Paul Grenyer discusses why and how to create a Walking Skeleton - an implementation of the thinnest possible slice of real functionality that we can automatically build, deploy and test end-to-end.
Doug Hiebert discusses the principles and objectives behind automated testing, TDD, Unit and Integration Testing, using asserting and mocking to write tests, and static analysis.
Magnus Robertsson shows how to control the code architecture manually, statically and dynamically in order to avoid an architectural drift leading to a big-ball-of-mud. For that, he recommends ways to enforce the reference architecture through peer review, code analysis, and zero tolerance to warnings and errors.
Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis can uncover the kinds of errors that lead directly to vulnerabilities and in this talk, Brian Chess frames the software security problem and shows how static analysis is part of the solution.