Another day, another major IT company announcing a security vulnerability in its software.
Yesterday came news that Adobe has joined the perpetual parade of IT companies unveiling potential security breaches when it announced that a zero-day vulnerability in Adobe Flash Player was being exploited or could be exploited to take control or crash a system. From the frequency with which breaches are making news - their reports are becoming as frequent as the common cold in wintertime - one would think companies need to throw all of their resources into their build and customization processes to identify areas of risk that lead to these security vulnerabilities.
But while application security and security of all IT assets is critical to a business, it’s just one facet of the overall health of an application. When looking at an application’s overall health and vulnerability, it is vital not to look just at security, but also at the following factors:
- Transferability - how easily a new team or team member can be productive when assigned to work on the application
- Changeability - how easily and quickly an application can be modified
- Robustness - the ability of an application to be changed without risk of failures or defects
- Performance - performance issues of an application based on architectural designs and the appropriate risks in production
- Maintainability - the cost and difficulty/ease to maintain an application in the future.
These five characteristics are every bit as important as security to the internal health of an application. As such, they need to be addressed and maintained just as diligently to insure the internal health of application software because the external quality – namely the functionality and user experience – is dependent upon the internal quality of an application. By conducting pre-production analysis and measurement of these five characteristics in addition to security, companies are able to attain an overall view of an application’s health and identify areas of risk that could jeopardize future health of the application.
Only through the measurement of application development using all of the above application health factors can you get a true assessment of your application’s health and determine where issues lie. And identifying where the issues lie is the first step applying the vaccine that will prevent future health issues that could be critically damaging to mission-critical applications for businesses.
The CAST Application Intelligence Platform automates the measurement of such factors providing immediate visibility into the quality of work being produced by application development teams to ensure higher quality throughout the life of an application. More information about the CAST Application Intelligence Platform is available here.
Erik Oltmans, an Associate Partner from EY, Netherlands, spoke at the Software Intelligence Forum on how the consulting behemoth uses Software Intelligence in its Transaction Advisory services.
Erik describes the changing landscape of M & A. Besides the financial and commercial aspects, PE firms now equally value technical assessments, especially for targets with significant software assets. He goes on to detail how CAST Highlight makes these assessments possible with limited access to the targetâ€™s systems, customized quality metrics, and liability implications of open source components - all three that are critical for an M&A due diligence.