How To Improve Your Software
|
|
- Raymond Sherman
- 3 years ago
- Views:
Transcription
1 Driving Quality, Security and Compliance in Third- Party Code Dave Gruber Director of Product Marketing, Black Duck Keri Sprinkle Sr Product Marketing Manager, Coverity Jon Jarboe Sr Technical Marketing Manager, Coverity
2 Software is at the heart of disruptive business models 2 Copyright Coverity, Inc. and Black Duck, 2013
3 The Global State of Open Source Software is Eating the World Marc Andreessen And Open Source is Driving the Software World Open Source Projects 1M Projects 100B LoC 10M personyears Source: Black Duck Software 3 Copyright Coverity, Inc. and Black Duck, 2013
4 81% of business leaders believe that technology is a fundamental element of their business model Over 60 million tablets and 175 million smartphones will be in the workplace by the end of 2012 Software By 2016, open source software will be included in mission-critical applications within 99% of Global 2000 enterprises 4 Copyright Coverity, Inc. and Black Duck, 2013
5 Software today is Multi-Source OSS Communities Internally Developed Code Outsourced Code Development Commercial 3 rd- Party Code Your Software Application THE ENTERPRISE TOOLS, PROCESSES Global 2000 organizations increasingly leverage code from a vast array of sources including internally built, open source, outsourced, commercially built, and customized applications. - Melinda Ballou, IDC 5 Copyright Coverity, Inc. and Black Duck, 2013
6 3 rd Party Code Software Supply Chain Out sourcing Commercial 3 rd -party OEM Open Source Multi-tier Supply Chain 3 rd Tier Supplier 2 nd Tier Supplier 1 st Tier Supplier 6 Copyright Coverity, Inc. and Black Duck, 2013
7 Defect/Issue Types Code Quality Defects 7 Copyright Coverity, Inc. and Black Duck, 2013
8 Defects, Quality and Cost Quality issues 85% Quality Costs Found Introduced Coding Unit test Function Field test stage test Capers Jones, applied software measurement: assuring productivity and quality. Post release 8 Copyright Coverity, Inc. and Black Duck, 2013
9 But what about supply chain? Near-finished SW arrives at your doorstep Cycles are Costly and Time-Consuming Discovering issues at this point requires a cycle back to one or more suppliers Supply Chain Supply Chain Supply Chain 9 Copyright Coverity, Inc. and Black Duck, 2013
10 60 million lines of code written by developers every day $60 billion annual U.S. cost due to poor software quality 80% software development budget spent fixing software defects 10 Copyright Coverity, Inc. and Black Duck, 2013
11 Development Testing Build Better Software Faster Analyze Accurately detect issues difficult to find through traditional testing Remediate Quickly and efficiently manage issues to resolution Govern Enforce a consistent standard for quality, security, licensing and testing 11 Copyright Coverity, Inc. and Black Duck, 2013
12 Coverity is the leader Company and Technology Innovation Founded in 2003 at Stanford Computer Science Laboratory 300 employees across 13 offices and 10 countries worldwide 16 patents and 4 pending for platform and analysis algorithms Customer and Market Leadership Over 1,100 world-class customers Over 5 billion lines of code under management #1 in Software Quality Analysis market IDC #1 in Automated Test and Verification market VDC Transformational company in testing market voke Best software development solution
13 Authoritative source on OSS quality Coverity Scan: free cloud-based service for open source ,000 leading open source projects defects fixed by community The bottom line is that Coverity has an excellent product, and if you run or contribute to an open source project written in C/C++ you should be using Coverity Scan. It will likely find bugs that can certainly have security implications in your code. -Michael Rash, Security Researcher
14 Development Testing Transform software testing from reactive to proactive Fewer defects escape dev Design Development Quality Assurance Product Release & Management 5x cost 10x cost 30x cost 14 Copyright Coverity, Inc., 2013
15 Coverity Development Testing Platform Analyze Remediate Govern Analysis Packs Dynamic Analysis Policy Manager Coverity Connect SDLC Integrations Third Party Metrics IDE Architecture Analysis Analysis Integrations Quality Advisor Security Advisor Test Advisor Code Coverage Test Execution Build/ Continuous Integration Defect Tracking Analysis Integration Toolkit Coverity SAVE Static Analysis Verification Engine SCM ALM Proprietary Code Open Source Code 15 Copyright Coverity, Inc., 2013
16 The industry s first developer-friendly software testing platform Integration into development workflow IDE Defect tracking SCM Build/CI ALM Analysis Accuracy Proven false positive rate of less than 10% on codebases over 1M lines of code Remediation Guidance Show path to defect and fix guidance in context of developer s code patent-pending security remediation engine Performance and Scale Proven scale on codebases up to 100M Analysis runs in minutes to hours vs. days to weeks Coverity enables developers to produce secure code and gives developers a more positive attitude about addressing security, while ultimately leads to fixing defects. -Gerold Hubner, Chief Product Security Officer at SAP
17 Automate testing within the inner loop of development Writes code Centralized Source Control build Fixes New Management Prioritized Assigned critical Creates issues generated back issues unit are defects System found to test appropriate Prioritized developer tests Analyzes code Interprocedural quality and security defects New tests required because of change impact
18 Build a stage gate across the SDLC Planning Deployment Requirements Security Audit No Uninspected No New Quality Defects or Security Defects No Critical Security Quality Defects All Critical Code Tested All Critical Code Tested Analysis and Design Quality Assurance Development
19 Gain executive level visibility into risk Across teams, projects and components
20 The Golden Rule for Proper Software Supply Chain Management Treat the management of open source software as an integrated, cross functional business process, and not simply as a development process.
