Tag: software analysis

Companies are waking up to the fact that the digital transformation journey is not a leisurely stroll. It’s more of a marathon sprint. Between externalization of processes and the Internet of Things (IoT) the need to increase “velocity” is becoming a key attribute of success. Yet the pressure to maintain cost effective solutions has not gone away. Big reasons today’s enterprises are accelerating digital transformation include:

DevOps, Digital Transformation and IoT, ‘Oh My’!

Con motivo de nuestro 25 aniversario, el pasado 16 de junio tuvo lugar el primer User Workshop a nivel local, una sesión cuyo objetivo reside en crear una comunidad de usuarios de CAST AIP y mantener informados a los clientes de las novedades de nuestras soluciones.

¿Hacia dónde evolucionan las soluciones de CAST y cómo pueden influir en las organizaciones?, ¿Estoy optimizando el uso de CAST AIP en mi organización? En formato taller y para crear un ambiente dinámico y participativo se dio respuesta a esta y muchas otras inquietudes y experiencias de un grupo de usuarios de CAST AIP con el objetivo de extraer todo el valor y potencial que la herramienta puede aportar en cada organización y dependiendo del público al que se dirijan los resultados de análisis extraído.

Software Analytics, un estímulo para el éxito de negocio

Le 15 Juin 2016, CAST a organisé un workshop au tour du sujet Security By Design à l’hôtel Hilton, Paris La Défense avec des intervenants de SOLUCOM, ATOS, BNP PARIBAS CARDIF et CAST en présence d’une trentaine de participants du secteur public, finance, énergie, éditeurs de logiciels, etc.

Security By Design

Software risks to the business, specifically Application Resiliency, headline a recent executive roundtable hosted by CAST and sponsored by IBM Italy, ZeroUno and the Boston Consulting Group.  European IT executives from the financial services industry assembled to debate the importance of mitigating software risks to their business.

Software Risk: Executive Insights on Application Resiliency

Last week, CAST, a global leader in software analytics, invited more than 100 IT professionals to participate in a software risk and analytics roundtable in New York, NY. The daylong exchange included CIOs, industry analysts, systems integrators and IT advisory firms. As an outcome of this gathering, CAST published an IT Trends 2016 Report. The following post attempts to capture some of the exchange between participants and key takeaways.

IT Trends 2016: Insights from the CAST CIO and IT Leaders’ Roundtable Discussion

Topping the list of IT Trends 2016 is helping CIOs take advantage of Big Data for themselves, while cutting through the clutter. Accelerating the time from data to decision requires analytics that highlight areas of risk and opportunity in support of business decisions, not technical ones. Proactive, predictive insight arms CIOs with the ability to ask the right questions, to challenge the status quo and surface technical risks that jeopardize revenue, reputation or brand. Real-time solutions that improve the signal-to-noise ratio top the CIO’s wish list for 2016.

IT Trends 2016

Companies worldwide use SAP, but SAP by itself does not resolve all of an organizations issues. As a result, a number of organizations need to customize SAP applications to suit their purposes, but this has met with mixed results.

CAST today released the results of the 2014-2015 CRASH Report for SAP, which revealed more than half of those organizations opting to customize SAP applications have encountered increased application risk, additional software risk management costs and disruption of critical business processes.

CRASH Report: Customized SAP Apps Increase Application Risk, Decrease Business Performance

In business, measurement is key. It’s not a new concept, of course, but it’s one that information technology has enabled to be implemented to a higher degree than ever before. Function point analysis is one of those areas where, like initiatives such as Six Sigma, the ability to measure can help insure ultimate success.

Function Points Analysis: On Point at Federal Productivity Workshop

There’s a common belief in the software development space that when companies choose application outsourcing of their projects, the control they relinquish by doing so results in lower application quality and puts their projects at risk. Once again, however, CAST’s biennial CRASH Report, which reviews the structural quality of business critical applications, has disproved this theory.

Is Application Security Risk a Result of Outsourcing?

For the last half-decade, a debate has raged over which project management method reigned supreme – Agile or Waterfall. To determine which held the advantage, some looked at the management techniques and fluidity with which projects were completed, others judged the debate by pointing to the structural quality of the applications being developed.

Agile-Waterfall Hybrid Best for Structural Quality According to CRASH Report Findings

Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.

This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.

Poor Software Quality Impacts Application Security

If you read the news these days, one would think that software security is something that is layered on top of existing software systems. The truth is, however, that software security needs to be woven into the very fabric of every system and this begins with eliminating vulnerabilities by measuring software quality as the system is built.

During the CAST Software Quality Fall Users Group, Dr. Carol Woody, PhD, senior member of the technical staff at the Software Engineering Institute (SEI) at Carnegie Mellon University, whose research focuses on cyber security engineering, discussed the importance of software quality as a basis for security.

Making Software Quality the First Measure of Software Security

Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.

Automated Function Points Provide Data-Driven Captives Management

They say “if something works, don’t fix it.” This old adage may be the reason behind why some organizations hold onto legacy systems longer than they should, but it is also the reason why these same organizations struggle with software complexity. In fact, according to the GAO, Uncle Sam spends 80 percent of its $86.4 billion IT budget on legacy systems.

Digital Transformation Keeps Software Complexity from Becoming a CIO’s Legacy

Benjamin Rehberg, Partner and Managing Director of the Boston Consulting Group and former consultant for IBM Global Business Services, discusses the importance of both IT risk management and application portfolio management (APM) in a video conversation with CAST. He looks at the challenges for IT leaders, the need for software measurement and discusses how IT transformation can improve business operations.

IT RISK MANAGEMENT: A Conversation with BCG’s Benjamin Rehberg

There’s an old adage in the IT industry – you can’t manage what you can’t measure. Knowing how complex an organization’s application portfolio is provides insight into how to manage it best. The problem is the issues that comprise software complexity – legacy system remnants, antiquated code, overwritten and rewritten code, the integration of formerly proprietary applications, et al – are the same things that make measuring it difficult.

With multiple system interfaces and complex requirements, the complexity of software systems sometimes grows beyond control, rendering applications and portfolios too costly to maintain and too risky to enhance. Left unchecked, software complexity can run rampant in delivered projects, leaving behind bloated, cumbersome applications. In fact, Alain April, an expert in the field of IT maintenance, has stated, “the act of maintaining software necessarily degrades it.”

Five Reasons You MUST Measure Software Complexity

As IT organizations face increasing demands from business, their IT systems have become increasingly complex. Today’s applications are typically a heterogeneous web of systems and software from an array of vendors and custom development.

Top 5 Reasons to Use Code Analysis Tools with Automation to Establish Vendor Management Metrics

Have you performed code analysis on your software recently? If not, you are in good company as many companies are failing to do the one thing that could improve their software security – making sure the software isn’t vulnerable to an attack to begin with.

Closing the Back Door thru Code Analysis