DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.
The Internet of Things (IoT) enables amazing software-powered devices designed to make our business and personal lives easier. Lev Lesokhin discusses four fundamental practices you'll need when developing sophisticated software for the IoT.
It is Johanna Rothman's belief that security and performance are no longer nonfunctional requirements in modern-day software development. Instead, we must prepare to accommodate security and performance needs in all projects.
Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.
In this interview, Jeff Payne, the CEO and cofounder of Coveros, explains why major companies just aren’t that good at security. He discusses how you can better protect your business, as well as why DevOps can and should be a key to your success.
In this interview, Tom Stiehm of Coveros explains how you can integrate test automation with DevOps to create a continuous testing environment. In this performance-driven environment, software development, testing, and operations must evolve to meet iteration and release delivery goals.
Paco Hope talks STARWEST 2014, his goals to reduce the stigma around security testing, and how you don't have to be a wizard to test the safety of your software. Paco also covers how security testing is like cooking, the future of security, and how he became interested in security testing.
Today, agile teams are being asked to do more than ever before. The notion of a T-shaped person, created by Tim Brown (CEO of IDEO) in the 1990s, describes a new breed of worker—one who goes beyond the standard, assigned role. Mary Thorn believes that the roles of team members can stretch...
As mobile devices, tools, operating systems, and web technologies rapidly evolve, testers in this changing domain must quickly adapt their thinking. Testers often struggle to find critical vulnerabilities and bugs in mobile applications due to lack of guidance, experience, and the right...
The ugly truth is that the interconnection of devices with IoT systems can lead to failures which result in physical injury, unacceptable risk, or cybersecurity vulnerabilities. Preventing such accidents requires identifying hazards, risks, and security vulnerabilities during development.
Mobile application development is now a mission-critical component of IT organizations and a big part of the software industry’s landscape. Due to the security threats associated with mobile devices, it is critical we build our apps—from the ground up—to be secure and trustworthy. However...