-
Software Development
Yes Small Companies Can – and Should – Build Secure Software
‘For large software companies or major corporations such as banks or health care firms with large custom software bases, investing…
Read More » -
Software Development
Peer reviews for security are a waste of time?
At this year’s RSA conference, one of the panel’s questioned whether software security is a waste of time. A panellist,…
Read More » -
Software Development
Appsec at RSA 2013
This was my second time at the RSA conference on IT security. Like last year, I focused on the appsec…
Read More » -
Software Development
A Bug is a Terrible Thing to Waste
Some development teams, especially Agile teams, don’t bother tracking bugs. Instead of using a bug tracking system, when testers find…
Read More » -
DevOps
Releasing more often drives better Dev and better Ops
One of the most important decisions that we made as a company was to release less software, more often. After…
Read More » -
Software Development
Code and Code Reviews: What’s in a Name?
In a code review a developer needs to look at the code from two different perspectives: Correctness. Is the code…
Read More » -
Software Development
Appsec and Technical Debt
Technical debt is a fact of life for anyone working in software development: work that needs to be done to…
Read More » -
Agile
Design Doesn’t Emerge from Code
I know a lot of people who are transitioning to Agile or already following Agile development methods. Almost all of…
Read More » -
Software Development
Frankensystems, Half-Strangled Zombies and other Monsters
There are lots of ugly things that can happen to a system over time. This is what the arguments over…
Read More »
