Join software measurement practitioners from government and industry at an event on June 2nd just outside of Washington DC. Discussion topics to include: the use of software analytics in all areas of enterprise program and development management, software measurement, automated function points, and software productivity management.

Function Points, Software Analytics and Much More! Join Us in DC on June 2nd

CAST ha partecipato al 1° Evento Metrico 2015 organizzato dal GUFPI ISMA, associazione di riferimento nazionale per la misurazione del software in Italia, tenuto a Roma lo scorso 14 Maggio. La conferenza ha visto la partecipazione di Cast sui seguenti 3 topics:

Key Points dal 1° Evento Metrico 2015 GUFPI ISMA
Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>

On May 13th, a group of IT executives highlighted the importance of these software analysis and measurement in order to maintain software quality standards and to uphold a healthy and efficient relationship with business stakeholders and application service providers.

How Software Can Improve with Automated Software Analysis and Measurement: IV Edition CIO Conference
;
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Quality of Open Source Software Projects Report

CAST sponsored the 2015 International Software Measurement & Analysis Conference (ISMA10) held in Charlotte, on April 30th.  This conference, hosted by the International Function Point User Group (IFPUG), brings software measurement professionals from Europe, North America, and South America to exchange software measurement and function point expertise and to network.  The conference was attended by more than 50 software measurement professional and certified function point counters from across the global.  The full day event featured presentations including:

Summary of the 2015 International Function Point User Group Conference (IFPUG) & International Software Measurement & Analysis Conference (ISMA10)

Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

Poor Software Quality Impacts Application Security

Is your IT landscape prepared for the ever-changing demands of digital transformation? A panel of the top IT experts in the United Kingdom joined CAST at the Institute of Directors (IoD) in London on Tuesday to discuss this complex, but increasingly pertinent question. The digital transformation event was attended by many IT professionals within the financial services, telecommunications, retail, government, and IT services industries.

Digital Transformation Priorities: UK IT Leaders Weigh In
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper

On Tuesday, April 28th, at 11am EDT we will host a live webinar with Gartner on one of today’s hottest topics- Digital Transformation.

Digital Transformation has been disrupting industries for some time and, while some companies have successfully managed digital transformations other have not. This event will explore the barriers to digital transformation many organizations are facing due to poor application management practices. Topics covered will include: excessive complexity, the challenges IT leaders face in improving application health and what you can do to reverse the situation. Also to be discussed during the webinar are the warning signs of potential failure for a digital transformation and how leaders and their companies should prepare for digital transformations in their organization to increase the chances of success.

Digital Transformation Obstacles and Lessons Learned from Gartner Research

If you read the news these days, one would think that software security is something that is layered on top of existing software systems. The truth is, however, that software security needs to be woven into the very fabric of every system and this begins with eliminating vulnerabilities by measuring software quality as the system is built.

During the CAST Software Quality Fall Users Group, Dr. Carol Woody, PhD, senior member of the technical staff at the Software Engineering Institute (SEI) at Carnegie Mellon University, whose research focuses on cyber security engineering, discussed the importance of software quality as a basis for security.

Making Software Quality the First Measure of Software Security
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey

Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.

Automated Function Points Provide Data-Driven Captives Management

They say “if something works, don’t fix it.” This old adage may be the reason behind why some organizations hold onto legacy systems longer than they should, but it is also the reason why these same organizations struggle with software complexity. In fact, according to the GAO, Uncle Sam spends 80 percent of its $86.4 billion IT budget on legacy systems.

Digital Transformation Keeps Software Complexity from Becoming a CIO’s Legacy

Last Wednesday we hosted a webinar featuring Steve Naylor of Solvay.

During the webinar, Mr. Naylor illustrated how gaining visibility into critical SAP systems has helped maintain uninterrupted services and reduced development costs.

Mr. Naylor also shared how software analysis and measurement:

  • Provides insight into legacy ABAP systems
  • Identifies security issues not detected by native SAP code analysis tools
  • Reveals hidden software complexity that can cause performance and stability issues
SAP Stability and Performance Webinar Questions Answered

Barbara Beech, an expert in the field of IT development for telecommunications companies, recently spoke to CAST in a video chat about her experience using software analysis and measurement as well as automated function points to gain visibility into IT vendor deliverables.

As a solution to gaining visibility into IT vendor deliverables, Beech points to the CAST Automated Function Points (AFP) capability – an automatic function points counting method that is based on rules defined by the International Function Point User Group (IFPUG). CAST automates the manual counting process by using the structural information retrieved by source code analysis, database structure and transactions.

VIDEO: IT Expert Calls Upon Automated Function Points for Vendor Management

Benjamin Rehberg, Partner and Managing Director of the Boston Consulting Group and former consultant for IBM Global Business Services, discusses the importance of both IT risk management and application portfolio management (APM) in a video conversation with CAST. He looks at the challenges for IT leaders, the need for software measurement and discusses how IT transformation can improve business operations.

IT RISK MANAGEMENT: A Conversation with BCG’s Benjamin Rehberg

There’s an old adage in the IT industry – you can’t manage what you can’t measure. Knowing how complex an organization’s application portfolio is provides insight into how to manage it best. The problem is the issues that comprise software complexity – legacy system remnants, antiquated code, overwritten and rewritten code, the integration of formerly proprietary applications, et al – are the same things that make measuring it difficult.

With multiple system interfaces and complex requirements, the complexity of software systems sometimes grows beyond control, rendering applications and portfolios too costly to maintain and too risky to enhance. Left unchecked, software complexity can run rampant in delivered projects, leaving behind bloated, cumbersome applications. In fact, Alain April, an expert in the field of IT maintenance, has stated, “the act of maintaining software necessarily degrades it.”

Five Reasons You MUST Measure Software Complexity

As IT organizations face increasing demands from business, their IT systems have become increasingly complex. Today’s applications are typically a heterogeneous web of systems and software from an array of vendors and custom development.

Top 5 Reasons to Use Code Analysis Tools with Automation to Establish Vendor Management Metrics

Have you performed code analysis on your software recently? If not, you are in good company as many companies are failing to do the one thing that could improve their software security – making sure the software isn’t vulnerable to an attack to begin with.

Closing the Back Door thru Code Analysis