Related Content

Combination padlock for security Continuous Security in Agile Development

"Continuous" gets mentioned a lot in agile and DevOps, but one area that often doesn’t get enough attention is how to continuously build, test, and deliver secure applications. Just like for quality, you can’t test security in, so you need to have a plan for how to build it in. Here are some tips on how to do that.
Jeffery Payne's picture
Jeffery Payne
March 29, 2019
Illustration from Aesop's fable "The North Wind and the Sun" Aesop and Agile: A Moral for Effective Teamwork

When a manager sees a problem on their team, they often want to act quickly to correct it. But if you take a “fix it” mentality too far, while you might get past the initial impediment, you have done little to help the team work better in the future. Let's look at another approach, based on one of Aesop's Fables.
Steve Berczuk's picture
Steve Berczuk
March 26, 2019
Software team working on a failing project Achieve Success by Joining a Failing Project

We all want to be associated with success, so when there’s a failing project, most of us want nothing to do with it. However, if you’re looking for a way to give your career a boost, you may want to rethink that. If you’re not afraid of a challenge, here are some ways embracing a failing project can help your career.
Richard Estra's picture
Richard Estra
March 25, 2019
NSA NSA Adds to Open Source Tools and Tech Transfer Program

The National Security Agency recently released several of the agency’s software tools as open source and added new technologies to the NSA technology transfer program patent portfolio that are ready for licensing. Could leveraging any of these technologies help your efforts?
Pamela Rentz's picture
Pamela Rentz
March 21, 2019
Espresso being poured into a cup of water and mixing Integrating Threat Modeling into Agile Development

Threat modeling helps you determine where to focus your security testing efforts when building your app. But people often wonder how it can fit into their existing agile software development process. Here are three things you can do to integrate threat modeling into your agile workflow, either early on or mid-project.
Alan Crouch's picture
Alan Crouch
March 13, 2019
Asphalt with painted arrows pointing in three directions The Good, the Practical, and the Expedient

When a process isn't working, you'll have to make a choice that will help move things along. However, some choices are less about inspecting and adapting than about getting things done quickly, and that incurs risk. To manage this risk you need to be aware of the differences between "practical" and "expedient."
Steve Berczuk's picture
Steve Berczuk
March 12, 2019
A manager and employee having a one-on-one meeting Alleviate Employees’ Stress through One-on-Ones

Simply having one-on-ones because they’re expected is not enough to realize their potential. To make one-on-ones effective, as the manager, you’ve got to be available, prepared, and engaged. It has to be more than a one-way status update. Here's how to use these meetings to promote trust, growth, and creativity.
Jason Wick's picture
Jason Wick
March 11, 2019
"No code" typed inside brackets Merging New Codeless Test Automation with Your Existing Code-Based Test Scripts

Adopting a codeless solution can be an amazing boost to quality, productivity, and tester career growth, but in most organizations, such test suites will have to be merged into existing code-based test scripts. To succeed, developers, testers, and management all should consider the differences between the two options.
Eran Kinsbruner's picture
Eran Kinsbruner
March 8, 2019