risk, additional software risk management costs and disruption of critical business processes.

  • Function Points Analysis: On Point at Federal Productivity Workshop

    In business, measurement is key. It’s not a new concept, of course, but it’s one that information technology has enabled to be implemented to a higher degree than ever before. Function point analysis is one of those areas where, like initiatives such as Six Sigma, the ability to measure can help insure ultimate success.

  • Is Application Security Risk a Result of Outsourcing?

    There’s a common belief in the software development space that when companies choose application outsourcing of their projects, the control they relinquish by doing so results in lower application quality and puts their projects at risk. Once again, however, CAST’s biennial CRASH Report, which reviews the structural quality of business critical applications, has disproved this theory.

  • Software Quality is More than Good Code

    Over the past decade, advancements in static analysis tools from both commercial and open source communities have dramatically improved the detection of developer violations of good coding practices. The ability to detect these issues in coding practices provides the promise of better software quality.

  • Agile-Waterfall Hybrid Best for Structural Quality According to CRASH Report Findings

    For the last half-decade, a debate has raged over which project management method reigned supreme – Agile or Waterfall. To determine which held the advantage, some looked at the management techniques and fluidity with which projects were completed, others judged the debate by pointing to the structural quality of the applications being developed.

  • Paying Down Technical Debt with Mircoservices: Miracle or Myth?

    The growing problem of technical debt cannot be overlooked. InfoWorld Editor Eric Knorr recently highlighted the need for technical debt to be paid down, noting, “I wouldn't be surprised to learn we're now in the process of accumulating technical debt at historic rates.”

  • Poor Software Quality Impacts Application Security

    Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

    This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

  • Making Software Quality the First Measure of Software Security

    If you read the news these days, one would think that software security is something that is layered on top of existing software systems. The truth is, however, that software security needs to be woven into the very fabric of every system and this begins with eliminating vulnerabilities by measuring software quality as the system is built.

    During the CAST Software Quality Fall Users Group, Dr. Carol Woody, PhD, senior member of the technical staff at the Software Engineering Institute (SEI) at Carnegie Mellon University, whose research focuses on cyber security engineering, discussed the importance of software quality as a basis for security.

  • Automated Function Points Provide Data-Driven Captives Management

    Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.

  • Digital Transformation Keeps Software Complexity from Becoming a CIO’s Legacy

    They say “if something works, don’t fix it.” This old adage may be the reason behind why some organizations hold onto legacy systems longer than they should, but it is also the reason why these same organizations struggle with software complexity. In fact, according to the GAO, Uncle Sam spends 80 percent of its $86.4 billion IT budget on legacy systems.

  • VIDEO: IT Expert Calls Upon Automated Function Points for Vendor Management

    Barbara Beech, an expert in the field of IT development for telecommunications companies, recently spoke to CAST in a video chat about her experience using software analysis and measurement as well as automated function points to gain visibility into IT vendor deliverables.

    As a solution to gaining visibility into IT vendor deliverables, Beech points to the CAST Automated Function Points (AFP) capability – an automatic function points counting method that is based on rules defined by the International Function Point User Group (IFPUG). CAST automates the manual counting process by using the structural information retrieved by source code analysis, database structure and transactions.

  • IT RISK MANAGEMENT: A Conversation with BCG’s Benjamin Rehberg

    Benjamin Rehberg, Partner and Managing Director of the Boston Consulting Group and former consultant for IBM Global Business Services, discusses the importance of both IT risk management and application portfolio management (APM) in a video conversation with CAST. He looks at the challenges for IT leaders, the need for software measurement and discusses how IT transformation can improve business operations.

  • Five Reasons You MUST Measure Software Complexity

    There’s an old adage in the IT industry – you can’t manage what you can’t measure. Knowing how complex an organization’s application portfolio is provides insight into how to manage it best. The problem is the issues that comprise software complexity – legacy system remnants, antiquated code, overwritten and rewritten code, the integration of formerly proprietary applications, et al – are the same things that make measuring it difficult.

    With multiple system interfaces and complex requirements, the complexity of software systems sometimes grows beyond control, rendering applications and portfolios too costly to maintain and too risky to enhance. Left unchecked, software complexity can run rampant in delivered projects, leaving behind bloated, cumbersome applications. In fact, Alain April, an expert in the field of IT maintenance, has stated, “the act of maintaining software necessarily degrades it.”

  • Top 5 Reasons to Use Code Analysis Tools with Automation to Establish Vendor Management Metrics

    As IT organizations face increasing demands from business, their IT systems have become increasingly complex. Today’s applications are typically a heterogeneous web of systems and software from an array of vendors and custom development.

  • Closing the Back Door thru Code Analysis

    Have you performed code analysis on your software recently? If not, you are in good company as many companies are failing to do the one thing that could improve their software security – making sure the software isn’t vulnerable to an attack to begin with.

  • CISQ Hosts IT Risk Management & Cybersecurity Summit

    The Consortium for IT Software Quality (CISQ), will host an IT Risk Management and Cybersecurity Summit on March 24 at the OMG Technical Meeting at the Hyatt Regency Hotel in Reston, VA. The CISQ IT Risk Management and Cybersecurity Summit will address issues impacting software quality in the Federal sector, including: Managing Risk in IT Acquisition, Targeting Security Weakness, Complying with Legislative Mandates, Using CISQ Standards to Measure Software Quality, and Agency Implementation Best Practices.

  • 5 Keys to Optimizing Cost-Effectiveness of Captives

    Companies seeking to reduce time to market while improving application quality, today usually choose between assigning application development projects to either in-house teams or outsourced system integrators (SI). However, the cost arbitrage of Global In-House Centers (GIC), better known in the industry as “Captives,” continues to provide advantages in cost competitiveness that cannot be overlooked

  • IT Transformation Benefits for American Cancer Society Can’t Be Understated

    For Jay Ferro, CIO of the American Cancer Society, his employer’s mission hits far closer to home than those of most others in his position. The father of three boys, Ferro lost his 36-year-old wife, Priscilla, to cervical cancer in January 2007. In her memory, he founded Priscilla's Promise, a non-profit organization that brings greater awareness to cervical cancer.

  • IT Transformation Webinar Questions Answered

    During last week’s webinar on IT Transformation featuring Marc Cecere, vice president and principal analyst for Forrester Research, many questions presented by participants went unanswered due to time constraints. Because these questions are likely being asked by many in the IT arena, we asked Marc’s webinar co-host, Pete Pizzutillo of CAST to provide answers to the three most frequently asked questions.

