|
DevSecOps: Incorporate Security into DevOps to Reduce Software Risk DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.
|
|
|
Agile Testing Is All about Risk—Not Bugs and Quality
Slideshow
Many organizations make huge investments in software testing, and unfortunately they often don’t understand or extract full value from these activities. This can lead to testing being viewed as a mere formality or necessary evil within an organization. Fortunately, we can deliver more...
|
Heather Fullen
|
|
Risk Aware, Not Risk Averse
Slideshow
Most of us dread failures. But things go wrong. We can become paralyzed by the fear of being the creator of the next outage or critical bug. After a failure, we often hold a postmortem, but this rarely addresses how we can be more proactive in preventing catastrophes. Considering our...
|
Siva Katir
|
|
Metrics to Assess Risk in DevOps
Slideshow
As software development becomes more value-focused, the need for a fluid production process emerges. That process is DevOps. However, when the number of release cycles rises, so does the risk of disruptive code entering the system and eroding the value that development creates.
|
Bill Dickenson
|
|
Managing Risk in an Agile World Most software projects take great pains to identify and mitigate risks. Traditional risk analysis techniques can be subjective, time-consuming, and complicated. All it takes is a simple spreadsheet.
|
|
|
The Risks of Measuring Technical Debt If your organization measures technical debt, have you really considered why you're doing this, and what you will do with that information once it has been gathered? Just because you can measure technical debt doesn't mean you should. Before you start (or continue) measuring technical debt, it's important to recognize that there are consequences.
|
|
|
Critical Questions to Ask When Choosing a Third-Party API This article exposes the risks and hidden costs involved in the seemingly innocent decision of which third-party APIs to use to gather and report data, offload critical functionality, and save implementation time. It addresses some typical reasons the decision-making process over third-party use is overlooked, as well as how to make good choices confidently and consistently.
|
|
|
The Lost Art of Change Control Change control exists to review and approve important modifications, but done wrong, you chance confusion, chaos, failures, and outages. Poorly run change control wastes everyone’s time, but far worse is the missed opportunity to assess and manage risk. Here, Bob Aiello gets you up to speed on the lost art of change control.
|
|
|
Four Risks You Can Avoid by Making Open Source Management Part of Your ALM With open source components being used in more than 80 percent of commercial software developed today, ALM efforts must be altered to address them. Failing to do so may introduce unnecessary risks. This article outlines the potential risks associated with not managing open source as part of your ALM, and explains how these risks can be easily avoided.
|
|
|
STAREAST 2015: Risk-Based Testing for Agile Projects
Slideshow
Many projects implicitly use some kind of risk-based approach for prioritizing testing activities. However, critical testing decisions should be based on a product risk assessment process using key business drivers as its foundation. For agile projects, this assessment should be both...
|
Erik van Veenendaal, Improve IT Services BV
|