Monday, September 26, 2011

Takeaways from OWASP AppSec USA 2011

Last week I attended the OWASP AppSec USA conference in Minneapolis. It was my first time at an OWASP event, and it was an impressive show....
Wednesday, September 7, 2011

Standups – take ‘em or leave ‘em

We left ‘em. Standup meetings are a core practice in Agile methods like Scrum and XP. Each day the team meets briefly to answer 3 questions:...
1 comment:
Wednesday, August 24, 2011

Bugs and Numbers: How many bugs do you have in your code?

If you follow Zero Bug Tolerance of course you’re not supposed to have any bugs to fix after the code is done. But let’s get real. Is there...
4 comments:
Monday, August 15, 2011

The C14N challenge

Failing to properly validate input data is behind at least half of all application security problems . In order to properly validate input ...
Monday, July 11, 2011

Developing and Testing in the Cloud

There’s a lot of hype around “ the Cloud ” and what it can do. One of the things that I am interested in is Cloud solutions that can help sm...
3 comments:
Friday, July 1, 2011

Please, no more Manifestos

For some reason, people involved in software development have a thing for Manifestos (always with a Capital M). It all started with the Agi...
3 comments:
Monday, June 27, 2011

Moving forward from Failure

System failures at scale are inescapable, as I have talked about before in the context of designing systems for failure in high-scale comput...