Technical debt is a huge problem for many organizations today and if it’s not being addressed, it’s growing. Growing technical debt takes away from funds for innovation, and instead uses it toward maintenance.
Technical Debt: 3 Biggest Organizational Mistakes
Taking a visual approach to legacy modernization gives teams full transparency into its impact on software architecture.
Does DevOps Help or Hinder Mainframe Modernization?
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
It doesn’t matter how many days removed we are from sipping champagne, singing "Auld Lang Synge" and making New Year’s resolutions, we still need to look back at 2017, lest we repeat the same mistakes we've already made.
2017: The Year of MotS (More of the Same)
Discover how CAST can help you achieve PCI compliance and meet regulatory standards.
PCI DSS Security Detected by CAST
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report
Technical Debt standards have been debated for many years.  And now CISQ (Consortium for IT Software Quality) has released standard that not only measures by automates technical debt calculation in complex software systems.
Technical Debt: CISQ Releases New Standard to Define and Measure Technical Debt
Technical debt and DevOps are two topics on every organizations mind.  Yet, no one tackles the topic better than this article
Technical Debt & DevOps: 5 factors fueling automation in IT
Digital transformation is now a mandate, but it presents an opportunity for CIOs to reposition themselves at the heart of the business.
The Evolving Role of CIOs in the Age of Digital Transformation
CAST is proud to announce that we have been included among the 10 most significant SAST vendors and named a “Strong Performer” in “The Forrester Wave™: Static Application Security Testing, Q4 2017
The Forrester Wave™: Static Application Security Testing, Q4 2017 - Forrester Names CAST Among the 10 Top For SAST
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
CAST provides continuous support for OWASP Top Ten vulnerabilities, providing users with an automated validation of protection. This helps development teams detect places where vulnerabilities are left in code.
Application Security Vulnerability Detection
With the rise of DevOps, will QA lose its identity while being merged with pluri-disciplinary cohorts, or will it survive the revolution, becoming stronger and more essential?
Takeaways from the QA Financial Forum – How QA Can Remain Relevant in an Agile World
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
84% of breaches exploit vulnerabilities in the application layer. Is there a silver bullet for AppSec?
Get Creative with Your Application Security Strategy
Fashion retailer Forever 21 joined a very trendy, yet unexclusive club earlier this month when it announced its point-of-sales systems may have been breached. This blog examines how to integrate automated code review into application security strategies.
Don’t Be ‘Forever’ Vulnerable: Improve Your AppSec Posture
Answer these six questions while establishing and executing your cloud migration strategy.
Get More Value from Your Cloud Investments with PaaS
As banks, financial services and insurance organizations increase their reliance on software-based digital capabilities, they have big decisions to make on how they will protect business operations with effective software risk management.
QA Financial Forum Reviews the Impact of New Regulations on Software Risk Management
At the upcoming Matinée CIO event in Paris, CAST, along with select partners and customers, will address challenges and best practices for digital transformation initiatives, including compliance, cloud migration, application security and establishing an Agile culture.
CAST Talks AppSec, Compliance and Digital Transformation at Matinée CIO
Cybersecurity is a hot-button issue these days. You can barely go a few weeks without hearing about a company suffering a breach that puts the business at risk. With all eyes focused on making software more secure, a happy side effect might just be a streamlining of software modernization initiatives.
Will Cybersecurity Efforts Change the Game for Software Modernization?
Software risk is business risk, but who is ultimately responsible? This blog explores insights from the Cutter Consortium on how to de-risk business-critical software systems.
Software Risk is Business Risk
The Open Web Application Security Project (OWASP) aims to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP provides impartial, practical information about AppSec. This post reviews known OWASP vulnerabilities detected by CAST's software analysis.
Application Security Vulnerabilities Detectable by CAST
Application security standards are established by leading industry research and standards bodies to help organizations identify and remove application security vulnerabilities in complex software systems...
Application Security Standards
Software today is more complex than it has ever been. New technologies emerge rapidly and as applications evolve to utilize them, gaps occur. Some gaps result in “technical debt”, an industry term to describe development practices where ideal craftsmanship has not been achieved and additional work needs to be done.
CI/CD DevOps: Enhancing Continuous Delivery with Software Intelligence