At the upcoming Software Risk and Innovation Summit, CIOs address challenges around DevOps and the next big tech innovation trends.
CISQ Is Helping CIOs Master Digital Transformation
CAST recently participated in a TechMarketView round table in London, discussing the effectiveness of digital strategies in banking.
Are Digital Strategies in Banking Working?
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
This fall, CAST hosted its first Seminar on Productivity Measurement in the Context of IT Transformation featuring representatives from the retail, banking and insurance industries in the Netherlands. Featured speakers included CISQ, Allianz, BNP Paribas and METRI.
Why Productivity Measurement Matters
The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Following Best Practices to Achieve Application Security & Reduce Risk
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report

In software maintenance and evolution, it is important to assess both code health and application architecture in order to identify issues impeding software quality goals. One way to move the needle toward software quality is to use Technical Debt (TD) indexing as a method to evaluate development projects.

We recently presented a paper at MTD 2016, the International Workshop on Managing Technical Debt put on by the Software Engineering Institute at Carnegie Mellon, where we discussed the way five different and widely known tools used to compute Technical Debt Indexes (TDI), for example numbers synthesizing the overall quality and/or TD of an analyzed project.

Technical Debt Indexes Provided by Tools: A Preliminary Discussion

It seems more and more frequently we see security and cyber-attacks in the news today. From Yahoo’s apparent cover up of a massive security breach that is damaging its merger with Verizon to the even more recent bank hack in India, where millions of debit cards were compromised, it’s apparent that there are holes in our current defense systems. Adding to the complexity of it all, eWeek has reported that DDoS attacks hit record highs in Q3 2016.

For most data-intensive organizations, it would spell disaster if mission-critical or customer information was leaked. What’s more, security gaps are known to go undetected for much longer in enterprises with a high percentage of legacy systems.

Legacy Modernization is About Application Security Not Just Cost

Insurance organizations have reached a tipping point. Historic institutions, with in some cases hundreds of years of service, they are being forced to transform due to changing consumer demands and nimble, technology-centric startups bringing innovative products to market. No stranger to regulatory and privacy concerns, Insurance carriers have overcome many roadblocks throughout their lifetime of doing business. Now they must tackle their legacy IT systems and improve software risk management to deliver the value today’s market is after.

The Insurance Industry Challenge: Improve Software Risk Management
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper

Earlier this month, CAST held its annual customer and partner conference in Munich, Germany.

IT and business executives from the Insurance, Banking, Telco and IT Consulting sectors shared how they are working with CAST and why software measurement is critical to the success of their IT projects.

CAST Celebrates 25 Years of Customer Success at Oktoberfest in Munich
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey

It’s no question that Cloud is no longer a passing phase. In the span of a few years, Cloud has moved from an interesting concept to a useful business tool. What began as a creative tool for testing has moved into the mainstream as a way to improve hardware utilization and expand capacity. The benefits for Cloud are well established, and more customers are moving to consumption-based models, either with captive or public Cloud solutions. Many tools exist to help with Cloud migrations, but few have the flexibility to “see through the Cloud” to the application code, and make that code fit this new world.

See Through the Cloud!

This blog is from CAST’s keynote speech at MeGSuS’16, 3rd International Workshop on Measurement and Metrics for Green and Sustainable Software. Download the presentation here.

Fueled by our growing thirst for constant connectivity and the dawn of the Internet of Things, the energy required to power all the world’s computers, data storage and communications networks is expected to double by 2020 according to the latest research by McKinsey & Company. This would increase the total impact of IT technology, in terms of global carbon emissions, by at least 3%.

Green Indexes Used in CAST to Measure Energy Consumption of Code

There is more data to manage today than ever before, and this is creating an increasingly pounding headache for business executives that no dose of aspirin will soon relieve. With so many different forms of data and ways of storing that information within the organization, new data management methodologies are needed to make sense of this mind-numbing flood also known as Big Data.

Enter NoSQL. Differing from its much older and experienced brother – SQL – NoSQL has come onto the scene as the “new” and “hip” database paradigm (much like we talk about the Millennial generation). Also known as “Not Only SQL”, NoSQL is a flexible approach to data management and design that is useful for very large sets of distributed, unstructured data.

Big Data and NoSQL: Analyzing Complex Application Portfolios

While you're reading this article, if you come across words – and even sentences – that you don’t understand, there's a high chance you feel like developers do when they're looking at lines of code with a high level of nested complexity. A high level of software complexity can make it difficult to determine architectural hotspots where risk and cost emanate.

Software Complexity Is Killing Us

Companies are waking up to the fact that the digital transformation journey is not a leisurely stroll. It’s more of a marathon sprint. Between externalization of processes and the Internet of Things (IoT) the need to increase “velocity” is becoming a key attribute of success. Yet the pressure to maintain cost effective solutions has not gone away. Big reasons today’s enterprises are accelerating digital transformation include:

DevOps, Digital Transformation and IoT, ‘Oh My’!

Con motivo de nuestro 25 aniversario, el pasado 16 de junio tuvo lugar el primer User Workshop a nivel local, una sesión cuyo objetivo reside en crear una comunidad de usuarios de CAST AIP y mantener informados a los clientes de las novedades de nuestras soluciones.

¿Hacia dónde evolucionan las soluciones de CAST y cómo pueden influir en las organizaciones?, ¿Estoy optimizando el uso de CAST AIP en mi organización? En formato taller y para crear un ambiente dinámico y participativo se dio respuesta a esta y muchas otras inquietudes y experiencias de un grupo de usuarios de CAST AIP con el objetivo de extraer todo el valor y potencial que la herramienta puede aportar en cada organización y dependiendo del público al que se dirijan los resultados de análisis extraído.

Software Analytics, un estímulo para el éxito de negocio

On June 22nd, CAST held its annual User Group in Italy, hosting software measurement professionals from major companies in the Banking, Insurance, Telco, Public Sector and IT Consulting industries for a four-hour working session. Attendees walked away from the event with a better understanding of best practices in establishing objective software measurement standards and creating better visibility in to application portfolios.

Among CAST Application Intelligence Platform presentations and updates regarding the new CISQ RFC for Automated Enhanced Points and its relationship with the AFP OMG standard, attendees also discussed software measurement in Agile and DevOps environments.

Takeaways from the CAST Italy Summer User Group