security

Articles

Image of lock over code DevSecOps: Incorporate Security into DevOps to Reduce Software Risk

DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.

Alan Crouch
Tweezers plucking a password out of code Conducting Security Testing for Web Applications

As cyber attacks continue to create panic, the threat to our applications and data in the digital sphere grows stronger. Enterprises in the connected world need to realize that security testing is essential for their web applications. They need modern, all-inclusive security testing plans from the inception of their projects to ensure a secure user experience. Here's how to get started.

Ketan Sirigiri
A touchscreen with connected IoT devices IoT Security Should Start with the UI Setup

IoT security is a large and changing topic, but there is one basic starting point where device security can be improved during development and testing: the user interface. The UI should be the first line of defense, but it’s currently weak in most IoT devices. Implementing better practices during the initial UI setup will go a long way toward improving security.

Jon Hagar
Volkwagen car emissions What IoT and Embedded Device Testers Can Learn from the Volkswagen Emissions Scandal

In 2015, it was discovered that Volkswagen had equipped millions of its cars with software to cheat on diesel emissions tests. It was a team of independent testers that uncovered the fraud. Jon Hagar tells testers what they can take away from the scandal and gives some recommendations to consider in order to improve the test industry for IoT and embedded systems.

Jon Hagar

Better Software Magazine Articles

cyber thief What if Someone Steals Your Code?

Bob Zeidman, an expert in software forensics, provides a great overview of how to protect your software from predators. You'll learn the difference between copyrights, trade secrets, and patents.

Bob Zeidman
Pitfalls of Developing for the IoT

The Internet of Things (IoT) enables amazing software-powered devices designed to make our business and personal lives easier. Lev Lesokhin discusses four fundamental practices you'll need when developing sophisticated software for the IoT.

Lev Lesokhin
Your Professional Responsibility for Security and Performance

It is Johanna Rothman's belief that security and performance are no longer nonfunctional requirements in modern-day software development. Instead, we must prepare to accommodate security and performance needs in all projects.

Johanna Rothman
A Radical View of Software Licensing and Piracy

Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing  technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.

Steven Cholerton

Interviews

Randy Rice Test Strategies and the Importance of Security: An Interview with Randy Rice
Video

In this interview, Randy Rice, a leading author, speaker, and consultant in software testing and software quality, details the importance of being able to articulate your test strategy. He also explains why you need to have security at the top of your mind when dealing with software.

Jennifer Bonine
Jeff Payne Getting Started with Security Testing: An Interview with Jeff Payne
Video

In this interview, Jeff Payne, the CEO and founder of Coveros, talks about software security. He discusses the Internet of Things and how it relates to safety-critical devices, some useful tools, how testers can test for security, and how DevOps pushes that process earlier in your lifecycle.

Jennifer Bonine
Wilson Mar Innovations within the Internet of Things: An Interview with Wilson Mar
Video

In this interview, Wilson Mar, an architect, developer, performance tester, and manager, talks with Jennifer Bonine about cutting-edge technologies in 3D printing and the Internet of Things. He talks about the importance of security and automation, and what we can expect down the road.

Jennifer Bonine
Gene Gotimer Testing Faster, Better, and Cheaper with Continuous Delivery: An Interview with Gene Gotimer
Video

In this interview, Gene Gotimer, the senior architect at Coveros, explains how you can test better, deploy features into production faster with continuous delivery, and arrange your tests so each round provides just enough testing to give you confidence.

Josiah Renaudin

Conference Presentations

Agile DevOps The T-Shaped Scrum Team: Get in Shape for Your Future
Slideshow

Today, agile teams are being asked to do more than ever before. The notion of a T-shaped person, created by Tim Brown (CEO of IDEO) in the 1990s, describes a new breed of worker—one who goes beyond the standard, assigned role. Mary Thorn believes that the roles of team members can stretch...

Mary Thorn
Mobile Dev Test Securing your IoT Implementations
Slideshow

As the Internet of Things is deployed across a wide range of industrial, consumer, and business environments, of special interest and concern is the need to implement IoT solutions with careful attention to security. While many of the challenges in IoT security are similar to the...

Tim Hahn
Mobile Dev Test Vulnerabilities and Bugs in Mobile Apps with Quick Tours
Slideshow

As mobile devices, tools, operating systems, and web technologies rapidly evolve, testers in this changing domain must quickly adapt their thinking. Testers often struggle to find critical vulnerabilities and bugs in mobile applications due to lack of guidance, experience, and the right...

Raj Subramanian
Mobile Dev Test A New Approach to IoT Safety, Risk, and Vulnerability Analysis
Slideshow

The ugly truth is that the interconnection of devices with IoT systems can lead to failures which result in physical injury, unacceptable risk, or cybersecurity vulnerabilities. Preventing such accidents requires identifying hazards, risks, and security vulnerabilities during development.

Gregory Pope

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.