21 Best Practices for Managing Open Source Policy Process Technology 1. Adopt and enforce an open source and third-party code policy 2. Identify and track all external code that is used 3. Automate validation at the point of acquisition and development 4. Automate monitoring and tracking open source components 5. Control the use of components and promote standardization 6. Use automation tools to produce complete Bills of Material and reports for supply chain partners
22 License Management License Policy Know what licenses apply to what use cases Informed Choices Helping developers have up-front insight into licenses and policy Approvals Streamlined, automated approval process Auditing OSS still sneaks in, so auditing is required throughout the process
23 Visibility and Monitoring of Security Vulnerabilities Are there known security vulnerabilities in components that I want to use? Is anyone paying attention to vulnerability reports postdeployment? Are version updates available that resolve security vulnerabilities?
24 Automating the Process Application development cycle Plan Code Build Test Release Open source governance lifecycle Acquire Approve Catalog Audit Monitor Description Version Vulnerabilities Cryptography License Maturity Deep License Data Black Duck KnowledgeBase
25 Starting Point Baselining your codebase Bill-of-Materials Open Source Components Licenses Versions Auditing all inbound SW from suppliers BOMs Licenses and obligations Cataloging OSS for fast access when issues/defects are reported Using SPDX to communicate with your supply chain
26 Software Package Data Exchange (SPDX ) The SPDX Specification enables suppliers and consumers of software that contains open source code to provide a "bill of materials" that describes the open source licenses and components that are included. The specification defines a common file format to communicate this information. Working group of FOSSBazaar (governance best practices group under Linux Foundation) Charter: Create data exchange standards to enable license and component information sharing (metadata) Participation from software, systems and tool vendors, consultants and foundations
27 Working with Suppliers Setting expectations with suppliers at the beginning of your relationship Share your open source policy Require a Bill of Materials for all OSS used Audit/Scan results for quality, security and license You must be able to audit their contributions For Code Quality For Licenses For Security Vulnerabilities Automated tools are critical with supply-chain, inbound SW
28 No licenses means no permission 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 7% 93% Non GitHub 77% 23% GitHub No Declared Declared 42% have Embedded Licenses These embedded licenses contain specific obligations that govern the use of the overall project. The lack of a declared license for an open source project can cause an enterprise to steer clear of it, limiting the projects organizations can use. The ability to access embedded license information and obligations up-front during the code selection process opens a sizeable opportunity for enterprises and could have significant impact on their bottom line. - Mark Driver, Vice President and Research Director, Gartner.
29 Strategic Use of Open Source 80% 30% Average* Best in class *Source: IDC 2012
30 Black Duck Coverity Integration Solution demo
31 Simplified Architecture Combining Coverity and Black Duck Policy Manager Coverity Connect Unified Database Coverity Analysis Commit Results Issue Repository Black Duck Analysis IDE (Eclipse, Visual Studio, etc.)