  • IT Transformation Major Component of Biz Transformation

    In today’s software-driven business world, IT transformation has become an enormous component of business transformation and software risk management. This is one of the key messages delivered by Marc Cecere, Vice President and Principal Analyst for Forrester Research, during a webinar held recently on Business Transformation, which was sponsored by CAST, Inc.

  • Fast or Nimble? Agile Should be Both

    I was watching the gymnastics competition at the Olympics on Sunday night and on more than one occasion heard commentators applaud competitors for their agility. As I watched these gymnasts move swiftly and with exacting precision across the beam, floor, vault and bars, I could not help but marvel at their abilities and at how appropriate a descriptor “agile” was for them.

  • Mozzilla Thinks Crashes are a GOOD Thing...Really?

    My six-year-old can tie her own shoes. I honestly did not realize how big of a deal that was until her teacher told me a few months ago that she had, for a short time, become the designated shoe tier in her classroom. Apparently, thanks to the advent of Velcro closures for kids’ shoes, nobody else in her kindergarten class knew how to tie their shoes.

  • Android Application Failures Still Try Our Souls

    Happy Independence Day everybody! I only hope those of you reading this on your Android device have not turned it sideways or performed some other seemingly innocuous action that has made this application fail.

  • The Personnel Side of Technical Debt

    I have been an East-Coaster all my life. I’ve lived, worked and even attended college in states that all lie East of the Mississippi. However, throughout my 18 years working in the technology business, my clients have been spread out around the U.S. and abroad. I’ve found myself doing phone calls before the sun rises and well after it has set. That’s just the way it is in this business.

  • Foretelling Facebook’s IPO Failure

    I’m not one who believes in fortune tellers or those who claim to be able to predict the future. Heck, I don’t even read my horoscope and cringe whenever someone attempts to force it upon me. Only when my wife has attempted to read me my horoscope have I offered even as much as a polite “hmm.” Nevertheless there are many out there who swear by those who claim to be able to predict the future, especially in the financial industry.

  • Great Expectations and How to Meet Them

    There’s a very old mantra around project quality that says, “If you want something done right, do it yourself.”

    I disagree.

  • Who’s Minding the Store?

    Before I could enjoy my Father’s Day brunch this past weekend, I found myself with a list of things to do around the house – cleaning out the garage, vacuuming the car, replacing our mailbox which “someone” in my family (not me) ran over. The latter of these tasks, of course, required that I go out and purchase some tools and supplies – a new post, new box, numbers for the box and a post digger - to get the job done.

  • 'Gate Closings' Before Gimmicks

    With all of the security issues appearing in the press these days, I’m often reminded of a conversation I had with John Kilroy, the former CIO at Cape Cod Hospital. At the time I was doing media relations work for a company in the Health Care IT industry and was working with Kilroy, who has been retired for the last five years, on an article for one of the publications that covers that space.

  • Done Off-Site, Done Right

    In 1807, French playwright Charles-Guillaume Étienne penned the famous line, “On n'est jamais si bien servi que par soi-même.”

    For those who do not speak French, you may recognize this now idiomatic phrase as the oft uttered, “If you want something done right, do it yourself.”

  • Overcoming the Need for Greed

    Developing software, like almost any facet of business, often can be overtaken by some rather sinful thoughts and actions. This is why I really enjoyed a recent post on GigaOm by Magne Land, scrum master and tech lead at RightScale who compares issues within software development to the “Seven Deadly Sins.”

  • De-Stressing over Software

    It’s funny how early stress can manifest itself in human beings. Even my young daughter has found herself under stress lately as she prepares for her annual dance recital this weekend.

  • Next AppDev Star

    We’re a society that is always looking for the “next big thing.”

    Just check out the TV listings. We tune in to find out who will be the “Next Top Model,” “Next Food Network Star,” “Next Design Star” and “Next Iron Chef.” Technology is also quite interested in “The Next Big Thing” as witnessed by the 19.9 million results you get when you Google “Next Big Thing in Technology.” But while most of the TV “Next” searches focus on the individual, most of the “next big things” discussed in Tech have been on a trend level.

  • Did NASDAQ's App Glitch Cause FB's IPO Hitch?

    Facebook, the galactically popular social networking site that for so long has weathered friction regarding weaknesses in its software – particularly around security and privacy issues – may have seen its own IPO effort submarined by a software glitch in the NASDAQ stock exchange.

  • Fix a Hole, Stop a Bug

    After a very mild winter this year, the Northeast part of the country found itself stuck in a prolonged “early spring” where it seemed like but for a couple of days temperatures refused to warm up from the 40’s and 50’s. We seemed to be stuck in the ether between “actual cold” and “comfy warm” for quite a while until the past week or so.

  • Cloud Gives Clear Vision to IT Portfolio

    This blog has long professed the need for businesses to analyze, measure and assess their IT application portfolios to identify those issues with application software that cause a whole spate of headaches, from application failure, to business risk to increased technical debt.

  • Shortcuts Today Lead to Shortcomings Tomorrow

    Catchy slogans are catchy for two good reasons – the put an extremely true point into very simple, succinct language. This is probably why they call these true, simple statements, “catch phrases.”

    One of the most effective catch phrases of my youth was for a product called Fram Oil Filters. Sometime in the 1970’s, Fram came out with a set of television and radio commercials where a mechanic would explain how a simple thing like replacing your oil filter on a regular basis could prevent major engine problems. The catch phrase uttered by the mechanic at the end of each commercial was, “You can pay me now, or you can pay me later.”

  • Living Up to Standards

    By definition, standards are supposed to be a set of bare minimum requirements for meeting levels of acceptability. In school, the students who took the “standard” level courses were those who were performing “at grade level” and just focused on graduating. Every April in the United States we need to decide whether we will take the “standard deduction” – the bare minimum we can claim for our life’s expenses – or do we have enough to itemize our living expenses and therefore deduce more from our base income before taxes.

  • Priorities: Fix it First!

    Since the time of my first household chores, I cannot recall an age when I did not look at a “to do” list of mine and see the need to prioritize things. Whether it was taking out the trash first because trash collection was the next day or recognizing the need to finish edits to a press release going out the next day, prioritization has always been the first step to me getting work done.

    I don’t think I’m alone on this one. Prioritization is probably as important to getting things done successfully as the actual taking on of a task.

  • Quality is a Happy Place

    I love my job!

