Answer these six questions while establishing and executing your cloud migration strategy.
Get More Value from Your Cloud Investments with PaaS
As banks, financial services and insurance organizations increase their reliance on software-based digital capabilities, they have big decisions to make on how they will protect business operations with effective software risk management.
QA Financial Forum Reviews the Impact of New Regulations on Software Risk Management
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
At the upcoming Matinée CIO event in Paris, CAST, along with select partners and customers, will address challenges and best practices for digital transformation initiatives, including compliance, cloud migration, application security and establishing an Agile culture.
CAST Talks AppSec, Compliance and Digital Transformation at Matinée CIO
Cybersecurity is a hot-button issue these days. You can barely go a few weeks without hearing about a company suffering a breach that puts the business at risk. With all eyes focused on making software more secure, a happy side effect might just be a streamlining of software modernization initiatives.
Will Cybersecurity Efforts Change the Game for Software Modernization?
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report
Software risk is business risk, but who is ultimately responsible? This blog explores insights from the Cutter Consortium on how to de-risk business-critical software systems.
Software Risk is Business Risk
The Open Web Application Security Project (OWASP) aims to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP provides impartial, practical information about AppSec. This post reviews known OWASP vulnerabilities detected by CAST's software analysis.
Application Security Vulnerabilities Detectable by CAST
Application security standards are established by leading industry research and standards bodies to help organizations identify and remove application security vulnerabilities in complex software systems...
Application Security Standards
Software today is more complex than it has ever been. New technologies emerge rapidly and as applications evolve to utilize them, gaps occur. Some gaps result in “technical debt”, an industry term to describe development practices where ideal craftsmanship has not been achieved and additional work needs to be done.
CI/CD DevOps: Enhancing Continuous Delivery with Software Intelligence
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
Finding security, complexity and maintainability issues in complex business systems, improving development team throughput, and controlling global outsourcing contracts are not easy tasks; even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages. Addressing these issues takes a pragmatic approach to developing software and a passion for coding.
It Takes a Craftsman to Uphold Software Quality
When you are a consumer credit company, victimized recently by a serious security breach where hackers exploited an application vulnerability to steal the personal information of roughly 143 million people, what do you do for an encore? For Equifax, the encore may be “get hacked a second time.”
An Encore for Equifax?
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Making the case for Application Mass Index (AMI) as a method for standardizing application measurement
Know Your Defect Density: Part Two
Insurance companies still spend a lot of money maintaining the infrastructure for their core legacy apps, but migrating some of these apps to a cloud platform could provide significant cost savings.
The State of Cloud Adoption in Insurance – Look Out for Migration Bumps Ahead!
All too often, software projects both exceed their budgetary limitations and are labeled too slow by stakeholders. What is the root of this problem? To isolate the cause of—and fix—this phenomenon, project managers need a new approach.
Know Your Defect Density: Part 1
Last week, CAST attended the Gartner Sourcing Summit in Nashville with more than 800 senior sourcing, procurement and vendor management executives from Fortune 500 companies.
Takeaways from the 2017 Gartner Sourcing Summit
The biggest lesson learned from the Equifax breach is that executives and application owners need a software risk scorecard that clearly outlines KPIs around software structural quality and security.
Lessons from Equifax: Get a Software Risk Scorecard
Open source is the lifeblood of modern software development, but it's not without risks, especially when it comes to application security.
A Good Look at Open Source Frameworks: Avoiding Another Equifax
On June 9th, CAST hosted the event, How to Control Software Risk and Cost in Digital Transformation, in Madrid with CISQ and Dr. Richard Soley, CEO and Chairman of the Object Management Group.
How to Manage Software Risk and Cost in Digital Transformation
Everyone wants to do DevOps like Netflix, but is it really right for your organization?
Netflix Envy
The recent spate of IT glitches and ‘power outages’ at British Airways which caused the UK’s national carrier to cancel all its flights worldwide at the start of May bank holiday along with the WannaCry ransomware attack which ground the National Health Service to a halt have exposed again the importance of IT systems in today’s business. The complexity of these IT systems, the number of vulnerabilities that exist in critical software used by critical infrastructure sectors such as the NHS, airlines, telecom operators has made headlines once more.
Need for Holistic IT Systems’ Risk Assessment
Harvard Business Review has reported that digital leaders succeed in large part due to their ability to recognize and scale innovation across their business – seeing beyond transformation hurdles and IT complexity. They never lose sight of the end goal.
Recap: Software Risk & Innovation Summit 2017