32 Remediate Critical Quality Defects Leveraging a Robust Issue Management Repository Prioritize and filter based on impact CWE compatible mapping and knowledge base Automatically assign defects to owners Identify the exact path to the defect Automatically identify every occurrence of a defect across branches
33 Example Licensing Issue from Black Duck
34 Coverity Policy Manager
35 Coverity Policy Manager
36 Coverity Policy Manager
37 Coverity Policy Manager
38 Coverity Policy Manager
39 Coverity Policy Manager 2 1
40
41 Development Testing Maturity Model Level 5 Integration into SDLC High Level 1 Detection of critical quality and security defects as part of SW build process. No new defects introduced. Level 2 Identification of areas of risk caused by insufficient automated testing. Ensure critical code is prioritized and tested. Level 3 Integration into the existing SDLC using a common workflow for all defects and test effectiveness issues. Level 4 Establish and enforce consistent source code quality and security policies. Establish source code acceptance criteria. All legacy defects eliminated, build fails if new defects are introduced. All critical code and code impacted by change is tested. Development Testing Adoption High 41 Copyright Coverity, Inc. and Black Duck, 2013
42 Black Duck and Coverity Build Better Software Faster Analyze Accurately detect issues difficult to find through traditional testing Remediate Quickly and efficiently manage issues to resolution Govern Enforce a consistent standard for quality, security, licensing and testing 42 Copyright Coverity, Inc. and Black Duck, 2013
43 Questions?
How to Avoid 5 Common Pitfalls in Open Source Utilization. July 2013
How to Avoid 5 Common Pitfalls in Open Source Utilization July 2013 Today s Presenters Phil Odence Black Duck Baruch Sadogursky JFrog 2 Agenda Open Source Trends Avoiding 5 Common Pitfalls JFrog Artifactory
More informationHOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS. 2015 Black Duck Software, Inc. All Rights Reserved.
HOW TO UTILIZE OPEN SOURCE IN YOUR CODE BASE AND BUILD PROCESS 2015 Black Duck Software, Inc. All Rights Reserved. TODAY S PRESENTERS Baruch Sadogursky JFrog Dave Gruber Black Duck 2 2015 Black Duck Software,
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationWhat Developers, Cars & Banks Have in Common: Best Practices for Open Source Governance
What Developers, Cars & Banks Have in Common: Best Practices for Open Source Governance Shoken Kim Black Duck Software June 7, 2012 Linux Con Japan Compliance Mini-Track Overview Trends Strategic use of
More informationOpen Source Software and the impact on Mergers & Acquisitions
Open Source Software and the impact on Mergers & Acquisitions Black Duck 2013 Speakers Russell Hartz VP of Corporate Development SAP Oliver Vivell Senior Director of Corporate Development SAP Matthew Jacobs
More informationStreamlining Open Source License Compliance with SPDX
Streamlining Open Source License Compliance with SPDX Kirsten Newcomer Black Duck Software June 7, 2012 Linux Con Japan Compliance Mini Track Overview Software is everywhere How SPDX helps the supply chain
More informationAdapting IT Governance Frameworks to Ensure Control and Visibility of Open Source
Adapting IT Governance Frameworks to Ensure Control and Visibility of Open Source Dave Lounsbury, CTO & Vice President, The Open Group Peter Vescuso, EVP of Marketing & Business Development, Black Duck
More information5 Steps for a Winning Open Source Compliance Program
5 Steps for a Winning Open Source Compliance Program Kellan Ponikiewicz Peter Vescuso @black_duck_sw Black Duck 2013 Speakers Peter Vescuso EVP of Marketing Black Duck Software Kellan Ponikiewicz IP Counsel
More informationCoverity Services. World-class professional services, technical support and training from the Coverity development testing experts
Coverity Services World-class professional services, technical support and training from the Coverity development testing experts Coverity has helped over 1,100 customers around the globe assure the quality,
More informationHow To Manage An Open Source Software
Executive Briefing: Four Steps to Creating an Effective Open Source Policy Greg Olson Sr. Director OSS Management Olliance Group Speaker Greg Olson Sr. Director, Open Source Management Over 30 years of
More informationOperationalizing Application Security & Compliance
IBM Software Group Operationalizing Application Security & Compliance 2007 IBM Corporation What is the cost of a defect? 80% of development costs are spent identifying and correcting defects! During the
More informationOSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA
OSS LOGISTICS: DRIVING INNOVATIVE SOFTWARE FROM DEVELOPER TO CUSTOMER Alex Bigmore Senior Architect & Open Source Governance Programme Manager SITA Phil Granof EVP & Chief Marketing Officer Black Duck
More informationCoverity White Paper. Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing
Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing The Stakes Are Rising Security breaches in software and mobile devices are making headline news and costing companies
More informationBOM based on what they input into fossology.
