The Software Intelligence Blog

  • Software Quality Gets VIP Treatment at the AIP 7.3 Action Forum & Launch Party

    Avenue of The Americas in New York was awash with software quality metrics and quotes Thursday night as we celebrated our Software Quality Action Forum and AIP 7.3 Launch Party at the Eventi Hotel. Throughout the day, speakers discussed the current state of measurement in the IT industry and painted an inspiring picture of where software quality measures in software development are headed.

  • Introducing CAST's Software Analytics "BCG Matrix"

    The BCG matrix is a classic planning model devised in the 1960s by the Boston Consulting Group and copied henceforth by every other advisory firm. It is typically used to help organizations decide which areas of their business deserve more resources and investment. The matrix traditionally categorizes products within a company's portfolio according to growth rate, market share, and cash flow.

tst mze
  • The Best Software Analysis and Measurement Engine Just Got Better

    In this era of big data, analytics has become an invaluable tool for IT organizations to succeed. Not only for ensuring a high quality product, but also keeping your customers safe from malicious hackers and application crashes. Despite the obvious need, some executives struggle with the business case for proper software analytics and opt for skunk-work metrics that are less accurate and more expensive.

  • IT Needs New Ways To Talk About Quality!

    Gartner report highlights “application development managers need new ways to demonstrate and communicate the business value of software quality for innovation projects.”

  • Traditional Testing Alone Won’t Stop Software Outages & Hacks

    Modern software systems have become so complex, with software components interacting across multiple application layers, there’s no way one single developer can hope to conceptualize how it all fits together. A National Research Council study found that as we demand higher levels of assurance, traditional testing cannot deliver the dependability required at a reasonable cost. At the intersection of these two realities lies the biggest problem facing software development today: architecturally complex violations.

  • Software Quality In Action Forum: Confronting IT Risk & Cost

    Join CAST on Thursday, October 16th for a practitioner forum on operationalizing software analytics to confront the growing IT risk in a controlled and cost-effective manner.

  • IT Experts Respond to Controversial 2014 CRASH Report: Agile Alone is Not Enough

    We knew that the most recent findings from our 2014 CRASH Report would cause a stir among the software development community -- especially Agile advocates -- but we were pleasantly surprised by the overwhelmingly positive reception the news received.

    Much of the feedback mirrored opinions we’ve heard from industry insiders, but were largely ignored by the development community who accepted ‘pure’ Agile as the epitome of development methods. Many who have worked on large business critical systems felt attention to architecture up front was necessary to avoid serious constraints or painful re-architecting later in development.

  • When It Comes To Code Quality: Agile, Waterfall, or Both?

    Supporters of the Agile development methodology have long held that the traditional Waterfall approach to software development was slow, bloated, and unnecessary. The fast-cycle, short sprints of Agile development gave it an edge in a world that moved in Internet time. On the other hand, Waterfall advocates claimed the move to Agile was too swift and that the shorter sprint times would result in architectural weaknesses and increase coding errors.

  • Online Retailers Face New Threat This Holiday Shopping Season

    As the days grow shorter and the nights grow cooler, that can only mean one thing: holiday shopping season is upon us. Last year, in the months of November and December alone, Americans spent $46.5 billion shopping online. But, in the season of peace, love, and harmony, e-commerce platforms, the engines that power both online and in-store shopping, are at war. Whether it is a system outage, data breach, or sluggish website, a single incident can mean massive revenue losses, and send stock prices plummeting.

  • Celebrity iCloud Hack Reinforces CAST Research Findings

    If you were too busy enjoying your Labor Day festivities, you might have missed the news of several famous celebrities having their iCloud photostream hacked and dozens of compromising photos suddenly appearing on the web. It’s a scary story, and one that sparked a national conversation about how secure your data really is on the cloud, and how far organizations like Apple should go to protect that data.

  • Software Risk Infographic: The IT Industry is Blind to Their Lurking Brand Problem

    Most IT organizations wouldn't consider the software risk in their application portfolio a brand issue; that is, until they experience a tragedy or crisis such as application failure and customers start to worry. Most of the time IT organizations are able to calculate the cost to fix the problem and how it will affect their overall business. However, what often isn't taken into account is the long term effects on their brand and business going forward.