    I’ve always been an avid writer, even as a kid. So when it came to career choices my decision to enter a profession that demanded writing skills seemed like a natural fit.

    I started out as a newspaper reporter, following in my father’s footsteps, but as the jobs and money there began drying up in the mid-1990’s I took my interest in Technology and made the jump to writing for high tech companies and have been happy doing this job ever since.

  • Is your Critical Application the next Titanic?

    Almost everyone has heard about the Titanic and the sinking of the unsinkable.  I guess if you assume your ship is unsinkable, having only 20 lifeboats for a few thousands people seems reasonable.  Maybe it gets overlooked when there are so many important “features” to get right on the maiden voyage.   I’m sure the pressure to ensure the comfort of hundreds of VIP’s must have been immense.  Sometimes it takes a real disaster for change to take place.

  • Time to Get Smart about Technical Debt

    With every passing day the world’s technical debt continues to expand.  Industry research shows the average business application carries as much as $2 million in Technical Debt.  Analysts at Gartner estimate industry IT debt at $500 billion---and on target to reach $1 trillion by 2015.   What’s interesting about Technical Debt is every ADM team knows they have some, but how much and how critical the debt is typically remains a mystery.  Most financial debt obligations are easy to calculate and definitively known at any given time.  Of course both Financial and Technical Debt both become frightening when they are aggregated, just take a look at a national debt clock if you don’t agree.

  • Replaying the Data Breach Blues

    My tastes in entertainment are pretty broad. While I really enjoy attending sporting events and when Bruce Springsteen is in town I lay aside nearly everything else to attend his concert (as I did in Boston on March 26), I’m also one who enjoys catching a Broadway or Off Broadway Show now and then. In fact, I over the next six weeks I will attend two Red Sox games and two shows at the New World Stages theatre in Midtown.

  • Getting Quality to the Core of Outsourcing

    Last week, Capgemini released its second Financial Services World Quality Report. The report cited that while corporations across the globe continue to be constrained by budget issues, the complexity and volume of application software they handle continues to increase exponentially. As a result, Quality Assurance organizations are turning more and more to the cloud and outsourcing as strategies to achieve quality applications, while attaining optimal business value.

  • Will the REAL Agile Please Stand Up?

    I hate Geometry.

    Actually, I do not hate the concept of Geometry – I’m rather partial to shapes and appreciate the need to calculate the areas, perimeters, volumes, et al that they represent. What I hate about the subject – or should I say “hated” (past tense) since I haven’t had a Geometry class since the mid-1980’s – were the proofs I had to do in order to get full credit for my work.

  • Fixing Broken Windows

    I will never be confused or lumped in with the modern assemblage of DIY’ers (Do It Yourselfers for those even less handy than I). My father was a firm believer in the idea that if you learned how to fix something yourself, you were putting someone else out of a job, and that was unfair, unpatriotic and un-American.

  • CRASHing Into Technical Debt

    Without going into specific finances, I make twice as much money as I did just 10 years ago. You would think this would be an indication that times, for me anyway, are good; yet I still seem to have the same question every month the week before I get paid, “Where did all my money go?”

  • Fed Should Budget for Technical Debt

    It’s a presidential election year in the U.S. That means lots of attention being paid to people saying what they think they want us to hear in order to secure election to office. It also means the standard operations of government tend to fade into the background.

    Take the Federal budget debate. Most years it would be forefront material, particularly in a year when Congress vowed to make significant cuts to the budget in order to reduce the deficit. With election news grabbing the spotlight every night, though, preliminary discussions have generated very little news.

  • New Year, Same Fear

    I’ve never been much of a horror movie fan. I think my deep-seated love and background of history and my fascination for things that are real diminishes my ability to kick back and allow my wits to be uprooted by monsters and other ghoulish figures like Jason from Friday the 13th or Freddie Krueger from Nightmare on Elm Street.

  • Crash Course on CRASH Report, part 3: Technical Debt

    Money isn’t everything…yeah, right!

    There are few, if any, who are so idealistic in this world that they will actually believe money isn’t everything. It doesn’t matter if it’s the scheduled time for a television show or a high-level decision to produce a controversial product, the motivation is money.

  • Sacking the Hackers

    I couldn’t let this week go by without making at least one mention of what is taking place this weekend. This annual event held every year since the year I was born brings most of the United States to a mesmerized halt on the first Sunday in February…and this year I’ll be more mesmerized than I have been the past few years.

  • Mobilizing Security Failure

    Legendary football coach Vince Lombardi once said that "Winning isn't everything; it's the only thing." But decades after Lombardi's Green Bay Packers dominated the NFL, a new slogan joined the sports lexicon - "moral victory."

  • Who Secures Security?

    One of my favorite television shows these days is one of the highly successful USA Network dramas called “White Collar.” The plot revolves around a stellar FBI agent and a highly educated criminal mastermind, who specializes in art thefts and forgeries, whom the FBI agent brought to justice. The FBI agent then turns the criminal into a consultant to the FBI and together they go on to flourish as a crime-fighting team, clearing 94% of their caseload.

  • Caution: Merger Ahead

    Our economy goes through periods of intense merger and acquisition activity, which often reshapes entire industries dramatically in one fell swoop.

  • Taking Fire over Technical Debt

    My father was proud of his military service. He believed that young men and women could learn a lot not only from having served in the armed forces, but from having actually experienced the stress that comes with "taking fire."

  • Capgemini Extends CAST Globally

    After many years of close collaboration and significant industrialization investments led initially in France, Capgemini Group has completed a worldwide investment in automation from CAST.

    The agreement will enable Capgemini to extend extended CAST technology, which has been in use at Capgemini’s Application Intelligence Center since 2006, on a global basis. This will ensure the highest software quality standards in application development and maintenance across all its clients worldwide and enable Capgemini to accelerate the introduction of new application risk assessment offers based on advanced structural software analytics from CAST.

  • Hey Agile: Good Enough Ain’t Good Enough

    As a writer, I frequently go back and review pieces I’ve written over time. When I do, I’d like to think that I’ll be happy and satisfied with each and every article, announcement, blog or brochure.

  • Speed Kills

    Some among us may remember Earl Scheib who owned a chain of auto painting facilities; at least, that's what he called them. In actual fact, his shops were a national joke. In his TV commercials he would tell viewers, “I’ll paint any car for $99.95” and would promise one-day service. He did just that, but as the old saying goes, "You get what you pay for."