SPDX Tool Website SPDX Tool Description License and copyright scanner that emits license names that conform to SPDX. In March a module should be added that gives the user an SPDX FOSSology fossology.org
More informationPhil Marshall Black Duck Software. 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved.
Open Source Component Governance and Management Using COBIT Phil Marshall Black Duck Software 2012 ISACA Webinar Program. 2012 ISACA. All rights reserved. Welcome Type in questions using the Ask A Question
More informationDriving Business Agility with the Use of Open Source Software
Driving Business Agility with the Use of Open Source Software Speakers Peter Vescuso EVP of Marketing & Business Development Black Duck Software Melinda Ballou Program Director, Application Life-Cycle
More informationSeven Practical Steps to Delivering More Secure Software. January 2011
Seven Practical Steps to Delivering More Secure Software January 2011 Table of Contents Actions You Can Take Today 3 Delivering More Secure Code: The Seven Steps 4 Step 1: Quick Evaluation and Plan 5 Step
More informationScanning Open Source Software and Managing License Obligations on IBM SmartCloud. Because code travels
Scanning Open Source Software and Managing License Obligations on IBM SmartCloud Because code travels 1 Webinar Agenda Protecode & IBM SmartCloud Company IBM Partnership Solutions Managing Code Obligations
More informationAccelerating Software Security With HP. Rob Roy Federal CTO HP Software
Accelerating Software Security With HP Rob Roy Federal CTO HP Software If we were in a cyberwar today, the United States would lose. Mike McConnell Former DNI, NSA. Head of Booz Allen Hamilton National
More informationCopyright 11/1/2010 BMC Software, Inc 1
Copyright 11/1/2010 BMC Software, Inc 1 Copyright 11/1/2010 BMC Software, Inc 2 Copyright 11/1/2010 BMC Software, Inc 3 The current state of IT Service How we work today! INCIDENT SERVICE LEVEL DATA SERVICE
More informationHP Application Lifecycle Management
HP Application Lifecycle Management Overview HP Application Lifecycle Management is a software solution expressly designed to allow your team to take control of the application lifecycle while investing
More informationSuccessfully managing geographically distributed development
IBM Rational SCM solutions for distributed development August 2004 Successfully managing geographically distributed development Karen Wade SCM Product Marketing Manager IBM Software Group Page 2 Contents
More informationDevelopers and the Software Supply Chain. Andy Chou, PhD Chief Technology Officer Coverity, Inc.
Developers and the Software Supply Chain Andy Chou, PhD Chief Technology Officer Coverity, Inc. About Andy CTO at Coverity since 2010 Co-founder at Coverity, 2003 From five guys in a garage to 280 employees
More informationTable of contents. Best practices in open source governance. Managing the selection and proliferation of open source software across your enterprise
Best practices in open source governance Managing the selection and proliferation of open source software across your enterprise Table of contents The importance of open source governance... 2 Executive
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationDevelopment Testing for Agile Environments
Development Testing for Agile Environments November 2011 The Pressure Is On More than ever before, companies are being asked to do things faster. They need to get products to market faster to remain competitive
More informationThe Corporate Counsel s Guide to Open Source Software Policy Implementation
The Corporate Counsel s Guide to Open Source Software Policy Implementation How to Protect the Enterprise from Risk while Helping Your Company More Efficiently Develop and Maintain Applications Black Duck
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationXEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE
XEROX TALKS BEST PRACTICES FOR OPEN SOURCE GOVERNANCE November 2014 2014 Black Duck Software, Inc. All Rights Reserved. SPEAKERS Phil Odence Vice President and General Manager Black Duck Software Robert
More informationCoverity White Paper. Managing Risk: Ensure Software Quality and Security Across the Automotive Supply Chain
Managing Risk: Ensure Software Quality and Security Across the Automotive Supply Chain January 2012 The Automotive industry is undergoing a radical transformation. There s been tremendous industry consolidation
More informationOrchestrated. Release Management. Gain insight and control, eliminate ineffective handoffs, and automate application deployments
Orchestrated Release Management Gain insight and control, eliminate ineffective handoffs, and automate application deployments Solution Brief Challenges Release management processes have been characterized
More informationSimplify and Automate IT
Simplify and Automate IT Expectations have never been higher Reduce IT Costs 30% increase in staff efficiency Reduce support costs by 25% Improve Quality of Service Reduce downtime by 75% 70% faster MTTR
More informationAchieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations
Achieving Control: The Four Critical Success Factors of Change Management Technology Concepts & Business Considerations T e c h n i c a l W H I T E P A P E R Table of Contents Executive Summary...........................................................
