Related Content
Choosing the Right Threat Modeling Methodology Threat modeling has transitioned from a theoretical concept into an IT security best practice. Choosing the right methodology is a combination of finding what works for your SDLC maturity and ensuring it results in the desired outputs. Let’s look at four different methodologies and assess their strengths and weaknesses. |
||
3 Software Testing Lessons from an Unlikely Source With people trying to stay isolated as much as possible due to COVID-19, going to the grocery store suddenly became something to strategize. At least making a plan, prioritizing risk, and being agile are business as usual for software testers. Here are some of the top lessons testers can learn from our current situation. |
||
3 Questions for Easier, Less Stressful Project Estimates In agile development, the idea of precise estimates is unrealistic. But estimates are needed to inform decision-makers about whether it's worth solving a problem as it is currently understood. It sounds counterintuitive, but instead of asking for one estimate of cost and schedule, ask for three. Here's why it's more useful. |
||
Fearless Refactoring, Not Reckless Refactoring Fearless refactoring is the agile concept that a developer should be able to incrementally change code without worrying about breaking it. But it's not believing that you don't need a safety net to detect and correct defects quickly when changes are made—that's just reckless. Here's how to avoid reckless refactoring. |
||
Defensive Design Strategies to Prevent Flaky Tests Flaky tests could be the result of issues in the code, but more often they are due to assumptions in the test code that lead to non-relatable results. There are many reasons that tests can fail intermittently, and some can be easily avoided by applying good defensive design strategies. It's all about making your code agile. |
||
Shifting Security Left in Your Continuous Testing Pipeline Security is often the black sheep of testing—an afterthought that gets only a scan before release. We have to make security a first-class testing citizen with full-lifecycle support. For the best impact, introduce security testing into the early phases of the continuous testing pipeline. Here are some tools to help. |
||
Building a DevOps Army As you scale DevOps, you need more team members who understand the fundamentals. You could bring in external folks, but they're expensive and in short supply, so start building your DevOps army now by training existing employees. Here's what testers, developers, and IT operations professionals each need to know. |
||
Strategically Using Slack Time after a Release When you've worked for months on a big software release, afterward you may want to jump into the next project. But building in some slack time between sprints is a good idea. After a big release, there will probably be more work as new users discover bugs in your software. Plan for some more testing and development. |