  • Crash Course on CRASH Report, part 2: New Insights

    I confess – I’m an “Urban Myths” junkie. That doesn’t mean I believe in every Urban Myth that comes across my email inbox; much to the contrary, in fact, I’m a born skeptic. I snicker at the widespread beliefs and openly wonder how someone could believe that Bill Gates would send them a check for forwarding an email or that Mr. Rogers was a Marine sniper or that some currently popular entertainer was born a different gender.

  • Clouding the Outsourcing Issue, part 2

    Don't bother trying to reach me the next few weekends; it’s playoff time in the NFL!

  • Stop Passing the Buck on Technical Debt

    After listening for many years about the European debt crisis, the downgrading of U.S. debt and every other tale of woe about debt, I believe my patience is owed an enormous debt...and seeing as today is my birthday I would like it paid off immediately!

  • Days of Auld Lang Syne Best Not Be Forgot

    Should old acquaintance be forgot, and never brought to mind? Should old acquaintance be forgot, and days of auld lang syne?

    Yes, many of us will find ourselves this weekend sipping champagne and singing the familiar lyrics of this centuries-old tune that has become as synonymous with New Year’s Eve as resolutions and the ball dropping in New York’s Times Square. But in a year when we saw one major outage, malfunction and security breach after another befall organizations that rely upon technology, we should heed a lesson from these verses.

  • Will You Source Them Here or There

    My wife often jokes that we had a child for the sole purpose of giving me a good reason to read Dr. Seuss' books on a regular basis. When she does this I object- vehemently; she is absolutely wrong! I would most definitely read Dr. Seuss whether or not I had a child.

  • The Dark Side of the Limelight

    Marketers frequently discuss the benefits of market leadership – the ability to charge premium pricing, attract the best talent, retain customers – and the like. Today, there is a new metric: if you develop operating systems, applications and other kinds of software, if someone isn’t trying to hack your work, then you must not be a market leader.

  • CAST Defends the Defenders

    Pentagon to the Department of Energy, government organizations have been hard hit this year by IT systems outages, performance issues and security failures, most of which have stemmed from structural quality issues. But as bleak as this may sound, the good news is that these problems seem to have served as a wake-up call.

    The Department of Homeland Security has already taken steps to begin addressing software structural quality issues by acknowledging they exist and bringing in IT leaders who can help them spot issues and fix them. Similarly, the U.S. Air Force announced in October that it had certified CAST's Application Intelligence Platform (AIP) to review its systems and applications and detect structural quality issues.

  • Hacking Up a Hospital

    I’ve been accused of being a 'homer' – someone who is so devoted to the metro area he lives near that he overplays its good points and has a blind spot for its shortcomings. I make no apologies for being this way about Boston, for as the Standels sang long ago: “I love that dirty water; oh, Boston, you’re my home.”

  • A Crash Course on CAST’s New CRASH Report

    p>Last week, CAST issued a report on the summary findings of its second annual CAST Report on Application Software Health (aka CRASH), which delves into the structural quality of business application software. The report has earned significant coverage throughout the technology media, including InformationWeek, InfoWorld and Computerworld, as well as the Wall Street Journal.

  • CRASH Report Exposes Millions in Technical Debt

    This year has been marked by high-profile outages and security breaches at global organizations like Sony, Sega, RIM, Citi, RSA, Honda, the International Monetary Fund the International Olympic Committee and multiple airlines, not to mention the U.S. Department of Defense. What each of these have in common is they each have at their root some structural quality flaw that led to malfunctions in their IT systems, failures in their application software or loss of sensitive data.

    It should come as little surprise, therefore, that the 2011 CAST Report on Application Software Health (CRASH) this morning reported that organizations are squandering millions of dollars in technical debt due to issues in their application software – issues that could have been eliminated during pre-production had proper structural assessments taken place.

  • What the New York Giants Can Teach Us about Software Quality

    As we all know, Sundays are for football, and this past Sunday brought some choice matchups. Although I am a devout fan of the New England Patriots, one of my favorite games paired the undefeated Green Bay Packers, led by quarterback Aaron Rodgers, and Eli Manning's New York Giants. Tied with less than two minutes to go in regulation, Rodgers did his best Tom Brady imitation, leading his team on a spectacularly engineered drive that preserved their as-yet unblemished record.

  • What We Don't Know is Hurting Us

    Recently, @dangerroom posted about a computer virus infecting the software that manages the U.S. Air Force’s Predator and Raptor drones -- the ones that perform reconnaissance and attack insurgents in Afghanistan, Iraq and other hot spots. The software hasn’t prevented the drone program from continuing, but so far the Air Force has resisted attempts to remove it.

  • Sealed with a K.I.S.S.: Keeping IT Software Simple

    Kudos to Roger Sessions, the CTO of ObjectWatch. Recently, Sessions took a stand supporting “the intentional architectural design of simplicity into a software application,” which he dubbed “simplility.”

  • Olympic Hacking

    In just over 250 days, the eyes of the world will turn to London, England, for the opening of the Summer Olympic Games. Athletes from countries around the globe are deep into training regimens in preparation for the largest stage of athleticism on the planet.

  • Gold Stars are Only for Winners

    With the ever-growing abundance of viruses, malware and other threats to our networks, laptops, mobile and other devices, I was interested to read Peter Saddington's blog post for @agilescout that brings a software development angle to Todd Dewett’s post, “Soccer Has Ruined America.”

  • Microsoft Ducks Duqu

    November’s most popular day in the United States is arguably the fourth Thursday of the month – Thanksgiving Day. In the Tech industry, however, it is the second Tuesday of the month – yesterday to be exact – that garners heightened interest. The reason for the additional interest is that the second Tuesday of the month means Microsoft Patch Tuesday.

    And this month in particular there was a bit more interest in Patch Tuesday than is ordinary, only the added interest was not due to the patches released by Microsoft; in fact, those were quite light. It was a kernel patch NOT released that drew the greatest attention.

  • Toast, Coffee & Software Quality

    Last week’s admissions of bugs in newly released software by Apple and Google were just the latest reminders that the battle between bringing software products to market quickly and optimizing software quality is coming to a head in a year that has seen far more than its share of software outages, malfunctions and security breaches. Most of these problems have been the direct result of problems with the structural quality of software and have cost the companies hit by them a great deal both financially and in terms of reputation.

  • Marketing over Matter

    I keep asking the question over and over again in this blog – why won’t tech companies take the time and get it right before getting it out?

  • Is There a Technical Debt Tipping Point?

