CAST

Tag: software analysis

Software Analytics, un estímulo para el éxito de negocio

Con motivo de nuestro 25 aniversario, el pasado 16 de junio tuvo lugar el primer User Workshop a nivel local, una sesión cuyo objetivo reside en crear una comunidad de usuarios de CAST AIP y mantener informados a los clientes de las novedades de nuestras soluciones.

¿Hacia dónde evolucionan las soluciones de CAST y cómo pueden influir en las organizaciones?, ¿Estoy optimizando el uso de CAST AIP en mi organización? En formato taller y para crear un ambiente dinámico y participativo se dio respuesta a esta y muchas otras inquietudes y experiencias de un grupo de usuarios de CAST AIP con el objetivo de extraer todo el valor y potencial que la herramienta puede aportar en cada organización y dependiendo del público al que se dirijan los resultados de análisis extraído.

Security By Design

Le 15 Juin 2016, CAST a organisé un workshop au tour du sujet Security By Design à l’hôtel Hilton, Paris La Défense avec des intervenants de SOLUCOM, ATOS, BNP PARIBAS CARDIF et CAST en présence d’une trentaine de participants du secteur public, finance, énergie, éditeurs de logiciels, etc.

Software Risk: Executive Insights on Application Resiliency

Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Is Application Security Risk a Result of Outsourcing?

There’s a common belief in the software development space that when companies choose application outsourcing of their projects, the control they relinquish by doing so results in lower application quality and puts their projects at risk. Once again, however, CAST’s biennial CRASH Report, which reviews the structural quality of business critical applications, has disproved this theory.

Agile-Waterfall Hybrid Best for Structural Quality According to CRASH Report Findings

For the last half-decade, a debate has raged over which project management method reigned supreme – Agile or Waterfall. To determine which held the advantage, some looked at the management techniques and fluidity with which projects were completed, others judged the debate by pointing to the structural quality of the applications being developed.

Poor Software Quality Impacts Application Security

Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

Making Software Quality the First Measure of Software Security

If you read the news these days, one would think that software security is something that is layered on top of existing software systems. The truth is, however, that software security needs to be woven into the very fabric of every system and this begins with eliminating vulnerabilities by measuring software quality as the system is built.

During the CAST Software Quality Fall Users Group, Dr. Carol Woody, PhD, senior member of the technical staff at the Software Engineering Institute (SEI) at Carnegie Mellon University, whose research focuses on cyber security engineering, discussed the importance of software quality as a basis for security.

Automated Function Points Provide Data-Driven Captives Management

Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.

Five Reasons You MUST Measure Software Complexity

There’s an old adage in the IT industry – you can’t manage what you can’t measure. Knowing how complex an organization’s application portfolio is provides insight into how to manage it best. The problem is the issues that comprise software complexity – legacy system remnants, antiquated code, overwritten and rewritten code, the integration of formerly proprietary applications, et al – are the same things that make measuring it difficult.

With multiple system interfaces and complex requirements, the complexity of software systems sometimes grows beyond control, rendering applications and portfolios too costly to maintain and too risky to enhance. Left unchecked, software complexity can run rampant in delivered projects, leaving behind bloated, cumbersome applications. In fact, Alain April, an expert in the field of IT maintenance, has stated, “the act of maintaining software necessarily degrades it.”

Closing the Back Door thru Code Analysis

Have you performed code analysis on your software recently? If not, you are in good company as many companies are failing to do the one thing that could improve their software security – making sure the software isn’t vulnerable to an attack to begin with.