The Agile Manifesto Principles: Deliver Working Software
You Can’t Rush Agile Change
Working software is the primary measure of progress. There’s often a huge difference between working software and complete software. In agile, nothing is ever really complete, and working software doesn’t have to be fully finished to bring value to the end user. A lot of time in agile, you’re not going to complete a whole […]
Agile and DevOps Bring the Focus Back on Quality
Too often, organizations try to rush agile change. It is usually because they want to see the business benefits of agile as quickly as possible. Unfortunately, change doesn’t work like that—you can’t rush it. In fact, trying to change too fast often results in no change at all. Here are some examples to avoid.
Continuous Security in Agile Development
I’ve had the privilege (and the many challenges) of working in IT for more than three decades. Early in my career I tended to accept things as they were presented, following the techniques, processes, guidelines, and approaches I was taught by my peers and managers. As I gained experience and wisdom, I became a better independent thinker and started to connect the dots and ask questions.
Continuous Improvement Activities beyond the Retrospective
The word continuous gets thrown around a lot when talking about agile and DevOps. One area that often doesn’t get enough attention is how to continuously build, test, and deliver secure applications.Just like for quality, you can’t test security in, so you need to have a plan for how to build it in from the ground up. Here are some tips on how to do that.
The Agile Manifesto Principles: Self-Organizing Teams
One of the principles behind the Agile Manifesto is “At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.” Unfortunately, many associate that practice with performing team retrospectives at the end of a sprint, or periodically in kanban. But if you seek to build a high-performing team, there are more improvement activities you should consider adopting.
Leveraging Kubernetes as a Tester
The best architectures, requirements, and designs emerge from self-organizing teams. The cultures that are trying to adopt agile are usually command-and-control, because most organizations are. This means that there’s a boss who tells their subordinates what to do, and then those subordinates tell their subordinates what to do. Agile attempts to flip that script upside […]
Accountability on Agile Projects
With the advent of agile and DevOps, organizations are moving from specialized roles to cross-functional teams—and that means cross-functional sharing of the specialized tools used in each silo. So it’s not unreasonable for a tester to need access to the tools used in those other silos, such as Kubernetes. Kubernetes is a scalable, production-grade container […]
The Importance of Goal Alignment in Agile and DevOps
A common refrain Brian Hicks hears from management in organizations transitioning to agile is, “if the teams are self-directed and get to choose how much work they do, how can i be sure they are working hard enough?”
Integrating Threat Modeling into Agile Development
I work and interact with multiple software development teams. Some are just beginning their agile and DevOps journeys and others are well on their way, but they have many of the same questions or concerns: How do we get all team member roles on the same page? How do we communicate and collaborate more effectively […]
Adopting agile in your program comes with inherent benefits around transparency and delivery, but it also often requires changes to other business practices to align with a more iterative way of developing software. Threat modeling helps you determine where to focus your security testing efforts when building your app, so it’s a useful practice. But one […]