    This year, 2011, seems to have been the year of discussing, debating and, hopefully, dealing with debt crises. The U.S. Congress’ Super Committee has its deficit reduction recommendations due in three weeks. Meanwhile the Greek government is reconsidering the debt restructuring deal it signed just just last week. It’s pretty clear that in those situations, debt crises have reached a tipping point, but it’s far from clear whether those responsible will “man up” and address them.

  • Hacking the Heart of the Matter

    The issue of hacking in today’s society has gotten as serious as a heart attack – literally!

    In what seems like something that should be relegated to a bad action movie or the sinister deeds of some cartoon villain, researchers have demonstrated that hackers have the capability to send radio signals that could reprogram implantable medical devices, such as pacemakers or insulin pumps. Fortunately, there have been no actual cases of fiends roaming the streets striking dead people dependent upon pacemakers, but the mere fact that it is a possibility is frightening.

  • Become an Outsourcing Over-SEA-er

    As a parent to a young kid, nights out are pretty rare. But every now and then, my daughter's "Auntie Ellen" will throw us a bone and watch our daughter overnight so we can hit the town. We're very grateful, of course, but more often than not, our daughter returns home in full-on crazy mode. We can never be entirely sure the reasons - apparently, much like the Las Vegas ads, "What Happens at Auntie Ellen's, Stays at Auntie Ellens" - but we suspect the crazies were brought on by free-flowing sugar binges and a very late bedtime.

    Luckily, sugar highs and sleep deprivation in a kid whose childcare was "outsourced" to one of her favorite aunts are pretty easy to remedy. The same cannot be said, however, for faulty software builds that were outsourced to an offshore team.

  • Curtis Gives Keynote on Technical Debt at Construx

    The Construx Software Executive Summit, which opens today in Seattle, WA, provides a forum for top executives to compare, evaluate and improve their Software Development experiences and strategies at the enterprise level. Keynoting this year’s summit will be CAST’s chief scientist, Dr. Bill Curtis, who will present on the topic, “How Governing Code Quality Reduces Business Cost and Risk."

  • Garbage In, Garbage Out

    I learned recently of the passing of my first boss in the tech industry, Clint Battersby, a couple months back. Clint was a driven, highly motivated technologist. He was a creative individual with a number of patents to his name and with several tech startups founded by him.

  • Seeking Independence from Being Hacked

    While it was far from being the “shot heard ‘round the world” of Revolutionary War fame, the cyber attack on the Pacific Northwest National Laboratory over July 4th weekend this year did represent a significant first blow in the search for liberty for that organization – specifically, liberty from being hacked.

  • Falling Off the RIM

    I was standing at the curb waiting for my daughter’s school bus to arrive when I instinctively pulled my BlackBerry Curve out of the holster on my hip. I do this dozens if not 100 times each day because I have the vibration turned down low so as not to be like “all the other” smartphone users out there who buzz every 30 seconds when they get an email or text. That doesn’t mean I check it any less, it just means I don’t buzz when I walk.

  • CAST Certified to Help Air Force Aim High on Structural Quality

    Organizations can ill afford to have structural quality issues bring down their software applications and interrupt the conduct of business. The implications of poor software quality are amplified if that organization is part of the government-- and accentuated even further if that organization is one charged with defending our country.

  • CAST-ing Quality on HCL’s Assessment Services

    CAST announced today an agreement with HCL Technologies, a leading global IT services company, that will augment the outsourcing company’s ASEESS-SMART software assessment services with CAST’s Application Intelligence Platform (AIP) capabilities of automated analysis and measurement.

  • You Are What You Eat: Secrets to Healthy IT

    For those of us who remember the 90's, two lessons stand out that would be wise to heed in today's highly interconnected technology kitchen:

  • Sibling Rivalry: Code Quality & Open Source

    We know there’s “no such thing as a free lunch,” that “freedom isn’t free” and that if you get something for free, you probably got what you paid for. Even in the tech industry, when we talk about open source software, we immediately think “free”, yet instantly jump to the old caveat of “think free speech, not free beer,” the idea there being that open source is the layer-by-layer developed product of well-intentioned developers seeking to produce high quality software that competes with established applications.

  • Government Its Own Worst Enemy in Cyber War

    Ever a man ahead of his time, Albert Einstein once said, “I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.”

    Were he alive today, the only thing he likely would change about his statement would be how World War III would be fought. He surely would look at the threats posed by cyber attacks and surmise the most dangerous weapon of the next world war to be an invisible terror delivered electronically. He would note that the threat could come from any nation state – it would not even have to be a world power – delivered with complete stealth, hit at the most sensitive systems ,cripple infrastructures, topple economies and create chaos -- all before even a single soldier was wounded.

  • Clouding the Outsourcing Issue

    Back in August, "CIO Zone" posted a blog outlining the top five cloud computing trends. Smack-dab in the middle of the top five was this one: "Custom cloud computing services," which delved into how outsourced IT organizations must focus on automated software and become experts in migrating to SaaS, PaaS and IaaS in order to ensure the least painful cloud migrations. It brought to mind how, in an effort to save money, so many businesses blindly hand over their whatever-it-is-to-be-done to outsourcers and hope for the best.

  • Structural Quality Must Be Part of Agile Vocabulary

    I cannot believe how much our education system has changed. When I went to kindergarten, most of curriculum revolved around getting along with others (a lesson some will argue never took with me) and some basic verbal skills. I learned at my daughter's kindergarten orientation that blocks and finger painting have been replaced by geography, math, science and civics.

  • Scrum & Technical Debt: Love the One You're With

    Bravo to Joe Little, who writes the Agile & Business blog.

    Little recently penned a piece about the intersection of Scrum and technical debt titled “Scrum Hates Technical Debt.” I’m sure it does, but I think what he really means is that true Scrum hates technical debt.

  • Software Quality Haunts Honda

    I’m strictly an “American Car” guy. Every car I’ve ever owned since my 1988 Ford Escort when I was in college has been American made.

    It’s not so much that I’m “gung-ho” pro-Union or some staunch advocate of only buying products made in the USA – although if two products were comparable I’d probably give the “Made in the USA” label the nod. Honestly, I’ve looked at foreign vehicles when car shopping, but the best deals I've found continue to come from my local Ford dealer.

  • Adding to the Cost of Failure

    Victimized by more than a dozen hack attacks earlier this year, most of them at the hands of the LulzSec group, which gained unauthorized access to more than 100 million customer data files, the gaming, media and electronics giant has faced massive lawsuits and reparation payments not to mention the embarrassment that the massive data breaches have caused them.

