Software security expert and CEO Jeff Payne discusses best practices for protecting your software delivery process from supply chain attacks in our next Coveros Conversation.
Software security expert and CEO Jeff Payne discusses best practices for protecting your software delivery process from supply chain attacks in our next Coveros Conversation.
As a developer, it’s important to make code readability a priority. Explore four simple practices to make your code readable and much easier to work with.
Explore four different threat modeling methodologies—STRIDE, PASTA, Trike, VAST—and assess their strengths and weaknesses.
Note Web Deploy is typically not directly invoked at the command line, and is instead called by Visual Studio as a part of deployment using a GUI. It is poorly documented and not made to be user friendly on the command line. Better tools (e.g. Chef) exist for this type of work, and should be […]
Another week, another preventable, high-profile tech disaster. The Iowa Democratic Party used a mobile app to pull results from statewide precincts for the Iowa caucus. While there were many reasons why this application failed, the Democratic Party left it to “coding issues.” Anyone with any degree of experience can tell you this excuse really means they […]
When everything is agile, it can be difficult to stay productive. Changing requirements and priorities often necessitate task switching, which takes a toll on your concentration, accuracy, and efficiency. This gets more complicated when your schedule is also agile. The usual productivity tips apply best to those working in a typical office with typical hours. What […]
People tend to thrive in environments where they feel safe. Organizations often consider the physical safety of their individuals, but fewer consider the implications of intellectual and emotional safety in driving company success. Leaders have the opportunity to help engineer a generative culture, where team members feel safe, supported, and trusted to think creatively and innovate. […]
Scrum. Kanban. Lean. XP. SAFe. RUP. Scrum of Scrums. There are many frameworks available to organizations that are maturing their agile software development process. However, the use of some frameworks can help reinforce agile behaviors, while others can be degenerative and actually drive an organization to revert to more waterfall-like software development. The choice of […]
Artificial intelligence is one of the fastest growing fields in the technology world, but there’s still a lot of uncertainty surrounding what truly qualifies as AI, the different types of AI, and how quickly AI is advancing. First, it’s important to set a framework about what AI is. While there isn’t one accepted definition, most […]
Welcome to the second half of my two-part blog on Understanding Session Management. In part 1, we covered what was session management and started digging into some possible attack types associated with this vulnerability. Here we will continue to look into other associated attack types. 4. Cross-Site Request Forgery (CSRF) – Severity: High “Cross-Site Request […]
