standards

Articles

Standards checkmark Who Needs Standards, Anyway?

Many CM experts are familiar with the guidance found in the IEEE, ISO, and ANSI/EIA industry standards. But if you want to really accelerate your agile development, it is wise to learn what is involved with implementing such industry standards. Bob Aiello explains the different types of standards and how organizations go about creating them.

Bob Aiello's picture Bob Aiello
Yak Go Bimodal in Your Enterprise: Stop Shaving the Yak!

Going bimodal refers to an enterprise supporting two modes of operation: the first, the stable mode, is the secure, robust, reliable one you already know. The second, the agile mode, is a fast path that exists alongside the first and allows you to get results done quickly and without much fuss while not compromising the integrity of your IT.

Zeev Avidan's picture Zeev Avidan
Examining code Simplifying Your Software Code Audit

Software code audits can be arduous and time-consuming, as today’s software projects use a mix of proprietary, commercial, and open source software. This article outlines a number of methods to simplify and streamline your audit process and understand the best practices in organizing, documenting, labeling, tracking, and managing open source and third-party content brought into software portfolios.

Kate  Andreeva's picture Kate Andreeva
Gears: CM architecture How Enterprise Configuration Management Architecture Fits with DevOps

When it comes to DevOps, the fundamentals of CM may be forgotten (erroneously) by some practitioners. DevOps tools can be strategic assets, but they are not as important as established CM standards and process. It's up to us as practitioners to ensure that the DevOps tool chain implementation supports the corporate CM policy.

Dennis Furr's picture Dennis Furr

Better Software Magazine Articles

Software Testers Should Know about ISO 29119

The ISO/IEC/IEEE 29119 has defined a set of requirements for testing software. As a member of the ISO working group, Jon Hagar wants you to know the basics and why testing teams should consider this recommendation.

Jon Hagar's picture Jon Hagar
Does Anyone Really Do All That Is Recommended by the ISTQB Tester Certifications?

In this FAQ column, Claire Lohr discusses the International Software Testing Qualifications Board's (ISTQB) syllabi for topics related to software testing and it's application and usage among those who perform some aspect of testing.

Claire Lohr's picture Claire Lohr
Scrum or Kanban—Which Is Better?

In this FAQ column, Arlen Bankston defines the roles of Scrum and kanban and describes how the two agile methodologies can be complementary, each ideal for different situations, or blended to achieve the desired outcome.

Arlen Bankston's picture Arlen Bankston
A Radical View of Software Licensing and Piracy

Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing  technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.

Steven Cholerton's picture Steven Cholerton

Conference Presentations

STARCanada Logo Accessibility Standards and Testing Techniques: Be Inclusive or Be Left Behind
Slideshow

While Information and Communication Technology (ICT) accessibility for a wider spectrum of users—including the blind—and their interfaces is being required by law across more jurisdictions, testing for it remains limited, naïve, and too late. The consequences of staying ignorant include...

David Best, Sandy Feldman, and Rob Harvie
Information Obfuscation: Protecting Corporate Data
Slideshow

With corporate data breaches occurring at an ever-alarming rate, all levels of organizations are struggling with ways to protect corporate data assets. Rather than choosing one or two of the many options available, Michael Jay Freer believes that the best approach is a combination of tools and practices to address the specific threats. To get you started, Michael Jay introduces the myriad of information security tools companies are using today: firewalls, virus controls, access and authentication controls, separation of duties, multi-factor authentication, data masking, banning user-developed MS-Access databases, encrypting data (both in-flight and at-rest), encrypting emails and folders, disabling jump drives, limiting web access, and more. Then, he dives deeper into data masking and describes a powerful data-masking language.

Michael Jay Freer, Quality Business Intelligence
Creating Great User Experiences: Tips and Techniques
Slideshow

Many software people look at creating great user experiences as a black art, something to guess at and hope for the best. It doesn't have to be that way! Jennifer Fraser explores the key ingredients for great user experience (UX) designs and shares the techniques she employs early-and often-during development. Find out how Jennifer fosters communications with users and devs, and works pro-actively to ensure true collaboration among UX designers and the rest of the team. Whether your team employs a formal agile methodology or not, Jennifer asserts that you need an iterative and incremental approach for creating great UX experiences. She shares her toolkit of communication techniques-blue-sky brainstorming sessions, structured conversation, and more-to use with different personality types and describes which types may approach decisions objectively versus empathetically.

Jennifer Fraser, Macadamian
Security Testing: Thinking Like an Attacker

Compared to traditional functional testing, security testing requires testers to develop the mindset of real attackers and pro-actively look for security vulnerabilities throughout the software development lifecycle. Using live demos, Frank Kim shows you how to think-and act-like a hacker. Rather than just talking about issues such as Cross Site Scripting (XSS), SQL Injection, and Cross Site Request Forgery (CSRF), Frank shows-live and in color-how hackers abuse potentially devastating defects by finding and exploiting vulnerabilities in a live web application. Find out how attackers approach the problem of gaining unauthorized access to systems. Discover the tools hackers have that you don't even know exist and how you can find critical security defects in your production apps. In this revealing session, you'll learn how to become a better tester and find serious security vulnerabilities in your systems before the bad guys do.

Frank Kim, ThinkSec

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.