 |
|
 |
|
|
|
|
|
|
|
|
|
|
Policy drives expected behavior throughout the SDLC, promoting predictable outcomes.
| |
Delivers an actionable set of tasks that are measurable through completion.
| |
Provides the control needed to continuously improve the process of delivering business applications.
|
|
Policy-Driven Process
Parasoft Policy Center converts management expectations into measurable tasks and enforcement points throughout the
development process. For example, assume that management wants to implement a policy for developing secure code.
Policy Center can turn on the tasks of peer code review, pattern-based static analysis, and flow-based static
analysis and then parameterize those tasks give specific standards (e.g. PCI-DSS, OWASP, HIPAA, or customized rules etc.).
Parasoft Concerto then measures and reports to a vast array of management expectations and development tasks,
delivering real-time policy compliance data.
Centralized Policy Application
Parasoft Policy Center can be applied to drive any policy or combination of policies that your organization has decided to enforce. For example:
- Aerospace & Defense
- Automotive
- Medical
- Security
- Process Improvement
- DO-178B/C, DO-278, JSF
- ISO 26262, MISRA, ASIL, SIL
- FDA Guidelines, IEC 62304
- PCI, OWASP
- CMMI, Six Sigma, ISO 9001
|
Actionable, Measurable Policies
The reactive nature of how management expectations are expressed and measured poses a significant risk to organizations.
The lack of a coordinated governance mechanism also severely hampers IT productivity; you cannot improve what you
cannot measure.
Parasoft Policy Center solves this pervasive challenge by translating management goals and expectations into executable
and measurable actions. Management expectations are set by defining what practices are required as well as when and how
to apply them. Related tasks are then seamlessly integrated throughout the SDLC and unobtrusively monitored for compliance.
For example, policy may require that each "checked in" code modification triggers the appropriate automated tests
(static analysis scans, regression test execution, etc.) and peer code review requests-then any reported issues be
resolved within two days. Policy compliance is measured and reported in real-time for management visibility.
If policy expectations are not met, Parasoft Concerto reminds the responsible team member and ensures that the
associated requirement is not marked as complete until the issue is resolved.
Based on Decades of Experience
Parasoft is the industry leader in defect prevention–in fact, we wrote the book on it (Automated Defect Prevention,
Wiley-IEEE, 2007). With 20+ years of experience working with 58% of the Fortune 500 companies, Parasoft knows how to
seamlessly integrate defect prevention into the SDLC–which is key to making it adoptable and sustainable. Parasoft Policy Center captures this expertise so it can be applied to any development process or environment.
|
|
|