    For instance, it’s been an incredibly difficult year for Malaysia Airlines, who are now struggling with a record decline in passengers and preparing to restructure after losing two aircraft in the span of five months. To be fair, Malaysia Airlines had little control over the tragedies that confronted them -- unlike some other crisis this year. I’m of course referring to the myriad headline-grabbing glitches and crashes we’ve seen from organizations such as Target, Facebook, American Airlines, Twitter, and Ebay. You can read more about the fallout from these bugs in an infographic we’ve compiled below.

  • CAST Research Links Consumer Data Breaches Directly To Poor Code Quality

    CAST-heartbleed-linked-to-poor-code-qualityYou’d think that after news of the Heartbleed bug broke, every IT organization worth their salt would have immediately moved to start monitoring their structural robustness and code quality to protect their sensitive consumer data. And while many did, two months after Heartbleed was announced, more than 300,000 servers were still vulnerable.

    Now, three months later, CAST Research Labs has found there is a direct link between the growing number of data breaches and security incidents, and poor code quality in consumer applications. The data reveals finance and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications shown to have data input validation violations.

  • 6 Hidden Costs of Maintaining an Open Source Code Analyzer Platform

    So, you’re ready to get started on building your own multi-language custom source code analyzer platform using open source components.  Your return estimates are still looking pretty good, even after taking into account the costs in our previous post, “6 Hidden Costs of Building Your Own Multi-Language Code Analyzer Platform”.

    Well, we have a quick list of maintenance costs that you may not have considered.  So, before you break ground on that project, see if you thought of all these.

  • Making The Case For Energy Efficient Code

    The current state of measuring the environmental impact of our IT infrastructure is missing a big piece of the puzzle. One of the metrics we use, power usage effectiveness (PUE), only looks at how much power entering a data center is being consumed by the computer hardware in relation to the total amount of energy the facility uses.

    But what about the millions of lines of code running on that hardware? How can we know if that's energy efficient code?

  • 6 Hidden Costs of Building Your Own Open Source Code Analyzer Platform

    Thinking about building your own multi-language custom source code analyzer platform using open source components?  Sure, the upsides seem to add up: no licensing fees, great customization ability, and an impressive new entry on your resume (making it even shinier).  Read that project charter once more before you sign it in ink, because our experience has shown it’s not quite that simple.

  • Modernize QA with Automated Structural Quality Gates

    Just like a species of insects can become resistant to a certain type of pesticide, a new strain of software bugs has emerged and is plaguing software developers and wreaking havoc on software quality -- architecturally complex violations. Unlike a code-level bug, a system level defect involves interactions between several components, often spread across different levels of an application, making them much more difficult to find and fix.

    And even though these types of violations only account for 10 percent of the total number of defects, they lead to ninety percent of the production issues -- severely impacting software quality and technical debt.

  • A Financier’s Guide to Technical Debt

    When one of our writers, Lev Lesokhin, started contributing to Wall Street & Technology he was shocked to find very little on the subject of technical debt. Considering how much the concept intersects the worlds of finance and technology, he thought he’d find whole forums of IT guys and financiers exploring the intricacies en mass.

  • CAST Tries To Save the Planet with Green IT Index

    It’s simple physics: a piece of application code gets caught in a logic loop, the CPU heats up as the increased throughput tries to make sense of the commands, the computer reacts by pumping more power to the motherboard and cooling system to keep everything up and running, and your electricity bill goes up.

  • The Eerie Similarities Between Climate Change and Agile Development

    Despite mounting evidence that the use of fossil fuels will damage our environment, humanity appears hard pressed to find an alternative. And even though environmentally friendly options have presented themselves, we have one foot firmly planted in the past. Working in the IT industry, it’s astounding how closely this resembles our current state of agile software development and testing.

  • Webinar Q&A Follow Up: Quality and Velocity in Large IT Set-up

    Last Thursday we had a fascinating discussion with Suresh Bala, the head of Application Management at Wipro, Diego LoGiudice of Forrester, and Dr. Bill Curtis, the Director of the Consortium for IT Software Quality. Diego presented the latest trends in IT organizations in reference to splitting their activities and applications into systems of engagement and systems of record. This has been the Forrester view on IT, or what they call Business Technology (BT), for some time now. The systems of engagement being the fast-moving, often mobile-based, applications that are meant to disrupt competition and engage the customer in new ways. The systems of record being the traditional backbone IT systems that manage the core enterprise data and business processes.