Articles

left arrow Shift Left: Now for Open Source and Security Compliance

Shifting left has been focused on testing proprietary code earlier. But at what point in the lifecycle are you checking your open source compliance and ensuring you do not have security vulnerabilities? If you shift this process left and perform it earlier in your software development lifecycle, just like with testing, you can see the same benefits of saving time, money, and headaches.

Rami Sass's picture Rami Sass
Question mark cursor Critical Questions to Ask When Choosing a Third-Party API

This article exposes the risks and hidden costs involved in the seemingly innocent decision of which third-party APIs to use to gather and report data, offload critical functionality, and save implementation time. It addresses some typical reasons the decision-making process over third-party use is overlooked, as well as how to make good choices confidently and consistently.

Paul Bruce's picture Paul Bruce
Examining code Simplifying Your Software Code Audit

Software code audits can be arduous and time-consuming, as today’s software projects use a mix of proprietary, commercial, and open source software. This article outlines a number of methods to simplify and streamline your audit process and understand the best practices in organizing, documenting, labeling, tracking, and managing open source and third-party content brought into software portfolios.

Kate  Andreeva's picture Kate Andreeva
Sign: Change ahead The Lost Art of Change Control

Change control exists to review and approve important modifications, but done wrong, you chance confusion, chaos, failures, and outages. Poorly run change control wastes everyone’s time, but far worse is the missed opportunity to assess and manage risk. Here, Bob Aiello gets you up to speed on the lost art of change control.

Bob Aiello's picture Bob Aiello

Better Software Magazine Articles

cyber thief What if Someone Steals Your Code?

Bob Zeidman, an expert in software forensics, provides a great overview of how to protect your software from predators. You'll learn the difference between copyrights, trade secrets, and patents.

Bob Zeidman's picture Bob Zeidman
Pitfalls of Developing for the IoT

The Internet of Things (IoT) enables amazing software-powered devices designed to make our business and personal lives easier. Lev Lesokhin discusses four fundamental practices you'll need when  developing sophisticated software for the IoT.

Lev Lesokhin's picture Lev Lesokhin
Your Professional Responsibility for Security and Performance

It is Johanna Rothman's belief that security and performance are no longer nonfunctional requirements in modern-day software development. Instead, we must prepare to accommodate security and performance needs in all projects.

Johanna Rothman's picture Johanna Rothman
A Radical View of Software Licensing and Piracy

Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing  technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.

Steven Cholerton's picture Steven Cholerton

Interviews

Jeff Payne Getting Started with Security Testing: An Interview with Jeff Payne
Video

In this interview, Jeff Payne, the CEO and founder of Coveros, talks about software security. He discusses the Internet of Things and how it relates to safety-critical devices, some useful tools, how testers can test for security, and how DevOps pushes that process earlier in your lifecycle.

Jennifer Bonine's picture Jennifer Bonine
Gene Gotimer Testing Faster, Better, and Cheaper with Continuous Delivery: An Interview with Gene Gotimer
Video

In this interview, Gene Gotimer, the senior architect at Coveros, explains how you can test better, deploy features into production faster with continuous delivery, and arrange your tests so each round provides just enough testing to give you confidence.

Josiah Renaudin's picture Josiah Renaudin
Thomas Stiehm Testing with a DevOps Approach: An Interview with Tom Stiehm
Video

In this interview, Tom Stiehm of Coveros explains how you can integrate test automation with DevOps to create a continuous testing environment. In this performance-driven environment, software development, testing, and operations must evolve to meet iteration and release delivery goals.

Jennifer Bonine's picture Jennifer Bonine
Kerry Cox Jr. discusses risk and the importance of data encryption A Discussion on Data Encryption: An Interview with Kerry Cox Jr.
Podcast

Kerry Cox Jr. of Simplified Network Solutions talks about his recent work with Project Sierra, data encryption, the risks often overlooked in our ever-connected world, and how working for the government has helped to shape his career and views on the importance of Internet security.

Cameron Philipp-Edmonds's picture Cameron Philipp-Edmonds

Conference Presentations

Agile DevOps The T-Shaped Scrum Team: Get in Shape for Your Future
Slideshow

Today, agile teams are being asked to do more than ever before. The notion of a T-shaped person, created by Tim Brown (CEO of IDEO) in the 1990s, describes a new breed of worker—one who goes beyond the standard, assigned role. Mary Thorn believes that the roles of team members can stretch...

Mary Thorn
Mobile Dev Test Vulnerabilities and Bugs in Mobile Apps with Quick Tours
Slideshow

As mobile devices, tools, operating systems, and web technologies rapidly evolve, testers in this changing domain must quickly adapt their thinking. Testers often struggle to find critical vulnerabilities and bugs in mobile applications due to lack of guidance, experience, and the right...

Raj Subramanian
Mobile Dev Test A New Approach to IoT Safety, Risk, and Vulnerability Analysis
Slideshow

The ugly truth is that the interconnection of devices with IoT systems can lead to failures which result in physical injury, unacceptable risk, or cybersecurity vulnerabilities. Preventing such accidents requires identifying hazards, risks, and security vulnerabilities during development.

Gregory Pope
Mobile Dev Test Building and Testing Secure Mobile Apps
Slideshow

Mobile application development is now a mission-critical component of IT organizations and a big part of the software industry’s landscape. Due to the security threats associated with mobile devices, it is critical we build our apps—from the ground up—to be secure and trustworthy. However...

Alan Crouch

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.