Tuesday, September 8, 2009

Rational Software Conference 09 - Day 2

Martin Nally addressed the audience about how to improve Software Economy & achieve agility at scale:

Introduced 2 framework to achieve the above

> RCA (Report Collaborate Automate) to complete the project 1 month early.

It is very much needed that the requirements are well defined

> MCIF (Measured Capability Improvement Framework) best practice for SDLC which tells us how to isolate the activities.

He adds that Software economy is balancing risk & opportunity

Neeraj Chandra:- Smart Product for Smart Planet

He started off his presentation with a saying “You can’t cut the way to success”

Innovation is more about solving a problem on ground reality and reducing complexity. Recession is a curse & this IT down turn will end and then we need to take up this opportunity. Future will see Smarter products like

Mobile Computing, Smart Transport, health care, energy & aero-scope. A products major failure is most of the time the embedded software. Concludes by saying that “Rational Software’s are Smart product existing in this yet to be - Smart Planet”

Session on Mashups: Defined as :-Lightweight web application created by combined contents from different app with some new insight. Eg being igoogle and Google Map. Helps in building Enterprise. WebTop is the first mashup application.

Best Practice in Mashup Application is to know what to combine & how to combine

WebSphere feature pack & RAD for Web 2.0 Application Development: This feature has SOA for web 2.0 + Ajax Messaging & Ajax Development feature, DOJO toolkit 1.0 to avoid browser behave differently.

  • Support 3 tire architecture,
  • JavaScript developer Editor
  • JavaScript debugging – Firebug
  • Eclipse integration in RAD
  • DOJO project setup
  • GWT integration not possible
  • Exploring EJB as a REST is easy by just configuring it in RAD
  • WebSphere feature can be used in Eclipse

John Burroughs on Web Security tool AppScan:

Security is recession proof. When market was down security went up. We see 75% Application attacks & 25% network attack. The latest version of Appscan can scan across SOA, DOJO & Flash application. We see only 20% of OS attacks and Web App attacks are 55%. SQL Injection is the No1 vulnerability. AppScan is

the tool which can detect vulnerability at production, build, development phase.

Ø AppScan coding test is integrated at IDE and supports all IDE’s

Ø AppScan for development level editing is a plug-in

Ø They acquired Ounce Labs so that they could do white box testing after which the next version of AppScan released in Oct 08 had code analysis tool.

2009 RoadMap

* Join ISS initiative

* AppScan ISS site Protector

* Solving Enterprise Security Challenge

* Jazz security Software delivery platform

Phase of Security Vulnerability: Coding, Build, QA Testing & Product

Stealing data & gaining popularity amongst pears are the major reason for cyber crime.

Growth in Complexity & Web 2.0 has made security more needed the solution to fight against would be to train the developers in security and more investment in security.

After those 2 days of lab & session packed knowledge bag made me feel proud of being an IBMer and believe that Rational tools need to be more in-use to get agility in place from real world to SDLC.