More informationOpen Source Compliance: The Challenge of Managing Abundance. Peter Vescuso Black Duck Software
Open Source Compliance: The Challenge of Managing Abundance Peter Vescuso Black Duck Software Open Source Compliance: The Challenge of Managing Abundance Agenda The abundance The Challenges Meeting the
More informationApplication Outsourcing: The management challenge
White Paper Application Outsourcing: The management challenge Embedding software quality management for mutual benefit Many large organizations that rely on mainframe applications outsource the management
More informationImplement a unified approach to service quality management.
Service quality management solutions To support your business objectives Implement a unified approach to service quality management. Highlights Deliver high-quality software applications that meet functional
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationDetecting Critical Defects on the Developer s Desktop
Detecting Critical Defects on the Developer s Desktop Seth Hallem CEO Coverity, Inc. Copyright Coverity, Inc. 2006. All Rights Reserved. This publication, in whole or in part, may not be reproduced, stored
More informationBMC Software s ITSM Solutions: Remedy ITSM & Service Desk Express SOLUTION WHITE PAPER
BMC Software s ITSM Solutions: Remedy ITSM & Service Desk Express SOLUTION WHITE PAPER Table of Contents Introduction................................................... 1»» BMC Remedy Service Desk Overview
More informationENJOYING OPEN SOURCE WITHOUT COMPROMISING BUSINESS. Dr. Ron Rymon Founder, White Source Software ron@whitesourcesoftware.com
ENJOYING OPEN SOURCE WITHOUT COMPROMISING BUSINESS Dr. Ron Rymon Founder, White Source Software Background I am a software entrepreneur, not a legal expert My own experience with the dark side of open
More informationCMDB Essential to Service Management Strategy. All rights reserved 2007
CMDB: Essential to the Service Management strategy Business Proposition: This white paper describes how the CMDB is an essential component of the IT Service Management Strategy, and why the FrontRange
More informationIBM Rational AppScan: Application security and risk management
IBM Software Security November 2011 IBM Rational AppScan: Application security and risk management Identify, prioritize, track and remediate critical security vulnerabilities and compliance demands 2 IBM
More informationCGI Payments360. Moving money with greater agility and confidence. Experience the commitment
CGI Payments360 Moving money with greater agility and confidence Experience the commitment Addressing today s payments realities Customers want the ability to buy anything, pay anyone and bank anywhere
More informationCoverity White Paper. Effective Management of Static Analysis Vulnerabilities and Defects
Effective Management of Static Analysis Vulnerabilities and Defects Introduction According to a recent industry study, companies are increasingly expanding their development testing efforts to lower their
More informationMinimizing code defects to improve software quality and lower development costs.
Development solutions White paper October 2008 Minimizing code defects to improve software quality and lower development costs. IBM Rational Software Analyzer and IBM Rational PurifyPlus software Kari
More informationLegal Issues for FOSS-based Supply Chain Management. Herve Guyomard, Black Duck Software
Legal Issues for FOSS-based Supply Chain Management Herve Guyomard, Black Duck Software Agenda Legal Case in Supply Chain Open Source in Mobile Mobile devices Supply Chain Management Summary Copyright
More informationSimplify and Automate IT
Simplify and Automate IT The current state of IT INCIDENT SERVICE LEVEL DATA SERVICE REQUEST ASSET RELEASE CONFIGURATION GOVERNANCE AND COMPLIANCE EVENT AND IMPACT ENTERPRISE SCHEDULING DASHBOARDS CAPACITY
More informationWhite Paper Software Quality Management
White Paper What is it and how can it be achieved? Successfully driving business value from software quality management is imperative for many large organizations today. Historically, many Quality Assurance
More informationSoftware Code Quality Checking (SCQC) No Clearance for This Secret: Information Assurance is MORE Than Security
Software Code Quality Checking (SCQC) No Clearance for This Secret: Information Assurance is MORE Than Security Nominee International Security Executives (ISE ) Information Security Project of the Year
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationCA Service Desk Manager
PRODUCT BRIEF: CA SERVICE DESK MANAGER CA Service Desk Manager CA SERVICE DESK MANAGER IS A VERSATILE, COMPREHENSIVE IT SUPPORT SOLUTION THAT HELPS YOU BUILD SUPERIOR INCIDENT AND PROBLEM MANAGEMENT PROCESSES
More informationAddress IT costs and streamline operations with IBM service desk and asset management.
