Application Security Testing: An Integral Part of DevOps
Every twelve months, an old year finishes and a new year starts. In this case, 2004 is now over and 2005 is well under way. It seems that the economy is no longer the topic of discussion and that people are no longer as scared of layoffs. In fact, it seems that there are more positions opening up and that jobs in newer technologies, such as .NET, are starting to become more available.
Last year, I presented a bit of overview information on what was coming in 2004 from a number of companies. A number of these products did come to market. This includes new versions of Java as well as some interesting other tools and products such as Sybase's PocketPowerBuilder. Not surprisingly, a few missed—such as the release of Yukon from Microsoft. All in all, it wasn't a stellar year for product releases, but it wasn't horrible either.
But, 2004 is over and now it is time to look at what is coming this year—in 2005. Strangely, as I put this article together, some of the major companies didn't have a lot to say. Others have huge plans for the year. Others still have already released major products and it is only January!
Over at IBM
Over at IBM, the programmers paint 2005 in broad terms. They see Service-Oriented Architecture (SOA) as being important. In addition to SOA, mobile and embedded computing will continue to be significant in 2005. In terms of development approach, they see a continued focus on componentization.
Specific to SOA, they state that tools and techniques will be a major focus for the industry in 2005, especially in regard to identification, design, and modeling of Service-Oriented Development of Applications (SODA).
While the strokes are broad, the actions have already started. IBM has started this year by releasing 500 patents to the open source community. As such, it is a safe bet that IBM will continue to support and push Open Source in 2005.
Among the biggest news from IBM is that 2005 should bring a production release of IBM Lotus Notes/Domino 7. IBM Lotus Notes/Domino 7 recently entered public beta 3. The overall details of the new version are too extensive for this article, but an overview can be found on IBM's site at http://www-306.ibm.com/software/swnews/swnews.nsf/n/jmae64pgfa?OpenDocument&Site=lotus. Some of the enhancements include improved integration for password management and installation across the products. There are also scalability improvements at the same time as a reduction in CPU load (25% less). For applications, there is real-time integration as well as Web services hosting (Domino in J2EE applications), SQL and relational constructions (DB2 option), and much more.
Also coming from IBM in 2005 will be new capabilities in IBM Workplace Collaboration Services 2.5. This will include templates for applications and forms, APIs, Toolkits, new platforms, Microsoft Office and Windows Integration, a Notes application plug-in, and much more.
Other items to watch for from IBM in 2005 include IBM Workplace for Business Controls and Reporting 2.5/3.0, IBM Workplace for Strategy Execution 1.0/1.5, WebSphere Portal 5.1.1, and IBM Workplace Services Express 2.5
If you are using DB2, the enhancements coming in the area of support for XML should excite you. IBM Information Management Software is expected to provide persistence, search, and integration for XML to DB2. This will include a native XML storage manager in DB2 along with a new XML Data type and flexibility using XQuery. By using the DB2 Universal Database, you'll also be able to model information directly as XML. At a minimum, there should be betas of this new XML technology in DB2 in 2005. Otherwise, this technology will be seen as an integrated part of IBM's key products.
Over at Microsoft
If I were to speculate where the most noise in 2005 is going to come from, I'd point to the mountain in Seattle—Microsoft. While I can't get anyone to promise that SQL Server 2005 ("Yukon") will deliver in 2005, it is looking like it might. Even if it doesn't, the release of Visual Studio 2005 ("Whidbey") has been stated to be a "definite" event. Granted, putting 2005 into their names does increase the pressure on the developers at Microsoft to deliver!
Of course, if you have read my past articles and newsletters, you know that in July of 2003 I was stating that the release of Visual Studio 2005 was targeted for the end of 2004. That obviously didn't happen. When talking to several Microsoft product people in 2004, I presented the fact that they had been stating 2004 for this product. I received adamant responses that the product would release within the fiscal year for Microsoft. This translates to releasing before July 1st, 2005. We are several months closer to July, and it looks like this could happen, although a lot would have to occur first. I wouldn't expect the product to be in stores by then, but the first of the SKUs could hit manufacturing. Regardless, that would still put it solidly in 2005.
When I mention Visual Studio 2005, I include the .NET Framework 2.0 and all of the editions of Visual Studio that we've seen in the past. More importantly, I also include the new high-end Team System versions. It is the functionality of the high-end versions that will make this a notable release in 2005. Finally, this also includes the Express editions that went into beta this past summer. They will offer a more entry-level, "easier-to-use" version.
SQL Server 2005 is used by Visual Studio 2005 Team System. While nobody will publicly commit on the database's specific release date, the database may have to be released in some form for Visual Studio to release. That would indicate that some portion of the database needs to be released this year.
This may seem minor, but it's potentially important to developers using Microsoft technologies—the release of SQL Server 2005 Express Edition. This is a replacement for Microsoft's Desktop Engine (MSDE). This entry-level database has been stated to be free for developers to use. While it won't be overly scaleable, it will provide a database engine that can be used when small-scale database function is needed. MSDE was used in the past and had several limits. SQL Server 2005 Express will be much more effective. Additionally, if you do want to scale SQL Server 2005 Express, you will easily be able to move to the full version of SQL Server 2005.
Several other items can be expected from Microsoft in 2005, although their direct impact on developers may be less. MSN Messenger 7 is expected to release in 2005 with new features such as "Nudge" (a shaking of the IM window), and "Wink" (animated pictures that include sound). MSN Search should also be officially released. This is Microsoft's new search, which will have over five billion Web documents when it launches (see http://beta.search.msn.com for more information). Other products could include MSN Spaces, Windows Server 2003 Service Pack 1, Windows Server 2003x64 editions, Microsoft Identity Integration Server SP 1, Windows Update Services, Forecast 7.0 (a budget and planning application from FRx Software, a part of Microsoft Business Solutions), and the first official beta of "Longhorn" (the next version of Windows).
I'd say the mountain in Seattle is rumbling and that 2005 could see a major eruption of software...