Security audits are an important part of IT security programs. In this article, authors highlight the challenges in cloud computing business models, based on interviews with cloud security auditors. They talk about the challenges in the areas of transparency, encryption and colocation and domain-tailored audits as ideal solution in the new model.
When developers become Tech Leads they have to find a balance between leading teams and continuing to do technical work. The book Talking with Tech Leads contains stories from Tech Leads on situations, challenges and approaches for leading teams. It explores the role and activities of technical leaders, and provides suggestions how to deal with responsibilities that come with technical leadership.
First class money & currency support in Java are almost here. JSR 354 spec lead Credit Suisse's Anatole Tresch discusses previous shortcomings, motivation for the new APIs, & lots of examples. 1
At then recent Agile Singapore conference James Grenning presented two technically focused talks - one on the importance of technical excellence and the other teaching test driven development. 3
In this article, authors discuss how enterprise, software, and security architects can improve software assurance by using the enterprise architecture to promulgate the software security controls.
All teams eventually face technical debt. In this article Jeremy gives see a useful metaphor for understanding technical debt, explaining it to stakeholders, and dealing with it in an efficient way. 4
At the recent Agile Singapore conference Kevlin Henney gave two talks focusing on the importance of simplicity in architecture and implementation and on programming with Good Unit Tests (GUTS).
In this article, authors provide an overview of current SOA technologies and incremental transition to SOA in legacy environments. They also discuss web services & enterprise application integration. 2
F# Deep Dives is a new book aimed at showing the business value that using F# brings in practice. It presents 11 industrial scenarios and their solution with F# using a functional-first approach.
In this article, Basho Sr. Software Engineer Chris Meiklejohn explores the basic building blocks for crafting deterministic applications that guarantee convergence of data without synchronization. 1
TOSCA, governed by the OASIS organization, is a platform for defining a standard container orchestration specification that is portable across various cloud environments and container providers. 1