During my career as a technology leader I have worked on PCI security, lawsuits, federal and state compliance, foreign market launches and acquisitions. All of these have regulatory, compliance and legal aspects to them, and over time I’ve come to realize we are bad at dealing with such things—really bad. At the heart of being […]
Lean Security: How Better Development Can Protect Your Business
If companies are to reach their strategic goals—reducing time to market, boosting sales, improving product market fit and brand image, and cutting cybersecurity costs—then it’s time for a new outlook on software security. Today’s business leaders must learn to see security for what it is: A differentiating factor. Companies with reputations for secure developmental processes […]
Evolving to Continuous Testing
As agile development practices mature and DevOps principles infiltrate our corporate cultures, organizations are realizing the distinct opportunity to accelerate software delivery. However, when you speed up any process, immature practice areas such as testing and roadblocks become much more pronounced. It’s the difference between driving over a speed bump at 5 mph vs. 50 […]
Rugged DevOps: Less Capture the Flag, More Teamwork
At the recent DEVNEXUS conference in Atlanta, I caught up with Chris Corriere to talk about his experiences in the realm of Rugged DevOps. Chris is a DevOps Engineer at AutoTrader and a contributor here at staging-devopsy.kinsta.cloud. During our conversation, we discussed automation, culture and collaboration, and which thought leaders he is following. Chris also shared insights on […]
How to lower risk in agile development
The increasing complexity of application development and subsequent rise of Agile development is changing the risk appetite in many software development organizations. Unless you’ve got an application which is highly regulated or mission-critical, it’s rarely feasible or sensible to manage Quality Assurance within the zero-bug environment often associated to Waterfall. Software development teams can become […]
Ensuring security and managing risk in enterprise DevOps
Today’s question in this recurring series comes from a developer in a typical large enterprise – risk averse, tightly controlled, highly secured – a major challenge to any DevOps transformation: Q. I work in a large government department that is tight on security. We have strict policies on separation of duties, can’t share users IDs […]