Related Content
Code Integration: When Moving Slowly Actually Has More Risk Many decisions about code branching models are made in the name of managing risk, and teams sometimes pick models that make integration harder in the name of safety. Moving slowly and placing barriers to change can seem safer, but agile teams work best when they acknowledge that there is also risk in deferring change. |
||
Choosing the Right Threat Modeling Methodology Threat modeling has transitioned from a theoretical concept into an IT security best practice. Choosing the right methodology is a combination of finding what works for your SDLC maturity and ensuring it results in the desired outputs. Let’s look at four different methodologies and assess their strengths and weaknesses. |
||
Fearless Refactoring, Not Reckless Refactoring Fearless refactoring is the agile concept that a developer should be able to incrementally change code without worrying about breaking it. But it's not believing that you don't need a safety net to detect and correct defects quickly when changes are made—that's just reckless. Here's how to avoid reckless refactoring. |
||
Comparing XML and JSON: What’s the Difference? XML (Extensible Markup Language) and JSON (JavaScript Object Notation) are the two most common formats for data interchange. Although either can be used to receive data from a web server, there are differences that set them apart. Here are the abilities and support for each option so you can choose what works for you. |
||
Shifting Security Left in Your Continuous Testing Pipeline Security is often the black sheep of testing—an afterthought that gets only a scan before release. We have to make security a first-class testing citizen with full-lifecycle support. For the best impact, introduce security testing into the early phases of the continuous testing pipeline. Here are some tools to help. |
||
Building a DevOps Army As you scale DevOps, you need more team members who understand the fundamentals. You could bring in external folks, but they're expensive and in short supply, so start building your DevOps army now by training existing employees. Here's what testers, developers, and IT operations professionals each need to know. |
||
Strategically Using Slack Time after a Release When you've worked for months on a big software release, afterward you may want to jump into the next project. But building in some slack time between sprints is a good idea. After a big release, there will probably be more work as new users discover bugs in your software. Plan for some more testing and development. |
||
Best Practices of the DevSecOps Elite: A Slack Takeover with DJ Schleen Thought leaders from the software community are taking over the TechWell Hub to answer questions and engage in conversations. DJ Schleen, a DevSecOps advocate, hosted this Slack takeover and discussed all things DevSecOps, including challenges to integrating security into your practices and getting management support. |