The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...
Software development teams face increasing pressure to deliver high-quality apps on-time and within budget. Unfortunately, according to recent study results, those teams aren’t often equipped with the right tools and appropriate technology to adequately meet the demands of customer needs at low costs and in short timeframes. This reality often translates into applications that reflect poorly on the business.
Conventional approaches to software development aren’t making the grade anymore, according to data included in the just released CA Technologies “Business Benefits of Service Virtualization” Study. CA Technologies commissioned independent firm Coleman Parkes to conduct research on the topic and in the process, interview some 301 in-house software development managers from large enterprises with revenues of more than $1 billion or equivalent in the U.K., France and Germany. The results reveal that software development teams face myriad challenges, not the least of which is maintaining a positive image for their business.
More than half (56%) of respondents reported that a consequence of their constrained test environments is “loss of reputation in the market.”
Another 48% indicated they had experienced a “loss of customers to competitors.”
Those figures alone are enough to warrant an overhaul to software development and test processes, but add to that the 45% who said they deliver new customer offerings late, and with reduced functionality for 39%.
And about one-third (32%) cited an increase in calls to customer support due to the limitations of their current software development and testing process.
The demands being put on these groups is increasing, despite many (55%) reporting having to work with reduced application budgets.
The average number of releases expected to be delivered by these groups is 6.4, but nearly one-third (29%) are expected to deliver 10 or more new releases per year. That means software development and test teams in these organizations are working at a pace of nearly one new release per month.
In addition, two-thirds of the respondents reported that they expect the functionality in each release to improve, meaning more code – or more potential for bugs and a heightened need for thorough testing.
The classic “cost, quality, schedule” triangle of software development and testing is becoming more difficult to attain, considering these increased release schedules and growing demand for improved functionality. That could by why more than two-fifths (44%) of survey respondents indicated they would be moving to a cloud-based development and test environment and nearly half (49%) were switching to agile development methods. The benefits they project include reduced costs (76%), increased quality (70%) and shorter development cycles (57%).
Benefits of Service Virtualization
Service virtualization technology could address several of the challenges software development managers encounter today. This new approach to the development and testing of applications – using a virtual service environment that imitates a real production environment – helps reduce costs, increase application quality and shorten development cycles.
This technology can eliminate the problem 90% of respondents cited with availability of systems and applications, such as databases and mainframes, for development and test purposes. And it can reduce the manual data 69% said represents a challenge with test environments, as well as do away with the high-maintenance requirements 56% cited and cut the expense in creating the test environments 55% indicated was a challenge.
Service virtualization allows testers to remove constraints from the software development lifecycle, and it enables test teams to test an application using virtual infrastructure that has been configured to imitate a real production environment. It does not require a large upfront capital investment and it allows testers to easily change variables to test for various scenarios.
Denise Dubie is New Media Principal in CA Technologies Thought Leadership Group.