Software code audits can be arduous and time-consuming, as today’s software projects use a mix of proprietary, commercial, and open source software. This article outlines a number of methods to simplify and streamline your audit process and understand the best practices in organizing, documenting, labeling, tracking, and managing open source and third-party content brought into software portfolios.
With open source components being used in more than 80 percent of commercial software developed today, ALM efforts must be altered to address them. Failing to do so may introduce unnecessary risks. This article outlines the potential risks associated with not managing open source as part of your ALM, and explains how these risks can be easily avoided.
Developers are distracted from coding by the need to interact with version control systems. Automation of branching, merging, and notifications allows developers to focus on coding. However, integration between the VCS and issue-tracking system, and preferably a continuous integration tool, is necessary to accomplish this goal.
This article talks about what release management is, then tells you how to implement the concepts in an organization by explaining what skills are needed, how release managers work within a team, and how the process is related to continuous integration.
When task completion falls behind and more work is lined up for later, you've entered the land of technical debt. This is particularly true in mobile app development. Brian Westendorf presents practical advice to avoid this situation.
Common practice suggests that lower severity defects shouldn't hold up a product release. Jennifer Gosden believes that, just as broken windows in a home can invite crime, letting lower severity defects linger results in poor overall product quality.
Alan Crouch addresses the question most commonly raised by those who are new to security testing: "How does security testing fit in my QA process?" Alan explains that security testing shouldn't be limited to the QA process, but instead should be applied throughout the entire software development lifecycle. Read this FAQ column for suggestions on how to improve your chances for success in catching security issues.
We've all been burned working with software code that, if not designed for long-term maintainability, results in expensive support over a product's lifetime. Kaushal explores three approaches that provide guidelines to ensure that software is designed with maintainability in mind. If you're a software developer, read this!
Much has been written about how to write microservices, but not enough about how to effectively deploy and manage them. Microservices architecture multiplies the number of deployables IT has to manage by at least ten. In that world, tooling to manage cloud deployments and related infrastructure has become essential for success, and Terraform and Docker are increasingly being leveraged to facilitate microservices environments. Derek Ashmore will share his hard-learned best practices for deploying and managing microservices in production. He will leverage true infrastructure as code using Terraform, the leading coding framework for building and managing change in cloud environments. That code is easily reused and makes it simple to deploy and scale software, including Docker images. You will learn not only how to establish that environment initially, but how changes can be effectively managed.
Developing software for the Internet of Things (IoT) comes with its own set of challenges and issues, including security, privacy, and unified standards. Each IoT product is comprised of (at least) three separate application components: the software embedded in the device, the backend...
Everyone is drawn to the cool new ways to connect devices to the Internet and make life easier—and a little more futuristic. But, do you know that IoT has been around since the past century? Theresa Lanowitz is one of the early advocates of what is now IoT and is thrilled that the pace of...
Are you creating clean, high performing code? Are you following the right development practices, but still don’t feel you are getting the recognition or success you deserve? The truth is that working harder and improving your programming skills are not enough. Great developers must...