Choosing between a Pen Test and a Secure Code Review

Secure Code Reviews (bringing someone in from outside of the team to review/audit the code for security vulnerabilities) and application…

Read More »

Estimating Might Be Broken, But It’s Not Evil

Ron Jeffries’s essay Estimation is Evil talks about how absurd estimating can be on a software project, and the nightmare…

Read More »

7 Agile Best Practices that You Don’t Need to Follow

There are many good ideas and practices in Agile development, ideas and practices that definitely work: breaking projects into Small…

Read More »

What does Code Ownership do to Code?

In my last post, I talked about Code Ownership models, and why you might want to choose one code ownership…

Read More »

Code Ownership – Who Should Own the Code?

A key decision in building and managing any development team is agreeing on how ownership of the code will be…

Read More »

Architecture-Breaking Bugs – when a Dreamliner becomes a Nightmare

The history of computer systems is also the history of bugs, including epic, disastrous bugs that have caused millions of…

Read More »

Penetration Testing Shouldn’t be a Waste of Time

In a recent post on “Debunking Myths: Penetration Testing is a Waste of Time”, Rohit Sethi looks at some of…

Read More »

War Games, Pair Testing and Other Fun Ways to Find Bugs

I’ve already examined how important good testing is to the health of a project, a product and an organization. There’s…

Read More »

How do you measure Devops?

If you’re trying to convince yourself (or the team or management) that your operations program needs to be changed for…

Read More »