Articles

Image of lock over code DevSecOps: Incorporate Security into DevOps to Reduce Software Risk

DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.

Alan Crouch
Examining code The Risks of Measuring Technical Debt

If your organization measures technical debt, have you really considered why you're doing this, and what you will do with that information once it has been gathered? Just because you can measure technical debt doesn't mean you should. Before you start (or continue) measuring technical debt, it's important to recognize that there are consequences.

Wayne Ariola Cynthia Dunlop
Question mark cursor Critical Questions to Ask When Choosing a Third-Party API

This article exposes the risks and hidden costs involved in the seemingly innocent decision of which third-party APIs to use to gather and report data, offload critical functionality, and save implementation time. It addresses some typical reasons the decision-making process over third-party use is overlooked, as well as how to make good choices confidently and consistently.

Paul Bruce
Sign: Change ahead The Lost Art of Change Control

Change control exists to review and approve important modifications, but done wrong, you chance confusion, chaos, failures, and outages. Poorly run change control wastes everyone’s time, but far worse is the missed opportunity to assess and manage risk. Here, Bob Aiello gets you up to speed on the lost art of change control.

Bob Aiello

Better Software Magazine Articles

managing risk Managing Risk in an Agile World

Most software projects take great pains to identify and mitigate risks. Traditional risk analysis techniques can be subjective, time-consuming, and complicated. All it takes is a simple spreadsheet.

Jeremy Jarrell
A Radical View of Software Licensing and Piracy

Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing  technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.

Steven Cholerton
Reading the Tea Leaves: Predicting a Project's Future

Project assessment and forecasting aren't magic. Payson Hall examines six factors that can increase the likelihood of project success.

Payson Hall
Using Mission and Risk Diagnostics to Enhance Business Continuity

Noah Gamer explains that mission and risk diagnostics provide an excellent approach to risk management for any company. Using these elements together, an organization can create a better business continuity strategy. While risk is not always bad, identifying and mitigating risks can help your organization achieve success.

Noah Gamer

Interviews

Kerry Cox Jr. discusses risk and the importance of data encryption A Discussion on Data Encryption: An Interview with Kerry Cox Jr.
Podcast

Kerry Cox Jr. of Simplified Network Solutions talks about his recent work with Project Sierra, data encryption, the risks often overlooked in our ever-connected world, and how working for the government has helped to shape his career and views on the importance of Internet security.

Cameron Philipp-Edmonds

Conference Presentations

BSE Testing Agile Testing Is All about Risk—Not Bugs and Quality
Slideshow

Many organizations make huge investments in software testing, and unfortunately they often don’t understand or extract full value from these activities. This can lead to testing being viewed as a mere formality or necessary evil within an organization. Fortunately, we can deliver more...

Heather Fullen
BSE Testing Risk Aware, Not Risk Averse
Slideshow

Most of us dread failures. But things go wrong. We can become paralyzed by the fear of being the creator of the next outage or critical bug. After a failure, we often hold a postmortem, but this rarely addresses how we can be more proactive in preventing catastrophes. Considering our...

Siva Katir
Agile DevOps Metrics to Assess Risk in DevOps
Slideshow

As software development becomes more value-focused, the need for a fluid production process emerges. That process is DevOps. However, when the number of release cycles rises, so does the risk of disruptive code entering the system and eroding the value that development creates. 

Bill Dickenson
STAREAST 2015: Risk-Based Testing for Agile Projects
Slideshow

Many projects implicitly use some kind of risk-based approach for prioritizing testing activities. However, critical testing decisions should be based on a product risk assessment process using key business drivers as its foundation. For agile projects, this assessment should be both...

Erik van Veenendaal, Improve IT Services BV

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.