AmberPoint, Parasoft integrate SOA products

“In the SOA context,” said ZapThink analyst Jason Bloomberg, “quality becomes more than a design-time set of activities, but actively includes runtime management. By establishing feedback loops that integrate runtime governance data into design-time test artifacts, organizations will be better able to build high-quality services in an iterative manner.”

Read more at: SD Times

Parasoft and AmberPoint Announce Joint Solution for Ensuring Reliable, Compliant SOA Applications

“Because SOA implementations involve increasingly distributed and complex systems, it becomes more challenging to create the sophisticated testing scenarios required for quality assurance across the service lifecycle,” said Jason Bloomberg, Managing Partner, ZapThink. “These challenges threaten to extend testing lifecycles and reduce agility, but more importantly, they jeopardize system security and reliability. The integration between AmberPoint and Parasoft addresses these issues, giving organizations an automated way to generate realistic, true-to-production scenarios for exercising their services.”

Read more at: Amberpoint Press Release

ZapThink Podcast: Practical SOA: London, UK – April 25, 2008 – Sneak Peek

Special ZapThink “Sneak Preview” of Practical SOA: London, UK event on April 25, 2008 features:

Jason Bloomberg, Managing Partner, ZapThink

Nicolas Farges, Technical Architect, GE Capital Solutions Europe

Roy Varughese, Chief Architect, ABN AMRO (Global Clients)

Francois Lascelles, Director of Client Solutions, Layer 7 Technologies

Rix Groenboom, Parasoft

Peter Steel, EMEA Technology Manager, DataDirect

Listen to this Podcast and you will get a “Sneak Peek” at what all the presenters will be speaking about at our Practical SOA: London, UK event on April 25, 2008.

Simplifying Services Testing: InfoWorld Reviews Five Tools

David Linthicum’s recently wrote about the complexities of SOA testing on his InfoWorld blog. He points out there are really three dimensions to SOA testing: Services, processes and performance. I think he does a great job of summing up why you shouldn’t underestimate SOA testing:

What’s key here is to remember that you’re testing architecture, and not an application. Thus, the complexity of the system, and the approaches and tools used for testing, goes way up.

Read more at: IT Business Edge

Software AG CentraSite Community

Written by Tony Baer, Associate Analyst, ZapThink.

Governance is drawing significant attention from the boardroom down as a result of heightened regulation, increased competition, and constant change in the marketplace. There are two faces to SOA governance. On one hand, SOA governance simply means governing a SOA implementation initiative—for example, communicating corporate policies to developers implementing Services, and giving them the tools they need to follow those policies as they assemble the various elements of the SOA implementation. On the other hand, there’s a broader, more strategic definition of SOA governance: IT governance in the context of SOA.

Software AG takes a big picture view to SOA governance, based on the premise that SOA governance extends well beyond the governing of Web Services. It believes that the extensible nature of SOA requires a similarly extensible strategy to governance. Software AG has established the CentraSite Community as its strategy for providing a SOA governance solution that customers can adapt to their unique business and technology needs. Organizationally, the CentraSite Community promotes shared wisdom through its collaborative online presence. Architecturally, Software AG CentraSite registry/repository supports the community through its extensible data model and broad standards based approach. Because the CentraSite Community does not impose a one-size-fits-all governance solution, customers can implement the right governance recipe to meet their unique business needs.

SOA Vendors Link For Interoperability

ZapThink analyst Ronald Schmelzer, whose research firm covers distributed computing, said it’s not particularly surprising that software powers are not there.

He said larger platform vendors will always push the fact that interoperability starts and ends with their platform primarily, and then secondarily to other products, while members of SOA Link know that other products, platforms, and infrastructure have to play in order for the group to prosper.

“This means that any SOA Link-implementing vendor acknowledges that they will interoperate with all other SOA Link vendors, including platform competitors,” Schmelzer said.

“It would be harder for the platform vendors to get a win by making such a claim. However, if customers start demanding this sort of vendor-neutral interoperability, then yes, at some point, these bigger fish will have to join the party.”

Read more at: InternetNews

IT companies are hooking up like divorcees at a Vegas wedding chapel

The ZapThink guys have it right that this is only the second inning (given the weather, it can’t be too soon for baseball metaphors) of a nine-inning outing of SOA components and supplier consolidation.

Read more at: ZDnet

Testing & QA in the Web Services World

Jason Bloomberg of Zapthink adds, “The silo problem is more complex than just operational security people on one hand and developers and QA on the other. The way people are approaching security is changing. You can no longer rely on a barrier-type metaphor – inside trusted, outside not trusted. That approach no longer works. The traditional barrier approach operates on the OSI stack, and that’s entirely inadequate for dealing with SOA security. XML can come in, but it’s just text. The traditional firewalls just don’t know what’s inside the message. The security issue impacts content-aware networking – message assembly, encryption, decryption, forwarding, etc. – that is part of the SOA architecture.” And all of that needs to be tested.

Zapthink’s Bloomberg observes that adoption of Web services and service-oriented architectures has taken longer than expected. In his view, customers are still struggling with testing in SOA environments. “If all you’re thinking about is Web services themselves (standards-based interfaces) – you send it test data, load-test it, etc. – that’s a no-brainer and involves traditional testing disciplines. But when you talk about SOAs, that’s something altogether different.” Back in 2002 Bloomberg and Zapthink developed a timeline outlining their expectations for what would be required. (See the updated version of the timeline, reflecting slower-than-anticipated adoption rates.)

Bloomberg notes that governance has two sides. “If you have an SOA, you want to handle governance in a service-oriented fashion, but you have to build the right governance policies as well.” Governance has an IT operational perspective as well as a business perspective.

Read more at: Software Magazine

Toward Better Operational Agility, Performance

Gone are the days when government agencies could afford
to resist technology innovation or
cling to traditional processes. “It
used to be that government could
change at a slow, leisurely pace,”
says Jason Bloomberg, senior analyst at I.T. advisory and analysis firm ZapThink
in Waltham, Mass.

“But today, government is changing just as fast as business to accommodate
political and cultural conditions.” When it comes to I.T. systems that support the
government, organizations need solutions that drive cross-agency visibility,
collaboration, and information sharing.

Read more at: CIO Today

Automated testing tools foster pervasive security

However, one of the challenges to this type of pervasive security is that many developers only have a minimal level of security training under their belts. In addition, “the average developer would just as soon not have to worry about it,” said Jason Bloomberg, a senior analyst at ZapThink LLC in Waltham, Mass. “If the developer’s job is to code business logic, then he would just as soon security was handled for him. The more you can do to automate the security part of what the developer does, the better.”

“Testing as part of development is a best practice overall; it’s part of an agile approach,” Bloomberg said. “It’s a critical part of building Web services and service-oriented architectures.”

Read more at: SearchWebServices