Listen to Infosys & CAST experts on “Smarter and Safer Application  Modernization”  21 November  Register for webinar
CAST is proud to announce that we have been included among the 10 most significant SAST vendors and named a “Strong Performer” in “The Forrester Wave™: Static Application Security Testing, Q4 2017
The Forrester Wave™: Static Application Security Testing, Q4 2017 - Forrester Names CAST Among the 10 Top For SAST
CAST provides continuous support for OWASP Top Ten vulnerabilities, providing users with an automated validation of protection. This helps development teams detect places where vulnerabilities are left in code.
Application Security Vulnerability Detection
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
With the rise of DevOps, will QA lose its identity while being merged with pluri-disciplinary cohorts, or will it survive the revolution, becoming stronger and more essential?
Takeaways from the QA Financial Forum – How QA Can Remain Relevant in an Agile World
84% of breaches exploit vulnerabilities in the application layer. Is there a silver bullet for AppSec?
Get Creative with Your Application Security Strategy
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report
Fashion retailer Forever 21 joined a very trendy, yet unexclusive club earlier this month when it announced its point-of-sales systems may have been breached. This blog examines how to integrate automated code review into application security strategies.
Don’t Be ‘Forever’ Vulnerable: Improve Your AppSec Posture
Answer these six questions while establishing and executing your cloud migration strategy.
Get More Value from Your Cloud Investments with PaaS
As banks, financial services and insurance organizations increase their reliance on software-based digital capabilities, they have big decisions to make on how they will protect business operations with effective software risk management.
QA Financial Forum Reviews the Impact of New Regulations on Software Risk Management
At the upcoming Matinée CIO event in Paris, CAST, along with select partners and customers, will address challenges and best practices for digital transformation initiatives, including compliance, cloud migration, application security and establishing an Agile culture.
CAST Talks AppSec, Compliance and Digital Transformation at Matinée CIO
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Cybersecurity is a hot-button issue these days. You can barely go a few weeks without hearing about a company suffering a breach that puts the business at risk. With all eyes focused on making software more secure, a happy side effect might just be a streamlining of software modernization initiatives.
Will Cybersecurity Efforts Change the Game for Software Modernization?
Software risk is business risk, but who is ultimately responsible? This blog explores insights from the Cutter Consortium on how to de-risk business-critical software systems.
Software Risk is Business Risk
Making sense of cloud transitions for financial and telecoms firms Cloud  migration 2.0: shifting priorities for application modernization in 2019  Research Report
The Cloud Virtuous Circle: When Infra Savings Finance the App Value
The Cloud Virtuous Circle: When Infra Savings Finance the App Value
The Open Web Application Security Project (OWASP) aims to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP provides impartial, practical information about AppSec. This post reviews known OWASP vulnerabilities detected by CAST's software analysis.
Application Security Vulnerabilities Detectable by CAST
Application security standards are established by leading industry research and standards bodies to help organizations identify and remove application security vulnerabilities in complex software systems...
Application Security Standards
Software today is more complex than it has ever been. New technologies emerge rapidly and as applications evolve to utilize them, gaps occur. Some gaps result in “technical debt”, an industry term to describe development practices where ideal craftsmanship has not been achieved and additional work needs to be done.
CI/CD DevOps: Enhancing Continuous Delivery with Software Intelligence
Finding security, complexity and maintainability issues in complex business systems, improving development team throughput, and controlling global outsourcing contracts are not easy tasks; even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages. Addressing these issues takes a pragmatic approach to developing software and a passion for coding.
It Takes a Craftsman to Uphold Software Quality
When you are a consumer credit company, victimized recently by a serious security breach where hackers exploited an application vulnerability to steal the personal information of roughly 143 million people, what do you do for an encore? For Equifax, the encore may be “get hacked a second time.”
An Encore for Equifax?
Making the case for Application Mass Index (AMI) as a method for standardizing application measurement
Know Your Defect Density: Part Two
Insurance companies still spend a lot of money maintaining the infrastructure for their core legacy apps, but migrating some of these apps to a cloud platform could provide significant cost savings.
The State of Cloud Adoption in Insurance – Look Out for Migration Bumps Ahead!
All too often, software projects both exceed their budgetary limitations and are labeled too slow by stakeholders. What is the root of this problem? To isolate the cause of—and fix—this phenomenon, project managers need a new approach.
Know Your Defect Density: Part 1
Last week, CAST attended the Gartner Sourcing Summit in Nashville with more than 800 senior sourcing, procurement and vendor management executives from Fortune 500 companies.
Takeaways from the 2017 Gartner Sourcing Summit