CAST recently participated in a TechMarketView round table in London, discussing the effectiveness of digital strategies in banking.
Are Digital Strategies in Banking Working?
Reducing Technology Risk in M&As – The Case For Application Portfolio Analysis
Reducing Technology Risk in M&As – The Case For Application Portfolio Analysis
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
As a metaphor, technical debt relies on the fact that those who hear it understand the financial concepts that the metaphor relies on.
How To Reframe Technical Debt: A Painter and A Paint Bucket
This fall, CAST hosted its first Seminar on Productivity Measurement in the Context of IT Transformation featuring representatives from the retail, banking and insurance industries in the Netherlands. Featured speakers included CISQ, Allianz, BNP Paribas and METRI.
Why Productivity Measurement Matters
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report
The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Following Best Practices to Achieve Application Security & Reduce Risk
A while ago we published a post on IDC predictions that the bi-modal IT approach is a recipe for disaster. There are different opinions on what works in software development: those who support the siloed approach of bi-modal IT, those who urge against this division between predicability and innovation, and others who say fast development is the only way. This debate is only just beginning so it's worth while expanding on the arguments surrounding it.
Innovating While Maintaining Stability: A Lesson From Technical Debt
There are always trade offs to be made when you're dealing with keeping your application portfolio up-to-date. You always have several options, whether it be modernization through migration/refactoring or by a sort of "transformative leap".
How to Mitigate the Technology Gap and Manage Technical Debt

In software maintenance and evolution, it is important to assess both code health and application architecture in order to identify issues impeding software quality goals. One way to move the needle toward software quality is to use Technical Debt (TD) indexing as a method to evaluate development projects.

We recently presented a paper at MTD 2016, the International Workshop on Managing Technical Debt put on by the Software Engineering Institute at Carnegie Mellon, where we discussed the way five different and widely known tools used to compute Technical Debt Indexes (TDI), for example numbers synthesizing the overall quality and/or TD of an analyzed project.

Technical Debt Indexes Provided by Tools: A Preliminary Discussion
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper

It seems more and more frequently we see security and cyber-attacks in the news today. From Yahoo’s apparent cover up of a massive security breach that is damaging its merger with Verizon to the even more recent bank hack in India, where millions of debit cards were compromised, it’s apparent that there are holes in our current defense systems. Adding to the complexity of it all, eWeek has reported that DDoS attacks hit record highs in Q3 2016.

For most data-intensive organizations, it would spell disaster if mission-critical or customer information was leaked. What’s more, security gaps are known to go undetected for much longer in enterprises with a high percentage of legacy systems.

Legacy Modernization is About Application Security Not Just Cost
There's bad news ahead for organizations that focused on a bimodal IT approach. According to research firm IDC by 2019 80% of those firms will have accrued crippling amounts of technical debt leading to increased complexity, cost, and a hit to their reputation.
Is the Bimodal IT Approach an Invitation to Failure?
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey

Insurance organizations have reached a tipping point. Historic institutions, with in some cases hundreds of years of service, they are being forced to transform due to changing consumer demands and nimble, technology-centric startups bringing innovative products to market. No stranger to regulatory and privacy concerns, Insurance carriers have overcome many roadblocks throughout their lifetime of doing business. Now they must tackle their legacy IT systems and improve software risk management to deliver the value today’s market is after.

The Insurance Industry Challenge: Improve Software Risk Management
Technical debt has not only become a popular industry term, but it has proven itself to be an important concept.
The Human Side of Technical Debt
Technical debt can arise from many places and today we will focus on poorly used and created feature flags.
Feature Flags: Good, Bad, or Both?
Technical debt starts off from building fast and making a slew of decisions based on short-term needs that are detrimental to your products long-term stability and maintainability.
Technical Debt: What is it and What to do When You Have it?

Earlier this month, CAST held its annual customer and partner conference in Munich, Germany.

IT and business executives from the Insurance, Banking, Telco and IT Consulting sectors shared how they are working with CAST and why software measurement is critical to the success of their IT projects.

CAST Celebrates 25 Years of Customer Success at Oktoberfest in Munich
Here, at On Technical Debt, we often discuss the difficulties of communicating technical debt to business stakeholders, the consequences that arise from it, and the ways to about paying it back - but in this post we are going  to focus on why it is there to begin with.
The "Why" of Technical Debt

It’s no question that Cloud is no longer a passing phase. In the span of a few years, Cloud has moved from an interesting concept to a useful business tool. What began as a creative tool for testing has moved into the mainstream as a way to improve hardware utilization and expand capacity. The benefits for Cloud are well established, and more customers are moving to consumption-based models, either with captive or public Cloud solutions. Many tools exist to help with Cloud migrations, but few have the flexibility to “see through the Cloud” to the application code, and make that code fit this new world.

See Through the Cloud!