Dependency Checking Your Ruby Application

Dependency Checking Your Ruby Application Checking your application’s dependencies for known vulnerabilities is a critical, relatively low effort step you should take to secure your application, which you may have read about in another recent article: What is SCA? Compared to the wealth of tools used for dependency checking in, for example JavaScript,  there’s not […]

Read more
Shifting Security Left: The Innovation of DevSecOps

Application security, or AppSec, is hard. For development teams, it often comes into development late in a release cycle and demands changes to the software that seem unreasonable. For the AppSec team, being introduced to a project after the application has been designed and much of the code has been written means there will be […]

Read more
Rethinking Your Measurement and Metrics for Agile and DevOps

One of the key conversations organizations and teams forget about in their transition to agile and DevOps is updating their measurement and metrics plan. Many companies are still using measurements and metrics from the traditional waterfall software development lifecycle. While some of these remain useful, many may not provide value to the team or organization—and […]

Read more
Agile Tips to Make the Most of Conferences

Time spent at a conference is precious, so you should make sure there is a return on that investment. What better way to do so than to leverage agile ideas? Here are a few tips based on the principles behind the Agile Manifesto for getting the most out of attending a conference. Embrace change Like […]

Read more
Career Options for Testers in the Age of Agile and DevOps
Team of business professional looking at laptop

I’m often asked about the future of the testing role. Should I change my career direction? What’s in store for testing roles? Will there be a need for quality and testing expertise in the future? As a quality engineer, or tester, or testing leader, where do I go from here? No one has a crystal […]

Read more
The Metrics behind High-Performing DevOps Organizations

The 2019 Accelerate State of DevOps report was recently released. This annual research compilation is a great resource to see what’s going on in the world of agile and DevOps. The report evaluates organizations against five key metrics, collectively called software delivery and operational performance metrics: Lead time for changes: How long does it take for a […]

Read more
Red Tape and Federated Users

Background A client recently wanted to move several DevOps and scanning tools into the cloud, to which they were in the process of proving out and transitioning. We had a number of security scanning and static analysis tools, along with corresponding dashboards and a continuous integration server to orchestrate them. All of these tools were […]

Read more
X