Asset management and service desk solutions To support your IT objectives Address IT costs and streamline operations with IBM service desk and asset management. Highlights Help improve the value of IT
More informationSoftware Supply Chains: Another Bug Bites the Dust.
SESSION ID: STR-T08 Software Supply Chains: Another Bug Bites the Dust. Todd Inskeep 1 Global Security Assessments VP Samsung Business Services @Todd_Inskeep Series of Recent, Large, Long-term Security
More informationContinuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
???? 1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Application Delivery is Accelerating Surge in # of releases per app
More informationBIG DATA ANALYTICS: THE TRANSFORMATIVE POWERHOUSE FOR BIOTECH INDUSTRY ADVANCEMENT. David Wiggin October 8, 2013
BIG DATA ANALYTICS: THE TRANSFORMATIVE POWERHOUSE FOR BIOTECH INDUSTRY ADVANCEMENT David Wiggin October 8, 2013 AGENDA Big Data Analytics Four Examples Global Supply Chain Visibility Demand Signal Repository
More informationDelivering Quality Service with IBM Service Management
Delivering Quality Service with IBM Service Milos Nikolic, Global Technology Services Manager Dragan Jeremic, Technical Sales Specialist for Tivoli December 10th 2008 Innovation is the Process, Success
More informationCA Repository for Distributed. Systems r2.3. Benefits. Overview. The CA Advantage
PRODUCT BRIEF: CA REPOSITORY FOR DISTRIBUTED SYSTEMS r2.3 CA Repository for Distributed Systems r2.3 CA REPOSITORY FOR DISTRIBUTED SYSTEMS IS A POWERFUL METADATA MANAGEMENT TOOL THAT HELPS ORGANIZATIONS
More informationThe Benefits of Utilizing a Repository Manager
Sonatype Nexus TM Professional Whitepaper The Benefits of Utilizing a Repository Manager An Introduction to Sonatype Nexus TM Professional SONATYPE www.sonatype.com sales@sonatype.com +1 301-684-8080 12501
More informationIBM Tivoli Netcool network management solutions for enterprise
IBM Netcool network management solutions for enterprise The big picture view that focuses on optimizing complex enterprise environments Highlights Enhance network functions in support of business goals
More informationLeveraging Open Source for a Winning Enterprise Mobile Strategy
Leveraging Open Source for a Winning Enterprise Mobile Strategy Speakers Peter Vescuso EVP of Marketing & Business Development Black Duck Software @black_duck_sw Bryan House VP of Marketing Acquia @bryanhouse
More informationEnterprise Data Governance
DATA GOVERNANCE Enterprise Data Governance Strategies and Approaches for Implementing a Multi-Domain Data Governance Model Mark Allen Sr. Consultant, Enterprise Data Governance WellPoint, Inc. 1 Introduction:
More informationManaging Open Source Software Supply Chains
Managing Open Source Software Supply Chains Agenda Introduction Identify the ten most common open source license obligations Explain what you need to do to comply with these obligations Discuss the key
More informationOracle Cloud: Enterprise Resource Planning
Oracle Cloud: Enterprise Resource Planning Rondy Ng Senior Vice President Applications Development Safe Harbor Statement "Safe Harbor" Statement: Statements in this presentation relating to Oracle's future
More informationENTERPRISE ASSET MANAGEMENT (EAM) The Devil is in the Details CASE STUDY
ENTERPRISE ASSET MANAGEMENT (EAM) The Devil is in the Details CASE STUDY 1 EXECUTIVE SUMMARY Enterprise Asset Management (EAM) is a strategy to provide an optimal approach for the management of the physical
More informationOpen Source and the New Software Supply Chain. Mark Tolliver, CEO Palamida Inc.
