Category: Software Risk Management

Organizations continue to measure vendor performance and software products with outdated criteria. As a result, security and efficiency issues abound.
IT Vendor Management: Diagnosing the Relationships Between Healthcare Organizations and Software Vendors
To shift even further left, security and development teams should consider architectural blueprinting to build security into design.
Application Security: Next-Gen Security Includes Architectural Blueprinting
Application security postures must be multi-tiered and aligned with corporate software risk postures for optimal effectiveness.
Takeaways from ESRM: Not All AppSec Programs Are Created Equal
Open source is part of almost every software capability we use today. Can we be sure it's secure?
The Software Intelligence Report: What You Need to Know About Open Source Software
Step one? Improve your diet. The second? Make sure the software that runs your business is prepared to take on the road ahead.
3 Ways Startups Can Transform Software Intelligence Into an IPO
Follow these best practices for better data protection, more accurate security analysis and confident decision making.
Application security: 2 Steps to Improve Your Secure Engineering
La sostenibilità è nella Software Intelligence strutturale
GDPR e Cybersecurity By Design
Money talks, to the tune of $21M, and it says Software Intelligence is the cornerstone to reduce software risk.
The True Cost of Bad Software
As organizations adopt Software Intelligence to drive business outcomes, they may face challenges from development teams and architects. This is one story of success.
CEO in the Field: “If it was hard to write, it should be hard to understand.”
It doesn’t matter how many days removed we are from sipping champagne, singing "Auld Lang Synge" and making New Year’s resolutions, we still need to look back at 2017, lest we repeat the same mistakes we've already made.
2017: The Year of MotS (More of the Same)
Digital transformation is now a mandate, but it presents an opportunity for CIOs to reposition themselves at the heart of the business.
The Evolving Role of CIOs in the Age of Digital Transformation
CAST provides continuous support for OWASP Top Ten vulnerabilities, providing users with an automated validation of protection. This helps development teams detect places where vulnerabilities are left in code.
Application Security Vulnerability Detection
84% of breaches exploit vulnerabilities in the application layer. Is there a silver bullet for AppSec?
Get Creative with Your Application Security Strategy
As banks, financial services and insurance organizations increase their reliance on software-based digital capabilities, they have big decisions to make on how they will protect business operations with effective software risk management.
QA Financial Forum Reviews the Impact of New Regulations on Software Risk Management
At the upcoming Matinée CIO event in Paris, CAST, along with select partners and customers, will address challenges and best practices for digital transformation initiatives, including compliance, cloud migration, application security and establishing an Agile culture.
CAST Talks AppSec, Compliance and Digital Transformation at Matinée CIO
Software risk is business risk, but who is ultimately responsible? This blog explores insights from the Cutter Consortium on how to de-risk business-critical software systems.
Software Risk is Business Risk
Software today is more complex than it has ever been. New technologies emerge rapidly and as applications evolve to utilize them, gaps occur. Some gaps result in “technical debt”, an industry term to describe development practices where ideal craftsmanship has not been achieved and additional work needs to be done.
CI/CD DevOps: Enhancing Continuous Delivery with Software Intelligence
When you are a consumer credit company, victimized recently by a serious security breach where hackers exploited an application vulnerability to steal the personal information of roughly 143 million people, what do you do for an encore? For Equifax, the encore may be “get hacked a second time.”
An Encore for Equifax?
Insurance companies still spend a lot of money maintaining the infrastructure for their core legacy apps, but migrating some of these apps to a cloud platform could provide significant cost savings.
The State of Cloud Adoption in Insurance – Look Out for Migration Bumps Ahead!
The biggest lesson learned from the Equifax breach is that executives and application owners need a software risk scorecard that clearly outlines KPIs around software structural quality and security.
Lessons from Equifax: Get a Software Risk Scorecard