Martin Nally addressed the audience about how to improve Software Economy & achieve agility at scale:
Introduced 2 framework to achieve the above
> RCA (Report Collaborate Automate) to complete the project 1 month early.
It is very much needed that the requirements are well defined
> MCIF (Measured Capability Improvement Framework) best practice for SDLC which tells us how to isolate the activities.
He adds that Software economy is balancing risk & opportunity
Neeraj Chandra:- Smart Product for Smart Planet
He started off his presentation with a saying “You can’t cut the way to success”
Innovation is more about solving a problem on ground reality and reducing complexity. Recession is a curse & this IT down turn will end and then we need to take up this opportunity. Future will see Smarter products like
Mobile Computing, Smart Transport, health care, energy & aero-scope. A products major failure is most of the time the embedded software. Concludes by saying that “Rational Software’s are Smart product existing in this yet to be - Smart Planet”
Session on Mashups: Defined as :-Lightweight web application created by combined contents from different app with some new insight. Eg being igoogle and Google Map. Helps in building
Best Practice in Mashup Application is to know what to combine & how to combine
WebSphere feature pack & RAD for Web 2.0 Application Development: This feature has SOA for web 2.0 + Ajax Messaging & Ajax Development feature, DOJO toolkit 1.0 to avoid browser behave differently.
- Support 3 tire architecture,
- Eclipse integration in RAD
- DOJO project setup
- GWT integration not possible
- Exploring EJB as a REST is easy by just configuring it in RAD
- WebSphere feature can be used in Eclipse
John Burroughs on Web Security tool AppScan:
Security is recession proof. When market was down security went up. We see 75% Application attacks & 25% network attack. The latest version of Appscan can scan across SOA, DOJO & Flash application. We see only 20% of OS attacks and Web App attacks are 55%. SQL Injection is the No1 vulnerability. AppScan is
the tool which can detect vulnerability at production, build, development phase.
Ø AppScan coding test is integrated at IDE and supports all IDE’s
Ø AppScan for development level editing is a plug-in
Ø They acquired Ounce Labs so that they could do white box testing after which the next version of AppScan released in Oct 08 had code analysis tool.
* Join ISS initiative
* AppScan ISS site Protector
* Jazz security Software delivery platform
Phase of Security Vulnerability: Coding, Build, QA Testing & Product
Stealing data & gaining popularity amongst pears are the major reason for cyber crime.
Growth in Complexity & Web 2.0 has made security more needed the solution to fight against would be to train the developers in security and more investment in security.
After those 2 days of lab & session packed knowledge bag made me feel proud of being an IBMer and believe that Rational tools need to be more in-use to get agility in place from real world to SDLC.