An Innovative Approach to Managing Software Requirements (MKS)     Paper

Requirements may be the most critical aspect of the software development cycle. Studies point to a more than 60% failure rate for software projects in the U.S., with poor requirements as one of the top five reasons. Managing requirements must be an integral part of an organizations overall development process, and is vital to mitigating risk on large development projects.

This paper introduces you to MKS Integrity for requirements management, the only solution available today built as an extension of an application lifecycle management platform. Further, this paper reviews the current state of the requirements management tools landscape and details how requirements are authored, captured and traced through the downstream lifecycle, how companies can utilize best practices such as parallel development and reuse in relation to requirements and how configuration management concepts such as versioning and base lining can be leveraged for advanced requirements management practice.

Repository-Centric Enterprise Architecture  (Enterprise Elements)     pdf

Enterprise Architecture modeling tools are used to capture complex knowledge about organizations and technology. Recently, the focus of enterprise architecture has shifted to a more holistic view necessitating the use of a repository-centric approach to analyze and optimize the portfolio of business strategies, organizational structures, business processes / tasks and activities, information flows, applications, and technology infrastructures across disparate modeling tools. This paper discusses the business value realized from consolidating of enterprise architecture artifacts into a single repository to support enterprise analysis and optimization using the Elements Repository.

Why Organizations Are Not Fully Protected by Standard Security Technologies  (Vericept)     pdf

Spam filters, anti-virus scanners, web blockers, and intrusion detection/prevention technologies are important security tools, but they still expose organizations to substantial risks of data loss while often lulling IT leaders into a false sense of security. Increasingly, security professionals are realizing the extent of damage caused by gaps in the capabilities of traditional security technologies.  This paper documents how these risks pose real dangers to organizations that need to protect their customer data as well as their own business strategies, intellectual property, and non-public financials. It concludes by explaining how Vericept products prevent needless data losses that can result from gaps in standard security technologies.

Hybrid Analysis An Approach to Testing Web Application Security (SPI Dynamics)     pdf

Testing Web applications for security defects is now considered a necessary part of the development process. However, none of the traditional methods of automated security testing provides comprehensive security coverage and accurate results for Web applications.  Only an approach that combines the strengths of both source code analysis and black box testing can be used to produce secure Web applications. This hybrid analysis approach can provide broad code coverage, identify all points of input to an application, track data as it moves through an application, and then validate the vulnerabilities it does find, ultimately resulting in more accurate results.

Intelligent Engines – The Next Generation in Web Application Security (SPI Dynamics)     pdf

Today’s Web application and Web services assessment products boast thousands of static checks for security vulnerabilities like Cross-site scripting and SQL Injection. The Web application assessment software vendors have essentially been in the game of who has the best vulnerability database with the most checks.  At the rate the industry is currently going with the growing number of checks, vulnerability databases will have tens of thousands of static checks in a few years. With that many checks, application scans will simply take too long. The industry has needed new technology to revolutionize the process of finding vulnerabilities.

Effective Requirements Definition and Management (Borland)     pdf

Software requirements engineering is a communication-intensive activity, at a minimum involving analysts, developers, business stakeholders and end users. Effective communication demands skilled requirements analysts, effective practices for requirements definition and management and tools to assist with these critical activities.  This paper describes some of the key requirements issues that affect nearly every software and systems development project. The paper also outlines practical strategies and an effective solution to help address many common problem areas.

Increasing Business/IT Relevance and Adaptability: Adopting Requirements Visualization (a META Group white paper)     pdf

By simulating applications before they are built, business analysts and IT managers can cut costs, reduce risk, and facilitate user adoption. Furthermore, improved requirements-gathering processes, including iterative approaches and simulation, can help organizations better manage outsourced or offshore development.  This white paper will focus on the ways in which improvements to requirements management processes — including simulation — and the adoption of appropriate automated tools can improve efficiency, increase business adaptability, and reduce costs.

Innovation Through Visualization
The Business Case For Software Simulation (iRise)     pdf

Using real world scenarios, this white paper will discuss how the iRise visualization platform can help businesses significantly reduce product risks, deliver applications faster, quickly taking advantage of new business opportunities and drive predictable, effective results.  iRise® offers an innovative software platform that enables business and IT analysts to quickly simulate and “test market” business applications before a single line of code is written.