Open Source and the New Software Supply Chain Mark Tolliver, CEO Palamida Inc. Could You Sign This? Typical Software Project Metrics 2.9 GB 87,863 Files 8,535,345 LOC Copyright holders ~350 Archives 178
More informationBe Fast, but be Secure a New Approach to Application Security July 23, 2015
Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Copyright 2015 Vivit Worldwide Copyright 2015 Vivit Worldwide Brought to you by Copyright 2015 Vivit Worldwide Hosted by Paul
More informationHow Virtual Compilation Transforms Code Analysis
How Virtual Compilation Transforms Code Analysis 2009 Checkmarx. All intellectual property rights in this publication are owned by Checkmarx Ltd. and are protected by United States copyright laws, other
More informationEnabling Data Quality
Enabling Data Quality Establishing Master Data Management (MDM) using Business Architecture supported by Information Architecture & Application Architecture (SOA) to enable Data Quality. 1 Background &
More informationSOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?
SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT
More informationHP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security
HP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security The problem Cyber attackers are targeting applications
More informationThe Worksoft Suite. Automated Business Process Discovery & Validation ENSURING THE SUCCESS OF DIGITAL BUSINESS. Worksoft Differentiators
Automated Business Process Discovery & Validation The Worksoft Suite Worksoft Differentiators The industry s only platform for automated business process discovery & validation A track record of success,
More informationApplication Security Center overview
Application Security overview Magnus Hillgren Presales HP Software Sweden Fredrik Möller Nordic Manager - Fortify Software HP BTO (Business Technology Optimization) Business outcomes STRATEGY Project &
More informationIT Legacy Migration from Proprietary to Open Source Software. Bill Weinberg, Black Duck Software Jay Lyman, 451 Research
IT Legacy Migration from Proprietary to Open Source Software Bill Weinberg, Black Duck Software Jay Lyman, 451 Research Black Duck 2013 Speakers Jay Lyman Senior Analyst 451 Research Bill Weinberg Senior
More informationControlling Risk Through Software Code Governance
Controlling Risk Through Software Code Governance July 2011 Catastrophic Consequences Today s headlines are filled with stories about catastrophic software failures and security breaches; medical devices
More informationSOLUTION WHITE PAPER. 6 Advantages of a Cloud-Based IT Service Desk By Jeff Moloughney, Principal Solution Marketing Manager, BMC Software
SOLUTION WHITE PAPER 6 Advantages of a Cloud-Based IT Service Desk By Jeff Moloughney, Principal Solution Marketing Manager, BMC Software INTRODUCTION More than ever, information technology has become
More informationWhitepaper Accelerating Your Success with Avnet and HP
Accelerating Your Success Whitepaper Accelerating Your Success with Avnet and HP Build your competitive advantage with stable, long-life platforms, global support, and direct engineering access Accelerating
More informationIBM Tivoli Service Request Manager
Deliver high-quality services while helping to control cost IBM Tivoli Service Request Manager Highlights Streamline incident and problem management processes for more rapid service restoration at an appropriate
More informationApplication Test Management and Quality Assurance
SAP Brief Extensions SAP Quality Center by HP Objectives Application Test Management and Quality Assurance Deliver new software with confidence Deliver new software with confidence Testing is critical
More informationROUTES TO VALUE. Business Service Management: How fast can you get there?
