At the upcoming Software Risk and Innovation Summit, CIOs address challenges around DevOps and the next big tech innovation trends.
CISQ Is Helping CIOs Master Digital Transformation
Technical debt is at the top of developers pain points, and according to some this is due to a flurry of new development styles that have come into vogue. The software industry's focus on rapid application development, as necessary for business agility, has furthered the problem of technical debt. Fast implementation of containers and microservices lead to DevOps teams facing serious tech debt management issues.
The Pain Point of Technical Debt
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
A distinction that we always try to make in our posts is that there is both good and bad technical debt. This is similar to how there are ways in which financial debt can be used to strategically help a company
Technical Debt The Right Way
Last week we published a post about the Consortium for IT Software Quality's (CISQ) initiative to come up with a standard technical debt measure through a survey distributed to developers.
Contribute to CISQ's Technical Debt Remediation Survey
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report
As we quickly head into the new year - the Consortium for IT Software Quality (CISQ) is working to develop a new measure for technical debt.
CISQ to Develop Technical Debt Standard Measure
Cars are no longer simple pieces of machinery, but have evolved into highly integrated pieces of technology - with software embedded into all their critical systems.
Technical Debt & Safety Critical Systems in Automobiles: The Road Ahead
CAST recently participated in a TechMarketView round table in London, discussing the effectiveness of digital strategies in banking.
Are Digital Strategies in Banking Working?
As a metaphor, technical debt relies on the fact that those who hear it understand the financial concepts that the metaphor relies on.
How To Reframe Technical Debt: A Painter and A Paint Bucket
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This fall, CAST hosted its first Seminar on Productivity Measurement in the Context of IT Transformation featuring representatives from the retail, banking and insurance industries in the Netherlands. Featured speakers included CISQ, Allianz, BNP Paribas and METRI.
Why Productivity Measurement Matters
The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Following Best Practices to Achieve Application Security & Reduce Risk
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
A while ago we published a post on IDC predictions that the bi-modal IT approach is a recipe for disaster. There are different opinions on what works in software development: those who support the siloed approach of bi-modal IT, those who urge against this division between predicability and innovation, and others who say fast development is the only way. This debate is only just beginning so it's worth while expanding on the arguments surrounding it.
Innovating While Maintaining Stability: A Lesson From Technical Debt
There are always trade offs to be made when you're dealing with keeping your application portfolio up-to-date. You always have several options, whether it be modernization through migration/refactoring or by a sort of "transformative leap".
How to Mitigate the Technology Gap and Manage Technical Debt

In software maintenance and evolution, it is important to assess both code health and application architecture in order to identify issues impeding software quality goals. One way to move the needle toward software quality is to use Technical Debt (TD) indexing as a method to evaluate development projects.

We recently presented a paper at MTD 2016, the International Workshop on Managing Technical Debt put on by the Software Engineering Institute at Carnegie Mellon, where we discussed the way five different and widely known tools used to compute Technical Debt Indexes (TDI), for example numbers synthesizing the overall quality and/or TD of an analyzed project.

Technical Debt Indexes Provided by Tools: A Preliminary Discussion

It seems more and more frequently we see security and cyber-attacks in the news today. From Yahoo’s apparent cover up of a massive security breach that is damaging its merger with Verizon to the even more recent bank hack in India, where millions of debit cards were compromised, it’s apparent that there are holes in our current defense systems. Adding to the complexity of it all, eWeek has reported that DDoS attacks hit record highs in Q3 2016.

For most data-intensive organizations, it would spell disaster if mission-critical or customer information was leaked. What’s more, security gaps are known to go undetected for much longer in enterprises with a high percentage of legacy systems.

Legacy Modernization is About Application Security Not Just Cost
There's bad news ahead for organizations that focused on a bimodal IT approach. According to research firm IDC by 2019 80% of those firms will have accrued crippling amounts of technical debt leading to increased complexity, cost, and a hit to their reputation.
Is the Bimodal IT Approach an Invitation to Failure?

Insurance organizations have reached a tipping point. Historic institutions, with in some cases hundreds of years of service, they are being forced to transform due to changing consumer demands and nimble, technology-centric startups bringing innovative products to market. No stranger to regulatory and privacy concerns, Insurance carriers have overcome many roadblocks throughout their lifetime of doing business. Now they must tackle their legacy IT systems and improve software risk management to deliver the value today’s market is after.

The Insurance Industry Challenge: Improve Software Risk Management
Technical debt has not only become a popular industry term, but it has proven itself to be an important concept.
The Human Side of Technical Debt
Technical debt can arise from many places and today we will focus on poorly used and created feature flags.
Feature Flags: Good, Bad, or Both?
Technical debt starts off from building fast and making a slew of decisions based on short-term needs that are detrimental to your products long-term stability and maintainability.
Technical Debt: What is it and What to do When You Have it?