  • More on Agile at 10…and a Half

    Agile development celebrates a half-birthday this month, so I figured it was time to reflect upon my comments a few months ago when I took it to task for not taking software quality more seriously.

  • Dropbox Drops the Ball

    Our society has a particularly annoying habit, one that’s not exclusive to any one specific walk of life, business or industry, nor is it one that we are likely to see our society give up anytime soon. The habit is known by several names, but is most commonly referred to as “finger pointing” or “the blame game.”

  • Sunny Day, Sweepin’ the Hacks Away

    “S” stands for security, something “S” organizations like Sony and Sega appeared to have too little of earlier this year. You could also say “S” represents the U.S. Dollar sign ($) that is associated with the FDIC and IRS, both of which have recently fallen victim to phishing attacks and have had their security compromised. Unfortunately, they are not alone; organizations that start with many letters of the alphabet have fallen victim to security issues this year.

  • Patrolling for Issues in Legacy Apps

    It’s not uncommon for organizations to hold onto their application software and IT systems longer than they should. This is particularly true for government agencies – Federal, state and local. When you combine an “if it ain’t broke, don’t fix it” mentality with budget cuts and comfort levels of staffers, there is little impetus for change.

  • Execution of Government IT: I’m All For It!

    There’s a huge dichotomy in how the private and public sectors address security breaches.

  • Technical Debt Gets the Message Across

    A couple weeks back I read the most vastly understated opening line of a blog that I’ve seen in the six months since I began blogging here on OnQuality.

    Blogger @tadanderson, a .NET architect by trade, recently opened a post on his Real World Software Architecture blog by noting, “Finding the perfect balance of influence between IT and the Business Owners… is not easy.”

  • Unscrambling Scrum

    I’m a big fan of things that make sense. Simple explanations, using metaphors to explain the otherwise inexplicable, incorporating landmarks into driving directions and splitting up large projects to get them done faster are all concepts with which I find favor.

    This is why, when I first learned about Scrum, it seemed like a valid way to develop software faster, or at least more efficiently. In my mind, it made sense that if you were to build multiple parts of a single application simultaneously and then bring them together, the final product could be built much faster.

  • New Partnership CASTs Eye on Outsourcing

    Whenever a company chooses to outsource, there is a certain relinquishment of control. It is simply neither possible nor desirable to hold tightly to the reins of all aspects of an outsourced project. It stands to reason, therefore, that studies in the industry have revealed that many in IT management either are dissatisfied with their outsourcers or feel their outsourcers have “made up” work to pad their billings.

  • Did We Really Need an Act of War?

    Last week’s revelation of a March cyber-attack on a U.S. Department of Defense contractor by an “unnamed foreign entity” demonstrated just how vulnerable this country has been to this “new warfare domain” as the government categorizes these cyber-attacks. Of course, as is typical of a government admission, it took four months for the Department of Defense to own up to the breach and it did so only as a means to bolster support for its new cybersecurity plan.

  • Microsoft Mulls Malware

    Look around you. Microsoft says that if you’re among a group of people working on a PC, at least one of you has a machine infected with malware.

    Based on statistics gathered by its free scanning tool, Microsoft Safety Scanner, Microsoft reported last month that 5% of computers – one out of every 20 – are infected with malware. The average number of malware applications on each infected machine? Nearly 3.5. With this much malware out there, it’s little wonder we’re seeing such a high number of security breaches at major corporations.

  • The Enemy Within

    We woke today to the news that back in March a Pentagon defense contractor was the subject of a cyberattack by an unidentified nation state that resulted in 24,000 sensitive files being stolen.

  • In Defense of Agile

    As you may know from my bio here, I’m a big fan of Boston sports. So you can understand how thrilled I was a few weeks ago when “my” Boston Bruins won the Stanley Cup for the first time since I was my daughter’s age!

    It wasn’t easy for them, though. Through the first round of the playoffs, they looked like they could be a “one-and-done” team and everybody – including some alleged diehard fans – were already calling for the dismissal of their head coach because of their anemic performance. Nevertheless, they made the necessary adjustments, got some stellar work out of key individuals, overcame a few adversities and in the end proved to be the best team in the National Hockey League this year.

  • Stranded by Software

    As a nursing home consultant and her company’s top mentor for clients that have fallen afoul of their states’ regulatory commissions, my wife travels nearly every week of the year. As a result, I have a ton of second-hand experience with airline delays and passengers being stuck in an airport far from home…especially when she flies one particular airline, which shall remain anonymous (but which rhymes with “You Guess Stair Ways”).

  • Hackers are Getting Smarter; are You?

    Sony, Sega, RSA, the International Monetary Fund, the Arizona Department of Public Safety, even the CIA. It seems no organization – private or public – is immune to hackers these days.

  • Structural Quality: The Invisible Hand

    One of my favorite reads among tech bloggers is Dion Hinchcliffe over at ZDNet. I’ve followed his blogs for much of the last five years and whether I agree with him or not, I almost invariably find his points compelling and his willingness not to mince words refreshing; he even makes the occasional light bulb go off in my head.

  • ID’ing the Debt

    Last fall, Gartner’s Andy Kyte issued a wake-up call about technical debt that was akin to a piano being dropped on the head of the IT industry. In estimating that technical debt – the cost to fix the structural quality problems in an application that, if left unfixed, put the business at serious risk – has already reached $500 billion globally and is fast on its way to exceeding $1 trillion by 2015, Kyte stirred up a hornet's nest of activity around the topic.

  • Going Gaga over Google

    It was recently reported that within the next couple months the meteoric rise of Android Market is all but certain to overtake the iPhone App Store in terms of the number of applications offered. Taken on face value, this should come as little surprise to anyone.

  • Automated Analysis Amends Agile’s Ailments

    Time to market is a major consideration when developing software these days. Feeling the pressure of competition, companies realize they need to move swiftly and cannot rest upon their laurels if they wish to remain ahead of the competition and be the company that sets the trend rather than follows it.

    But the pressure to produce software in short order can lead to software that is the quality of a food prepared by a short order cook – it might suit its purpose, but the quality is far from top-notch.

  • Insecure Over Quality

    The rate at which security issues have plagued businesses lately is staggering. Every week we hear of multiple vulnerabilities, millions of personal data records being exposed and corporations watching profits dwindle as reparation costs for these breaches extend into millions and even billions of dollars.

