Whether embedded or business applications, or both; enterprises run major software enterprises.
Recognizing this fact, IT organizations have fundamentally changed the ways their people, processes, and technologies deliver applications. We’re seeing projects with offshore or near-shore support structures; a process shift away from document-heavy methods like Waterfall to flexible ones like Agile; and new technologies such as richer clients (RIA), cloud computing, service-based architectures and composite applications. These initiatives characterize modern application delivery:STABILITY/AGILITY: Where once the primary goal was that the application not fall over in production – effectively, get the damn thing stood up, and back away – now the expectation is that the application will undergo regular (weekly, monthly) change and be accordingly responsive. Think of it as the Siebel vs. Facebook paradigm – the move to the always on / always available / constantly changing application. “Do as I ask” / “Bring me ideas”: IT is no longer an esoteric back-office function, there simply as order-takers for the business. The business and IT are attached at the hip, and the primacy of the application means that the biz now looks to IT to provide innovative ideas about what is possible – how customers can be better reached, with greater efficiency, etc.COST REDUCTION: Yesterday, IT was the engine for biz cost reduction. Now, IT itself is also a target for cost reduction.EXHAUSTIVE / JUST ENOUGH: Where once IT processes were characterized by heavy documentation and exhaustive checklists, increasingly we see a borrowing from manufacturing’s lean principles so that the new flexible processes (and applications) aim for “just enough” documentation/features.“Does it work”/”Does it impress”: This again reflects the application’s evolution to its primary spot in the business. Where in the Web 1.0 days the main concern was simple data-entry screens and the corresponding business validation, RIA/Web 2.0 is pushing for applications for richer, more impressive applications that truly advance the company’s brand, both inside and outside the company’s walls.
Despite having the right objectives and having adopted the principles of modern delivery, application teams continue to experience frustration in the results. Why?
BTOS-WE-0900 Twitter hashtag #HPSWU
HP Applications Strategies for the Modern Lifecycle
The Application Reality ERP inventory management Most enterprises run major software operations. wikis supply chain PoS mobile apps HR billing website payments order entry Embedded software CRM
4 Footer goes here Business agility depends on application agility.
Application Delivery: Yesterday & Today P people DISTRIBUTED TEAMS CO-LOCATED TEAMS P process FLEXIBLE METHODS SEQUENTIAL METHODS P tech. THIN CLIENT, SELF-CONTAINED COMPOSITE, CLOUD, RIA
New Pressures on Delivery Fundamentals Has anyone verified the new GUI is secure? What are the working parts of the app? Have we covered all requirements? use cases, burn charts tests, milestones Nearly 60% of IT leaders say distributed teams significantly impacts productivity. –Forrester On average, 25% of application defects are found by customers. –Capers Jones An enterprise raises 2,000-70,000 RFCs per month. –Gartner Predictable outcome? Responsive to change? High quality apps?
Restore Core Delivery Fundamentals UNIFIED SHARED ASSETS Predictable outcome? High quality apps? Responsive to change?
The Invisible Lifecycle PLAN “For a business application that is used for 15 years, the cost to go live is, on average, 8% of the lifetime TCO.” RUN DELIVER RETIRE –Gartner
Solve for the Complete Lifecycle Burn rate, go/no-go metrics Seamless RFC capture and prioritization Architectural policies & compliance PLAN DevOps integration for performance SLAs RUN Data archival, application end-of-life DELIVER RETIRE
HP Lifecycle Solutions & Operating Principles PLAN DELIVER RUN RETIRE COMPLETE LIFECYCLE COVERAGE Modular Business Availability HP ALM Project & Portfolio Management Records Management Integrated Quality Center Deployment Automation Archiving Heterogeneous SOA Systinet Perform Center Best-in-class Service Management App. Security Center CORE LIFECYCLE EXCELLENCE Traceability & Insight Unified Platform Simplified Web Access Technology Agnostic Powerful Automation Quality at the Center
Preview: Applications 11 Modern Solutions for Modern Delivery
Legacy Delivery: Islands, Point Tools & Brute Force Replace w/ revision Project Manager Functional Test Engineer Performance Engineer Manual Testers Application Security Biz Analyst Developer (Java) Developer (MSVS) Developer (.NET)
Modern Delivery with HP Application Solutions Replace w/ revision QC11 Plan & Track PC11/LR11 Project Manager HP Sprinter Functional Test Engineer Performance Engineer Manual Testers SINGLE REPOSITORY, UNIFIED PLATFORM ASC+Fortify HP ALM11 Application Security RM11 + BPM Biz Analyst Developer (Java) Developer (MSVS) Developer (.NET)
Reliably Predict Program Outcomes Define and measure progress metrics Real-time assessment of program health Summary and drill-down capabilities Embed status into other tools Single unified view HP ALM 11 Project Planning & Tracking
Align to the Business Process Model (BPM) Comprehensive Requirements Traceability
Integratewith business process modeling tools, link requirements to BPM
See requirements coverage at project or release level
Standardize requirements definitionwith rich text editor + templates
Trace relations between requirements, process paths, defects & tests
Link requirements to tests, developer tasks & defects
Fortify Software Background Founded 2003 Since 2004, over 800 successful deployments Trusted by more governments agencies than any other security vendor Veteran management team Market-defining and award-winning products 200 Employees, HQ San Mateo, CA Selected as the Market Leader in the Gartner Magic Quadrant, released February 5, 2009 Fall 2010: HP acquires Fortify
Technical integration is already underway Hybrid 2.0 Next generation application security analysis The first and only deep integration of dynamic and static application security analysis HP & Fortify products work together during analysis to produce better results Not just “after the fact” batch comparisons Best-of-breed cornerstone technologies Dramatic increase in the correlated data Substantial benefits to the business Efficient use of costly resources Reductions in “time to fix” Increased visibility into lifecycle risk
Benefits to Customers Provides Comprehensive Application Security Assurance Solution: Combination has broadest software solution set in the marketplace. Accelerates the Time-to-Security for All Critical Applications: Best-of-breed products and services, including hybrid analysis, to protect applications and sensitive data from malicious attacks. Proactively Reduces Business Risk: Solution provides foundation to move from reactive remediation to proactive prevention and ability to scale to application security Centers of Excellence (CoEs).