Zeichick's Take: Who's Got the Security Tools?
June 21, 2007 —
(Page 1 of 2)
The software security tools market has been ripe for picking, for two reasons:
• We had a lot of small, privately held companies developing exciting, but in many cases, overlapping, technology, but those companies had trouble finding customers and going to market. Their exit strategy is to be gobbled up by a big fish.
• The big fish were significantly behind the times when it came to integrating security into their developer tools. Their business models favor buy-it instead of build-it for this type of technology, but they weren't buying.
Until recently, that is. Until this month, none of the big fish, like IBM Rational, Mercury (now part of HP), Microsoft, Oracle, Sun or Borland/CodeGear, had integrated security as part of their IDEs, test/QA tools or application life-cycle suites. The notable exception has long been Compuware, with its DevPartner SecurityChecker. It's only been a matter of time before the fish started munching, and frankly, I expected the feeding frenzy to start quite a while ago.
The dam broke a couple of weeks ago, when IBM announced the acquisition of Watchfire. On Tuesday, we had the second big move, as Hewlett-Packard said it will buy SPI Dynamics.
This is only the start. Microsoft needs to incorporate a top-quality security solution into Visual Studio Team System, encompassing not only the edition for software testers, but also the editions for architects and developers. This is a glaring weakness. While Microsoft could build the functionality itself (as it did with the other ALM tools in Team System), it would do better buying one of the existing players, and that's what I think the company will do.
Oracle is in a similar situation: It also doesn't have software security functionality, either baked into its tools or as standalone offerings. It's hard to predict what Oracle will do, whether it will build it, buy it or ignore it.
Borland and its CodeGear subsidiary are also behind the times. Software is a core part of the application life cycle, but there's no specific security offering in the Borland pantheon, even in its Silk and Gauntlet tools. As with Microsoft, Borland could build or buy, but I expect the company to buy it. I hope whatever it does gets baked back into the CodeGear IDEs; that's where software security belongs, as tightly integrated into the developer desktop as spellcheck is integrated into a word processor.
Share this link: http://sdt.bz/30759
Most Read Latest News Blog Resources
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Zeichick’s Take: Radio moves from analog waveforms to digital packets
Streaming radio highlights the need for streaming applications to be designed to take up as little bandwidth as possible
|
|
Appcelerator Acquires Cocoafish to Add Instant Mobile Cloud Capabilities to its Industry Leading Titanium Platform
Appcelerator Offers Messaging, Social, Location and Storage Mobile Cloud Services to All Mobile App Publishers
|
|
ComponentOne Releases a Collection of 40+ UI Widgets Powered by HTML5 and jQuery
ComponentOne has announced the 2012 release of Wijmo: a kit of UI widgets for HTML5 and jQuery development
|
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Top five apps to manage your workload
Web applications offer new ways to track your “to-do” lists
|
|
Not so fast when it comes to testing in the cloud
Developers face outsourcing, virtual lab management and mobile devices as obstacles
|
|
Xceed releases UX-focused suite for Microsoft’s WPF
"Blendables" helps match user experiences to developer visions
|
Are you at risk for burnout?
Burnout is a severe problem and it can strike at any time. Here's how to tell if you are nearing the edge.
|
|
Agility, mom, and apple pie
If we're to evaluate the state-of-the-art in software development, we should start with the values espoused in the Agile Manifesto.
|
|
RIM woos developers with free tablet
How do you get more apps ported to the BlackBerry PlayBook? By giving every developer a free tablet, of course!
|
|
GitHire: Use Headhunters to Find Your Perfect Programmer
Are you a hiring manager tired of scouring the job boards? Check out this new service that will find 5 people interested in your jobs.
|
The Hidden Costs of Software Licensing
Moving beyond paper-based software licensing to more flexible, software-based licensing is a business decision. There is a growing trend tow...
|
|
Case Study: You May Need a Development Mechanic
As a contractor for a major financial player in Germany, SOBEGE, a German-based consultancy specializing in embedded IT and web services, wa...
|
|
Ensuring Software Quality at a Major International Bank
One of the world’s leading international banks has adopted AgitarOne technology for delivering generated unit tests for their Java software...
|
|
Load Testing Adobe Flex Applications
Adobe Flex applications may be different from applications you’ve worked with before. For classic HTML web applications, the server does all...
|