CRASH Report 2017 Trend On Application Security
Get Your Free report
This is first CRASH Report describing a distribution of security weaknesses from the Common Weakness Enumeration Repository across a global sample of business applications.
We’ve analyzed applications based on CWE standards for software security to better understand how secure applications are across industry, language, development methodology and more.
Cutter Consortium paper about how digital leaders drive down business risks borne from complex software. Cutter shows how industrializing software risk management unleashes organizational intelligence to improve application delivery, while ensuring business risk is baked out of applications, putting both human and software intelligence to their best use.
When application fails, the loss of revenue can be large and swift. Applications causes highly-visible outages and lapses in business every day. Still, executives struggle to justify proactive investments in application quality. This paper presents a framework for measuring the immediate and positive revenue impact of improving application quality.
Learn how Software Analysis evaluates the reliability, security, efficiency, maintainability software IT vendor deliverables. Forward-looking IT Sourcing, Contracting, Vendor Management, VMO, IT Finance professionals are leveraging software analytics to greatly improve the maturity in vendor-client relationships. Learn how to take these 8 steps to improve sourcing governance.
Learn how the Lean practices pioneered in the Toyota Production System apply to Application Development, DevOps, and Agile practices to delivery software. Applying Lean decreases application total cost of ownership and improves business responsiveness and operational dependability.
CAST research provides benchmarks on the structural quality of ABAP, the language used for customizing applications developed in SAP. The report provides benchmarks by industry sectors and geography. The report analyzes the frequency of severe violations to better understand remediation strategies for improving ABAP / SAP structural quality, performance, security and resiliency.
We’ve analyzed more than 1,850 applications to better understand how application development and delivery practices impact IT and organizational performance.
We've looked at development methods, team maturity and size, sourcing and confirmed that we are doing some things right – but we still have some things to improve.
This CAST report on global trends of structural quality of Insurance industry applications provides insight and benchmarks useful for IT executives. Detailed within are trends for five structural quality characteristics, or health factors, including Robustness, Security, Efficiency, Transferability and Changeability. The report includes industry insights on Insurance technology challenges and opportunities from CGI.
Industry analysis on the global trends in Financial Services market’s structural quality of software. This report highlights trends in five structural quality characteristics, or health factors - Robustness, Security, Efficiency, Transferability, and Changeability. Industry benchmark and trends analysis by technology, geography and more.
To improve transparency, companies are using software analysis tools to evaluate externally developed code and ensure that it meets certain coding and productivity standards. This report is for forward-looking IT Sourcing, Contracting, Vendor Management, VMO, IT Finance professionals looking to greatly improve the maturity in vendor-client relationships.
Failure to consider quality requirements results in Technical Debt — the need to rework something in the future based on your failure to pay for it now. Software analysis tools, such as CAST, mine source code to uncover errors, development shortcuts, and complexity all of which contribute to Technical Debt.
Read exclusive analysis from Andy Kyte, Gartner VP and Fellow, on the systemic risk in the typical application portfolio caused by the accumulation of Technical Debt.
Many organizations use risk management to mitigate delivery risk, typically at the expense of application quality. Learn about the importance of focusing on application structural quality to reduce business disruption risk in this Gartner-CAST paper
Gartner Research’s paper on improving application services contracting. “Organization’s that outsources custom development should care about CAST, which has become the de facto standard for measuring the quality and productivity of vendor deliveries.” Paper is relevant to IT Sourcing, Contracting, Vendor Management, VMO, and IT Finance professionals.
A formal approach to quality management is needed that recognizes the key dimensions of quality (Stakeholders, Technical Quality, Functional Quality), and a set of measures that enable the organization to identify areas for improvement and focus on the specific changes that they can make successfully.
This paper features Gartner research and related content from CAST, detailing the three main focus areas to implement a successful SAM program with your vendors, as well as a client example of a large telecom firm that used SAM to lower IT costs and gain visibility into vendor performance.
This paper, featuring Gartner research and related content from CAST, delivers recommendations to successfully execute a lightweight, sustainable portfolio analysis that improves overall software risk management, whether applications are managed in-house or by vendors.
Ovum research on the CAST Application Intelligence Platform. This research is a thorough review of CAST AIP, with some comments about its strengths in providing in-depth, holistic view of all application component interactions, for assessment of integration issues as well as simple code quality and complexity analysis.
IDC report on the business and technology drivers that make software analysis and measurement a vital component of any delivery, DevOps, and application development organization. IDC shows how CAST’s software analysis helps organizations better develop, support, and buy software.
This is a Gartner-CAST paper which shows the data-driven approach to balancing delivery agility with business risk. The paper features exclusive analysis from Andy Kyte, Gartner VP and Fellow who eloquently illustrates the systemic risk in the application portfolio caused by the accumulation of Technical Debt over the last decade.
In this just-released white paper, Dr. Bill Curtis – SVP and Chief Scientist at CAST– examines the Technical Debt metaphor to explain how it can be used to help executives think about software quality in business terms while governing software changeability and maintainability of their application portfolios.
If you already have some knowledge of Technical Debt, this ebook provides a 7-step Technical Debt Management Cycle that provides a clear process that can over time reduce the risk of failure of critical applications---and ultimately pay down the interest of the overall liability inherent in your application portfolio.
Learn how advanced Software Analysis and Measurement (SAM) can help improve application security by analyzing source code to identify vulnerabilities and architectural patterns in the application, and enable development teams to prevent these vulnerabilities right at the development stage with sophisticated Threat Modeling that takes into account cross-tier and cross-technology interactions.
Despite heavy investment in dynamic analysis tools, organizations continue to suffer performance, scalability, and latency issues. This paper describes how automated structural quality analysis improves delivery and DevOps team’s ability to detect, diagnose, and eliminate performance and scalability issues. Read the six-step process to identify performance issues earlier.
This guide describes a method for adjusting productivity with quality results to gain greater visibility into the impact that quality has on the productivity of future releases. It presents best practices that can be integrated into a productivity measurement and analysis process and provide recommendations for implementing an effective measurement-driven improvement program.
This practical vendor management guide helps IT sourcing executives in establishing an ADM vendor performance management program. The best practices and tools in here are based on real world experiences of practitioner.
This practical guide helps IT sourcing executives in establishing an ADM vendor performance management program. The best practices and tools are based on real world experiences of practitioners. Forward-looking IT Sourcing, Contracting, Vendor Management, VMO, IT Finance professionals are leveraging software analytics to greatly improve the maturity in vendor-client relationships.
IDC assesses the Automated Software Quality market and CAST Application Intelligence Platform (AIP). The report includes customer references: a money management organization and a services company that made use of CAST analytical capabilities to gain insight into their applications and increased collaboration, innovation, and efficiency as a result
This paper presents frameworks for measuring outcome-based IT contracting relationships. Clearly defining deliverables is a worthwhile effort, and provides a linchpin for a truly viable outcome-based contracts. Paper is relevant to IT Sourcing, Contracting, Vendor Management, VMO, IT Finance professionals looking to improve transparency and governance of IT outsourcing or offshoring.
CAST’s industry research and benchmarks on the structural quality of IT. This benchmark report was developed from 1850 applications across 329 organizations and 8 countries. View research and benchmarks by development process (Agile, DevOps, Waterfall, Hybrid), geography, industry and by technology.
Copyright 2018 - CAST | All Rights Reserved