These are generally called "application compliance" or "application quality assurance" tools; I work for a Fortune 500 company and we use the term application quality assurance tools. In our case we have off-the-shelf tools that manage application changes through a "code checkout" process (developers must log when code is being edited or is in use, and then denote when the work is finished) that is followed by a scan of the application changes that have been "checked in" for security and quality compliance.
There are actually many off-the-shelf products that do this type of quality control. CA Inc., EMC Corp., IBM, Oracle Corp. and others have some form of application change control and/or monitoring software. But keep in mind, this software can come in two forms -- real-time or periodic audit discovery -- and you have to decide if your enterprise needs one or both functions. Real-time systems manage and control developer access and changes (similar to the off-the-shelf tools I described above), and then there are audit-discovery tools that periodically go out into the infrastructure, detect changes on applications and systems, and generate reports on any changes detected, usually in audit report format. The change-control tools are mature, but the audit-discovery tools are still fairly new, and their capabilities vary as to how well they can capture change information, especially in a complex, large and diversified environment like those found in many Fortune 500 companies.
For more information:
- How can quality assurance tools aid software development? Read more.
- Learn more about testing software with automated quality assurance tools.
Dig Deeper on Privileged access management
Related Q&A from Randall Gamby
Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading
Enterprises need a full understanding of the FIDO authentication framework before switching to its technology. Expert Randall Gamby looks at the most... Continue Reading
A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.