  • Developers: They're Only Human

    Human beings are an odd animal. We’re the only animal that experiences embarrassment over mistakes; some say we’re the only animal that realizes we make them. We also run a full gamut of emotions when we make mistakes – from frustration and self-deprecation to humor and acceptance.

  • Managing Risk, Avoiding Disruption

    I’ve written quite a bit about the spate of businesses that have suffered some form of disruption over the last few months – security breaches at Sony, Android malware attacks, system outages at the London Stock Exchange, operational system failures on London’s East Coast Line and numerous others. All these cases have had one thing in common: they all have had software structural issues as their root causes.

  • Avoid Disaster in Disaster Recovery

    From the earthquake and tsunami in Japan back in March to the tornadoes that have ripped through the Midwestern United States over the last two months, we have been witness to the violence and destruction Mother Nature can inflict without warning.

    As we begin to move on from the shock of the destruction wrought by these natural disasters, we turn our attention to the recovery, both in human terms and in terms of business.

  • Sony: 'Oops!...I did it Again!'

    The hits keep coming for Sony. Unfortunately for the music label and technology icon, though, its latest hits aren’t the ones that chart on Billboard, but rather the kind that cost it money and give the company a black eye in the media.

  • Insight into the Rewrite

    In the Bible, when Moses returns to Mount Sinai after smashing the Ten Commandments, God says to him, “The LORD, the LORD, the compassionate and gracious God, slow to anger, abounding in love and faithfulness, maintaining love to thousands, and forgiving wickedness, rebellion and sin. Yet he does not leave the guilty unpunished; he punishes the children and their children for the sin of the parents to the third and fourth generation.”

  • CAST Highlight Gives Enterprises a Kick in the Apps

    System outages, software failures, security breaches and IT maintenance costs are all rapidly on the rise. It seems like not a day goes by that we don’t read about one company or another announcing that their system went down or revealed personal data to hackers. Couple that with published estimates of technical debt at a half-billion dollars globally and $1 million per company and you see that things are getting out of hand. The sad part about it is it doesn’t have to be that way.

  • Agile Turns 10 – Time to Grow Up

    Happy Birthday to Agile Development! You’re 10 years old now; that’s an important age. A lot of things start happening at age 10. The pre-teen years start and things will seem to get awkward. Most important, a lot more will be expected of you.

  • Mobile App Development: Many Questions, Few Answers

    Usage of Google’s Android mobile platform is growing at an exponential rate; unfortunately, so is the malware being developed to attack it.

    On Monday came the news of the Malicious Mobile Threats Report 2010/2011, released last week by the Juniper Networks Global Threat Center, that reveals a frightening statistic: since the summer of 2010, “Android malware has surged 400 percent.” What is to blame? According to eWEEK’s Fahmida Y. Rashid, the report cites user naiveté and general nonchalance as a major reason for malware developers putting a big 'bulls-eye' on the Android platform.

    All of this begs the question: As Android sales continue to rise at exponential rates and overtake sales of all other smartphone platforms, at what point does someone tell Google it needs to do a better job of policing its app store?

  • Quality Doesn’t have to be an Afterthought

    There once was a time when "settlers" were a hearty bunch. They were determined, adventurous folks who risked all to head out from their homes in the East to grab a piece of the unknown in the West on the premise of “what might be.”

  • Forecast Upbeat for CAST

    I’d like to begin by offering a resounding THANK YOU to CAST’s worldwide roster of customers and partners. It’s because of you that the good news just keeps coming from CAST!

  • Hackers Aren't Playing Around

    The two Sony Playstation security breaches that affected more than 100 million account-holders over the past couple weeks (77 million in the first with another 26 million last week) and exposed their personal information to hackers is just the latest example of how software code vulnerabilities can lead to the failure of mission-critical applications.

  • IT Outsourcing: Do You Know Where Your Software Is?

    Outsourcing is not exactly a new idea. As far back as the 1950’s, companies that found they didn’t have the resources in-house to perform tasks began looking to other individuals and companies to fulfill their needs. It wasn’t until the late 80’s that outsourcing really began to take off as companies turned to “offshoring” of outsourced projects to countries such as China and India in order to take advantage of the savings in labor costs.

  • Who’ll Stop the Rain: Seeking Quality in the Cloud

    It’s nearly impossible these days to pick up a trade publication covering the tech industry without reading something about cloud computing. The plethora of coverage is enough to make one think that cloud computing is the latest technological panacea, good for everything from live data storage to data archiving and all enterprise needs in between.

  • Is Agile Enough to Ensure Quality?

    Whether it’s in sports, medicine, music or even a military operation, I’m a firm believer in the “best man for the job” concept. This is why Agile, or more specifically, Scrum development, sounds to me like a smart play for an organization.

  • Yeah, We’re Cool

    We’ve known it all along, and now the rest of the Tech industry has been told thanks to the folks at Gartner who earlier this month named us to their “Cool Vendors in Application Services, 2011” report.

  • Technical Debt: No Penalty for Early Payment

    In software development, much like in life, a little debt can actually be a good thing to get other more critical things moving. Although in previous blogs we have defined technical debt as “the cost to fix structural quality problems in an application that, if left unfixed, could put the business at risk,” engaging in a small, manageable amount of technical debt can actually make a project move faster and facilitate reaching the objective of executable application software. This was the thought of Ward Cunningham, the originator of the technical debt concept.

    But as Derek Huether points out in his technology consulting blog for Dumas Lab regarding technical debt, “Just like regular debt, you’re going to have to pay it back sooner or later. “

  • All the Talent in the World

    So sayeth the introduction to the blog page of Code Renaissance, an organization that claims to be “about building great teams and great software. By exploring best practices, team interactions, design, testing and related skills Code Renaissance strives to help you create the team and codebase that you've always wanted.”

  • Certifiably Mobile

    Earlier this month, Symantec released its Internet Security Threat Report for 2010, and much like other reports on the state of software security for last year it showed significant increases in malware and other threats to application software and websites. In all, Symantec reported 286 million new Internet threats in 2010.

  • To be Forewarned is to be Forearmed

    Let me start by saying that RSA is a name I generally equate with security of enterprise systems. That belief made it even more surprising a few weeks ago when I read that the security giant had been the victim of a cyber attack.

  • It’s Tuesday; Do You Know Where Your Patches Are?

