Whether embedded or business applications, or both; enterprises run major software enterprises.
Recognizing this fact, IT organizations have fundamentally changed the ways their people, processes, and technologies deliver applications. We’re seeing projects with offshore or near-shore support structures; a process shift away from document-heavy methods like Waterfall to flexible ones like Agile; and new technologies such as richer clients (RIA), cloud computing, service-based architectures and composite applications. These initiatives characterize modern application delivery:STABILITY/AGILITY: Where once the primary goal was that the application not fall over in production – effectively, get the damn thing stood up, and back away – now the expectation is that the application will undergo regular (weekly, monthly) change and be accordingly responsive. Think of it as the Siebel vs. Facebook paradigm – the move to the always on / always available / constantly changing application. “Do as I ask” / “Bring me ideas”: IT is no longer an esoteric back-office function, there simply as order-takers for the business. The business and IT are attached at the hip, and the primacy of the application means that the biz now looks to IT to provide innovative ideas about what is possible – how customers can be better reached, with greater efficiency, etc.COST REDUCTION: Yesterday, IT was the engine for biz cost reduction. Now, IT itself is also a target for cost reduction.EXHAUSTIVE / JUST ENOUGH: Where once IT processes were characterized by heavy documentation and exhaustive checklists, increasingly we see a borrowing from manufacturing’s lean principles so that the new flexible processes (and applications) aim for “just enough” documentation/features.“Does it work”/”Does it impress”: This again reflects the application’s evolution to its primary spot in the business. Where in the Web 1.0 days the main concern was simple data-entry screens and the corresponding business validation, RIA/Web 2.0 is pushing for applications for richer, more impressive applications that truly advance the company’s brand, both inside and outside the company’s walls.
Despite having the right objectives and having adopted the principles of modern delivery, application teams continue to experience frustration in the results. Why?
Transcript of "HP Applications: Strategies for the Modern Lifecycle"
BTOS-WE-0900<br />Twitter hashtag #HPSWU<br />
HP Applications<br />Strategies for the Modern Lifecycle<br />
The Application Reality<br />ERP<br />inventory management<br />Most enterprises run major software operations.<br />wikis<br />supply chain<br />PoS<br />mobile apps<br />HR<br />billing<br />website<br />payments<br />order entry<br />Embedded software<br />CRM<br />
New Pressures on Delivery Fundamentals<br />Has anyone verified the new GUI is secure?<br />What are the working parts of the app?<br />Have we covered all requirements?<br />use cases, burn charts<br />tests, milestones<br />Nearly 60% of IT leaders say distributed teams significantly impacts productivity. <br />–Forrester<br />On average, 25% of application defects are found by customers.<br />–Capers Jones<br />An enterprise raises 2,000-70,000 RFCs per month. <br />–Gartner<br />Predictable outcome?<br />Responsive to change?<br />High quality apps?<br />
The Invisible Lifecycle<br />PLAN<br />“For a business application that is used for 15 years, the cost to go live is, on average, 8% of the lifetime TCO.”<br />RUN<br />DELIVER<br />RETIRE<br />–Gartner<br />
Solve for the Complete Lifecycle<br />Burn rate, go/no-go metrics <br />Seamless RFC capture and prioritization<br />Architectural policies & compliance<br />PLAN<br />DevOps integration for performance SLAs<br />RUN<br />Data archival, application end-of-life<br />DELIVER<br />RETIRE<br />
Reliably Predict Program Outcomes<br />Define and measure progress metrics <br />Real-time assessment of program health<br />Summary and drill-down capabilities<br />Embed status into other tools<br />Single unified view <br />HP ALM 11 Project Planning & Tracking<br />
Align to the Business Process Model (BPM)<br />Comprehensive Requirements Traceability<br /><ul><li>Integratewith business process modeling tools, link requirements to BPM
See requirements coverage at project or release level
Standardize requirements definitionwith rich text editor + templates
Trace relations between requirements, process paths, defects & tests
Link requirements to tests, developer tasks & defects</li></li></ul><li>Introducing HP Sprinter 11 (HP ALM and QC)<br />NEW!<br /><ul><li>Screen capture and annotation
Fortify Software Background<br />Founded 2003 <br />Since 2004, over 800 successful deployments <br />Trusted by more governments agencies than any other security vendor <br />Veteran management team <br />Market-defining and award-winning products <br />200 Employees, HQ San Mateo, CA<br />Selected as the Market Leader in the Gartner Magic Quadrant, released February 5, 2009<br />Fall 2010: HP acquires Fortify<br />
Technical integration is already underway<br />Hybrid 2.0<br />Next generation application security analysis<br />The first and only deep integration of dynamic and static application security analysis<br />HP & Fortify products work together during analysis to produce better results<br />Not just “after the fact” batch comparisons<br />Best-of-breed cornerstone technologies<br />Dramatic increase in the correlated data<br />Substantial benefits to the business<br />Efficient use of costly resources<br />Reductions in “time to fix”<br />Increased visibility into lifecycle risk<br />
Benefits to Customers<br />Provides Comprehensive Application Security Assurance Solution: Combination has broadest software solution set in the marketplace.<br />Accelerates the Time-to-Security for All Critical Applications: Best-of-breed products and services, including hybrid analysis, to protect applications and sensitive data from malicious attacks.<br />Proactively Reduces Business Risk: Solution provides foundation to move from reactive remediation to proactive prevention and ability to scale to application security Centers of Excellence (CoEs).<br />