Security

Articles

	DevSecOps: Incorporate Security into DevOps to Reduce Software Risk DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.	Alan Crouch December 13, 2017
	Conducting Security Testing for Web Applications As cyber attacks continue to create panic, the threat to our applications and data in the digital sphere grows stronger. Enterprises in the connected world need to realize that security testing is essential for their web applications. They need modern, all-inclusive security testing plans from the inception of their projects to ensure a secure user experience. Here's how to get started.	Ketan Sirigiri September 25, 2017
	IoT Security Should Start with the UI Setup IoT security is a large and changing topic, but there is one basic starting point where device security can be improved during development and testing: the user interface. The UI should be the first line of defense, but it’s currently weak in most IoT devices. Implementing better practices during the initial UI setup will go a long way toward improving security.	Jon Hagar September 4, 2017
	What IoT and Embedded Device Testers Can Learn from the Volkswagen Emissions Scandal In 2015, it was discovered that Volkswagen had equipped millions of its cars with software to cheat on diesel emissions tests. It was a team of independent testers that uncovered the fraud. Jon Hagar tells testers what they can take away from the scandal and gives some recommendations to consider in order to improve the test industry for IoT and embedded systems.	Jon Hagar January 16, 2017

	Giving Control Back to Software Developers: An Interview with Mike Faulise Video In this interview, Michael Faulise, the founder and managing partner at tap\|QA, explains how the move toward DevOps and away from release management is giving control back to developers, then details why major companies often need partners to leverage CI, CD, and other modern techniques.	Jennifer Bonine May 18, 2018
	How Manual Testers Are Evolving into Automation Engineers: An Interview with Jennifer Scandariato In this interview, Jennifer Scandariato, the director of test engineering and leader of the Women in Technology initiative at iCIMS, explains the changing role of the manual tester, how they can adapt to a much faster environment, and why security is more important than ever before.	Josiah Renaudin April 6, 2018
	Why You Need to Take Security and DevOps Seriously: An Interview with Jeff Payne Video In this interview, Jeff Payne, the CEO and cofounder of Coveros, explains why major companies just aren’t that good at security. He discusses how you can better protect your business, as well as why DevOps can and should be a key to your success.	Jennifer Bonine March 16, 2018
	Test Strategies and the Importance of Security: An Interview with Randy Rice Video In this interview, Randy Rice, a leading author, speaker, and consultant in software testing and software quality, details the importance of being able to articulate your test strategy. He also explains why you need to have security at the top of your mind when dealing with software.	Jennifer Bonine December 8, 2017

Better Software Magazine Articles

	What if Someone Steals Your Code? Bob Zeidman, an expert in software forensics, provides a great overview of how to protect your software from predators. You'll learn the difference between copyrights, trade secrets, and patents.	Bob Zeidman November 11, 2016
	Pitfalls of Developing for the IoT The Internet of Things (IoT) enables amazing software-powered devices designed to make our business and personal lives easier. Lev Lesokhin discusses four fundamental practices you'll need when developing sophisticated software for the IoT.	Lev Lesokhin July 14, 2016
	Your Professional Responsibility for Security and Performance It is Johanna Rothman's belief that security and performance are no longer nonfunctional requirements in modern-day software development. Instead, we must prepare to accommodate security and performance needs in all projects.	Johanna Rothman April 28, 2016
	A Radical View of Software Licensing and Piracy Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.	Steven Cholerton September 12, 2014

Conference Presentations

	The T-Shaped Scrum Team: Get in Shape for Your Future Slideshow Today, agile teams are being asked to do more than ever before. The notion of a T-shaped person, created by Tim Brown (CEO of IDEO) in the 1990s, describes a new breed of worker—one who goes beyond the standard, assigned role. Mary Thorn believes that the roles of team members can stretch...	Mary Thorn
	Securing your IoT Implementations Slideshow As the Internet of Things is deployed across a wide range of industrial, consumer, and business environments, of special interest and concern is the need to implement IoT solutions with careful attention to security. While many of the challenges in IoT security are similar to the...	Tim Hahn
	Vulnerabilities and Bugs in Mobile Apps with Quick Tours Slideshow As mobile devices, tools, operating systems, and web technologies rapidly evolve, testers in this changing domain must quickly adapt their thinking. Testers often struggle to find critical vulnerabilities and bugs in mobile applications due to lack of guidance, experience, and the right...	Raj Subramanian
	A New Approach to IoT Safety, Risk, and Vulnerability Analysis Slideshow The ugly truth is that the interconnection of devices with IoT systems can lead to failures which result in physical injury, unacceptable risk, or cybersecurity vulnerabilities. Preventing such accidents requires identifying hazards, risks, and security vulnerabilities during development.	Gregory Pope

Recommended Web Seminars

Jun 21	Use In-Sprint Test Automation to Relieve Your DevOps Bottleneck
Jun 26	Maintaining Software Quality while Scaling DevOps
Jul 12	Using Automation to Meet Demands for Performance and Quality
On Demand	Bridging the Gap: Test Automation with Test Data on Demand
On Demand	Put the User at the Center of Your Performance Testing

See All

Featured Resources

Shifting Left to Keep Pace in Mobile and IoT Testing | Infostretch

Continuous Integration and Delivery: New Requirements for Digital Transformation | Infostretch

Accelerating Your Digital Initiatives with Quality Engineering | Infostretch

Agile Software Development for Mobile and IoT - Best Practices | Infostretch

Test Automation eGuide | TechWell

Visit Our Other Communities

Bringing you today’s best agile ideas and thought-leaders with how-to advice on the latest agile development & methodology practices.

Where configuration management and development professionals go for answers on SCM, ALM, change management, DevOps, tools and more.

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.

StickyMinds To Go Newsletter

Subscribe to the StickyMinds To Go newsletter

Receive all the latest and trending stories on StickyMinds delivered to your inbox every Tuesday, subscribe to StickyMinds To Go (you may unsubscribe at any time). For details, click here.

Tweets Follow @stickyminds

Community Sponsors

Upcoming Events

Jun 25	Agile Testing Days USA North America's Greatest Agile Testing Festival
Sep 17	Software Testing Training Week Raleigh-Durham Specialized training for QA, test, and software professionals
Sep 17	DevOps Week Chicago Hands-on DevOps technical and leadership training
Sep 30	STARWEST Software Testing Conference in Anaheim

Welcome