A Definition of Done for DevSecOpsIn DevOps, we have a software delivery pipeline that checks, deploys, and tests every build. The goal is to produce a viable candidate for production, so we have to look at many different aspects of quality, including security. To be sure we hit all the crucial marks, we should have a definition of done for DevSecOps.
Creating an Environment That Encourages ResilienceCreating environments at work that acknowledge that failures will happen—and supporting the efforts team members make to recover—can help your organization become more effective. You cannot predict every challenge, but by embracing risk and providing opportunities for people to experiment, you can be more productive.
How Do We Land This Thing? Planning for Go-Live and BeyondSome project managers have little experience bringing a project in for a landing, so they can be dismayed or just blindsided by organizational change needs and stakeholders’ expectations at delivery. Here is a checklist of some commonly forgotten items to address when a project goes live, so be sure to plan for them.
An Agile Approach to Change ManagementMany organizations are reluctant to introduce new tools or technologies, or even to update existing ones. The reason is often framed in terms of risk management, but agile teams already have the tools to manage the risk of change: testing and experiments. These approaches together eliminate gaps in risk identification.
Continuous Exploratory Testing: Expanding Critical Testing across the Delivery CycleContinuous testing entails executing automated tests to obtain rapid feedback on business risks. Where does that leave exploratory testing? Obviously, it doesn’t make sense to repeat the same exploratory tests across and beyond a sprint, but exploratory testing can be a continuous part of each software delivery cycle.
Using Feature Flags to Boost Testing and DeploymentA feature flag is a configuration setting that lets you turn a given feature on or off. There is no need for a feature to be complete before you can start testing—as soon as the first piece of code is merged, you can turn the flag on in your test environment and begin. This also reduces risk. Do you use feature flags?
4 Cyber-Security Actions to Protect from AttacksWith breaches and computer hacks, companies constantly need to keep information safe. If there are loopholes in your security process, you are putting your product—and customers—at risk. Here are four actions every security-conscious company and individual should implement to avoid becoming a victim of cyber attacks.
Insider Threats: What’s the Biggest IT Security Risk in Your Organization?Any modern company should give the line-of-business teams the ability to provision self-service, on-demand resources, but to ensure security, you have to do so in a way that has the necessary monitoring built in via automation. One good way is to use a cloud management platform that helps you keep your app secure.
