Software Intelligence Forum: Modernizing and Securing the IT Landscape

by

Software Intelligence provides valuable analytics for IT leaders at any stage of digital transformation. Whether the objective is to improve operational agility, deliver better business functionality at speed, take advantage of modern technology and architectures, or attract new talent, Software Intelligence can illuminate areas that require the most focus.

Digital leaders and IT professionals from across the private and public sector joined CAST at the Software Intelligence Forum in Washington, D.C. to discuss the challenges, risks, and opportunities associated with digital modernization. The day-long exchange included CAST customer testimonials, reflections on software quality industry standards, and a discussion of solutions available through CAST to mitigate modernization risks.

SWI Forum_BSC OBO

While there was a great variety of topics throughout the day, presenters converged on one key finding: it is essential to address modernization and application security simultaneously, and Software Intelligence provides the microscopic level of software insight needed to ensure digital readiness while ensuring mission-critical software is secure.

The event kicked off with a panel discussion between Andy Schlei of Sony Pictures Entertainment, Paul Seay from Northrop Grumman, and former CIO of Department of Homeland Security, Luke McCormack. At different points in their respective modernization efforts, they confronted the question: how do we keep data secure during and after transitions? Software Intelligence can help IT professionals navigate this inflection point. Application portfolio management gives leadership the insight to acknowledge existing vulnerabilities, discern where to invest and apply industry standards to monitor evolving portfolios.

SWI Forum_Softwre Quality Panel

Allan Friedman, Director of Cybersecurity at the National Telecommunications and Information Administration at the US Department of Commerce, underscored software transparency as a way to maintain and improve resiliency throughout modernization efforts. Though there is no particular government solution in mind, current policy initiatives such as a software bill of materials (SBOM) would enable bottom-up tracking of inputs and top-down audit for software quality, risk management, and compliance. There is a need for more visibility with third party components and dependencies. Tracking and communicating third party components in software and IoT with a SBOM can improve and communicate secure development practices, help enterprise customers protect themselves, and foster better markets for secure products.

Is it a panacea? No, says Friedman. But knowledge of risks is crucial, and when comparing solutions, a SBOM can help inform a security-based decision and can help prioritize a response to newly discovered or exploited vulnerabilities.

SWI Forum_Cloud Migration Panel

But what does transparency look like across sectors? Does it translate from on-premise to cloud-native systems? “In 4-5 years, all applications – including source code – will live in the cloud,” says John Chang, Head of Solution Design at CAST. “Your software will need to as well.” As software evolves to become serverless, a single perspective on systems architecture will no longer suffice. Software Intelligence must provide both an executive bird’s eye view and a microscopic view into the system’s engineering.

CAST Highlight helps IT professionals fine tune and improve software health and cloud readiness, but developments to CAST AIP are underway to enhance software blueprinting capabilities. As software and cyber ecosystems grow, AIP is growing with it to help you better support web services, understand inter-technology dependencies, model new architectures, and integrate into cloud repositories. As Friedman suggests, it’s important to nurture an adaptable cyber and software ecosystem which is easily updateable – perhaps the next challenge is finding a dynamic yet standardized way of doing so.

It's difficult to make good modernization decisions without knowing where your systems stand today. Whether you're looking to undergo a cloud migration, merge functions, modernize components or de-couple system architecture, having MRI-like visibility into complex systems is not only advantageous, but crucial to running an agile, efficient and safe digital business.

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Isabelle Arnson
Isabelle Arnson Business Development
Isabelle is a Business Development professional for CAST UK. She recently graduated from St Andrews University in Scotland with a degree in Management and French. Before heading to St Andrews, Isabelle held several positions in France and attended the Seoul National University in South Korea. She now uses her international pedigree to further the mission of Software Intelligence.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|