We’re sure that by now, you’ve seen all of the stories about last week’s computer turmoil at the New York Stock Exchange, United Airlines, the Wall Street Journal, and TD Ameritrade. And as a top-level executive you’ve probably launched an internal review, or at least asked yourself, “Could it happen here?”
The simple answer is, unfortunately, “yes, it most definitely could.”
The purpose of this white paper is to portray the worldwide state of agile adoption for our readers. While much has been written about the strengths and weaknesses of the technology, little data has been published to show how widely agile methods are used. This paper corrects that by providing data from our databases for public consumption. As shown in Figure 1, agile methods have become the dominant software development paradigm used throughout the world based on data from 330 organizations. Some of these organizations are offshoots of the 120 firms and government organizations from which we have received data. Figure 2 summarizes which agile methodologies are in use by these organizations. As many said that they were using a hybrid approach, i.e., one that combined agile with traditional concepts, we have included their response and categorized them as either hybrid or hybrid/lean (agile combined with lean).
Dr. Carol Woody of SEI was recently featured on a CISQ webinar about the correlation of software quality and software security. Her lessons on this topic highlight why software security cannot be something added after-the-fact, it must rather be factored into the development of software applications from the moment coding begins.
This is a lesson that companies such as Sony need to learn. While past breaches like the ones carried out by the LulzSec group in 2011, affected their customers and cost them dearly in terms of reputation and reparations, the one they suffered late last year hurt them much closer to home when cyber criminals breached Sony’s entire network and threatened to expose all stolen data.
Last month in this space I wrote about the importance of optimizing the cost-effectiveness of Captives (i.e., Global In-House Centers) by setting metrics and enhancing process transparency for better management of them. For these management methods to work, though, an organization needs to employ automated function points as a way to way to gain insight about current costs and supplied value, which can then be used to enhance received output from current or future providers.
We welcome guest blogger Bill Dickenson, an independent consultant and former VP of Application Management Services for IBM, who brings decades of experience in application development and DevOps. Dickenson’s post below discusses how using CAST’s automated software analysis and measurement solutions helps achieve the benefits of DevOps, while eliminating the risks.
The recent move to cloud based development/operations (DevOps) is changing the testing and development lifecycle by accelerating the speed that code can migrate from development, through testing, and into production. Cloud based testing environments can be instantiated and refreshed at an unprecedented speed.
In this post, we wanted to take a step back and break down exactly what a function point is and how an IT organization can use them to measure application development productivity, improve IT project planning and estimating, and better manage application service providers.
We knew that the most recent findings from our 2014 CRASH Report would cause a stir among the software development community — especially Agile advocates — but we were pleasantly surprised by the overwhelmingly positive reception the news received. Continue reading →