ROUTES TO VALUE Business Service : How fast can you get there? BMC Software helps you achieve business value quickly Each Route to Value offers a straightforward entry point to BSM; a way to quickly synchronize
More informationCapgemini BizLender 360 An Integrated Straight Through Processing Solution for Business Lending Origination
In Collaboration with SM Capgemini BizLender 360 An Integrated Straight Through Processing Solution for Business Lending Origination Using technology and expertise to boost efficiency, enhance decision
More informationCloud computing: Innovative solutions for test environments
IBM Global Services April 2009 Cloud computing: Innovative solutions for test environments Speed test cycles and reduce cost to gain a competitive edge Page No.2 Contents 2 Executive summary 3 Leading
More informationDESIGNED FOR YOUR INDUSTRY. SCALED TO YOUR BUSINESS. READY FOR YOUR FUTURE. SAP INDUSTRY BRIEFING FOR HEATING, VENTILATION, AIR CONDITIONING, AND
DESIGNED FOR YOUR INDUSTRY. SCALED TO YOUR BUSINESS. READY FOR YOUR FUTURE. SAP INDUSTRY BRIEFING FOR HEATING, VENTILATION, AIR CONDITIONING, AND PLUMBING EQUIPMENT MANUFACTURERS BEST-RUN HVAC AND PLUMBING
More informationSOLUTION WHITE PAPER. Align Change and Incident Management with Business Priorities
SOLUTION WHITE PAPER Align Change and Incident Management with Business Priorities Table of Contents Executive summary 1 the Need for Business aware Service support processes 2 The Challenge of Traditional
More informationBusiness Process Management in Manufacturing: From Process to Value
Manufacturing the way we see it Business Process Management in Manufacturing: From Process to Value New Capgemini research shows how organizations can move to the next level of BPM maturity BPM can help
More informationClarity Infrastructure Management helps network operators to plan and document the change to their networks
Clarity Infrastructure Management helps network operators to plan and document the change to their networks clarity.com 2 Clarity Simplifying Operations Cost effective and timely network rollouts or upgrades
More informationI N D U S T R Y D E V E L O P M E N T S A N D M O D E L S. I D C M a t u r i t y M o d e l : P r i n t a n d D o c u m e n t M a n a g e m e n t
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com E X C E R P T I N D U S T R Y D E V E L O P M E N T S A N D M O D E L S I D C M a t u r i t y M o
More informationProduct Lifecycle Sourcing enabled by Teamcenter s SRM solutions
Product Lifecycle Sourcing enabled by Teamcenter s SRM solutions White Paper In today s era of outsourcing, most companies find that the lack of coordination among suppliers, procurement and product development
More informationPragmatic Business Service Management
Pragmatic Business Service Management Written by Quest Software, Inc. White Paper Copyright Quest Software, Inc. 2007. All rights reserved. This guide contains proprietary information, which is protected
More informationWHITE PAPER. Development Testing for Agile Enterprises Helping Teams Maximize Velocity
Development Testing for Agile Enterprises Helping Teams Maximize Velocity The Need for Speed Companies in almost every industry use software to drive innovation and compete in today s marketplace. And
More informationWhite Paper. Automating Your Code Review: Moving to a SaaS Model for Application Security
White Paper Automating Your Code Review: Moving to a SaaS Model for Application Security Contents Overview... 3 Executive Summary... 3 Code Review and Security Analysis Methods... 5 Source Code Review
More informationWhite Paper. Software Development Best Practices: Enterprise Code Portal
White Paper Software Development Best Practices: Enterprise Code Portal An Enterprise Code Portal is an inside the firewall software solution that enables enterprise software development organizations
More informationCA Vulnerability Manager r8.3
PRODUCT BRIEF: CA VULNERABILITY MANAGER CA Vulnerability Manager r8.3 CA VULNERABILITY MANAGER PROTECTS ENTERPRISE SYSTEMS AND BUSINESS OPERATIONS BY IDENTIFYING VULNERABILITIES, LINKING THEM TO CRITICAL
More informationIBM Rational ClearCase, Version 8.0
IBM Rational ClearCase, Version 8.0 Improve software and systems delivery with automated software configuration management solutions Highlights Improve software delivery and software development life cycle
More informationEnhance visibility into and control over software projects IBM Rational change and release management software
Enhance visibility into and control over software projects IBM Rational change and release management software Accelerating the software delivery lifecycle Faster delivery of high-quality software Software
More informationImproving RoI by Using an SDL
Improving RoI by Using an SDL This paper discusses how you can improve return on investment (RoI) by implementing a secure development lifecycle (SDL). It starts with a brief introduction to SDLs then
More informationAccenture Human Capital Management Solutions. Transforming people and process to achieve high performance
Accenture Human Capital Management Solutions Transforming people and process to achieve high performance The sophistication of our products and services requires the expertise of a special and talented
More informationRealizing the Breakthrough Economics of Linux and Open Source through Hybrid Development. Tim Yeaton, President and CEO Black Duck Software
Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development Tim Yeaton, President and CEO Black Duck Software Linux Collaboration Summit April 9, 2009 Agenda Current Market
More informationOptimize Application Performance and Enhance the Customer Experience
SAP Brief Extensions SAP Extended Diagnostics by CA Objectives Optimize Application Performance and Enhance the Customer Experience Understanding the impact of application performance Understanding the
More informationHP Fortify application security
HP Fortify application security Erik Costlow Enterprise Security The problem Cyber attackers are targeting applications Networks Hardware Applications Intellectual Property Security Measures Switch/Router
More information