    It’s Patch Tuesday again. The monthly rite of passage for Microsoft as it attempts to patch some of the holes in its software that it didn’t bother to fix before they put it in the box as well as those exposed after the software had been installed in millions of devices.

  • When Good Software Goes Bad

    Last week on the East Coast Main Line, which connects London to Edinburgh, a software malfunction left five trains stranded mid-track and significantly delayed others after a power supply issue knocked out the signaling system. According to reports, software that should have instructed the backup signaling system to kick in failed to function, causing all signals on the line to default to “Red,” halting trains where they stood. The failure left more than 3,000 rail passengers stranded or delayed for more than five hours on a Saturday afternoon.

  • Waylaying the 'Elephant in the Room'

    Each year, software errors cost U.S. corporations in excess of $60 Billion for repairs and maintenance costs. The problem is pandemic, affecting companies of all sizes from those topping the Fortune list to pre-IPO start-ups.

    And the cost of software failures is not only financial. The hit to a company’s reputation that results from software malfunctions can result in lost customers, lost new business and damaged reputation, compounding the costs to fix the problem. When it comes to software, quality counts!

  • Software Quality IS a Matter of Life & Death

    There are many different levels of software quality related crises in the IT world. There are those that are a mere inconvenience, like when Twitter, Facebook or Gmail go down. There are those that pose a significant business difficulty, like when a number of financial organizations faced outages recently. In the medical industry, however, software quality failures go beyond inconvenience and difficulty; they result in life and death consequences!

  • Non-Risky Business: Using Static Analysis to Ensure Software Quality

    Earlier this week, our own Jitendra Subramanyam joined industry luminary Capers Jones, Chief Scientist Emeritus of Software Productivity Research (SPR) to co-host a webinar on curbing application software outages like the ones seen in the financial sector over the past couple months. The webinar, titled “Stop High-Profile Outages by Quantifying Application Risks,” focused on the importance of static analysis of application software during the build and/or customization phases to identify potential issues than can them be fixed, preventing a future outage.

  • Once More into the Breach

    “Once more into the breach, dear friends…” wrote William Shakespeare in his epic work, Henry V.

  • Gartner-CAST Whitepaper: Monetize Technical Debt

    Last fall, Gartner VP and Fellow Andy Kyte brought significant illumination to a long-known fact in the technology industry – that billions of dollars were being spent on Technical Debt - the cost of fixing the structural quality problems in an application that, if left unchanged, are highly likely to cause major disruption and put the business at serious risk.  Kyte said that Technical Debt has exploded in recent years; he set the current value of Technical Debt at approximately a $500 Billion globally and said it was quickly escalating to the $1 Trillion mark by 2015.

  • Developer be Agile, Developer be Quick; Use Automated Analysis, it Does the Trick

    All business-critical applications consist of many intertwined components. In Agile Development, these components are built individually in “scrums,” but eventually have to coexist and work together, possibly across many layers (UI, data, business logic). This underscores a fundamental problem among applications created using Agile techniques: How do you ensure that the end product performs reliably and dependably outside the production environment?

  • Boondoggling Google

    Earlier this month, Google announced steps it was taking to remote wipe more than 50 malicious applications that infected Android devices through the DroidDream malware, which had gained root access to devices running Android OSs from 2.2.1 (Froyo) and older. Just days later, Symantec uncovered a fake Google Android update bearing a name identical to the security update intended to remove DroidDream malware from devices.

  • As IT Budgets Rebound, Companies Look to the Cloud for Quality

    Alyson Behr, a contributor to SD Times, wrote yesterday about companies beginning to increase their IT spending this year as the world begins to emerge from the global recession. This is all good news to those of us in the IT industry – it sure has been a long time coming! We’ve been mired in this economic quagmire for nearly a decade and the increased spending displays promising, albeit measured confidence that things are beginning to get better.

  • Titanic Dilemma: The Seen Versus the Unseen

    On the night of his ship’s maiden and lone voyage, the skipper of the Titanic saw the top of an iceberg, swerved  to avoid it, and in doing so piloted his ship’s hull directly into the monstrous portion of the iceberg that lied unseen beneath the surface of the ocean, tearing apart the “unsinkable” ship. Had he known what lied beneath the surface, his reaction likely would have been much different and could have yielded a very different, possibly positive result.

  • Code Vaccination: A Health Checkup for Your Applications

    Another day, another major IT company announcing a security vulnerability in its software.

  • Gartner Tech Trends for 2011…Or Rather the One They Forgot

    Recently, Gartner Research VP and Fellow David Cearley hosted a webinar to discuss his group’s take on the top strategic technology trends for 2011.  The webinar followed closely the trends Gartner had announced in conjunction with its Symposium/ITExpo last October in Orlando.

  • Assessing Android

    Earlier this week, news broke that for the first time since it hit the market, Android smartphones have overtaken both BlackBerry and iPhone. The popular mobile device now claims a 29% share of the U.S. market while its chief competitors hover in second place with 27% each.

  • Serving Up Some Humble Pie with Google’s ‘Ice Cream’

    Google Executive Chairman, Eric Schmidt, while at the Mobile World Congress held in Barcelona a couple weeks ago, used his keynote address to discuss the future of the Android mobile operating system. Among the points he addressed was the naming convention for the next version of the OS, quipping that version 2.3 for smartphones, code-named “Gingerbread,” would be merged with the tablet optimized version 3.0, code-named “Honeycomb.” ReadWriteWeb reported that while Schmidt would not confirm reports that the name of the resulting OS would be “Ice Cream,” he did say “the follow-up release will start with an "I" and will be named after a dessert.”

  • Don’t Dawdle on Debt: Establishing a Technical Debt Action Plan

    Recently, Gartner Analyst Andy Kyte made quite a stir when he published a report that brought to the forefront just how expensive the cost of software maintenance is becoming for the IT industry.  As reported by Patrick Thibodeau in Computerworld, Kyte cited what he called IT Debt as already standing at $500 billion and fast on its way to surpassing $1 Trillion globally.

  • Sometimes it is Rocket Science

    Very often when describing a concept, technique or any way of doing something, you hear people quip, “It’s not rocket science.” While normally this holds true for static analysis of business applications, the difference between the capabilities of the type of automated analysis and measurement offered by CAST versus manual structural analysis can make the former seem like rocket science.

  • The Financial Implications of Technical Debt

    Discussions in the industry about technical debt have been focused on the IT costs involved in remediation and the potential risk to the company if applications deployed with poor structural integrity fail to perform optimally, or fail completely.