In this article, authors discuss an ad hoc anonymous and secure survey system called Anonize that can be used in applications like university course evaluations, online product reviews, and whistleblowing.
By changing the inner workings from a project perspective to a product perspective Agfa Healthcare established a less complicated process using a single backlog for the entire organisation. Main advice is to try to avoid setting up silos where they do not belong. When applying LeSS it is important to stick to its basic rules even though they are, in most organisations, very disruptive.
Little’s Law helps teams that use user stories for planning and tracking project execution, with a project buffer to manage inherent uncertainty of a fixed-bid project and protect its delivery date.
Graph NoSQL databases support data models with connected data. In this article, author discusses security implications of graph databases in use cases like graph discovery and knowledge management.
Monzy Merza discusses the challenges within organizations to retain and develop top cybersecurity talent, and outline the organizational steps companies can take to keep talent in-house.
Faced with the lack of solutions for secure distribution of AWS access keys to developers, AdRoll decided to build their own open source Hologram. Adair details the process, design and main features.
In this article, authors discuss the security vulnerabilities in software applications, the advantages whitelisting approach provides and how to implement the whitelisting security policies. 1
The book Conscious Agility (Conscious Capitalism + Business Agility = Antifragility) describes a design-thinking approach for business to benefit from uncertainty, disorder, and the unknown.
Computer security, or the lack thereof, has made many headlines recently. In this article we'll look at how bad things are and what you, as a software developer, can do about it.
Security audits are an important part of IT security programs. In this article, authors highlight the challenges in cloud computing business models, based on interviews with cloud security auditors. 1
In this article, authors discuss how enterprise, software, and security architects can improve software assurance by using the enterprise architecture to promulgate the software security controls.
This article describes what ‘Evo’ is at core, and how it is different from other Agile practices, and why ‘done’ should mean ‘value delivered to stakeholders’. 1
CONTENT IN THIS BOX
PROVIDED BY OUR SPONSOR
Introducing Intel® SGX - Hardware Assisted Security for the Application Layer.
Numecent, Bromium, and wolfSSL employ Intel® Software Guard Extensions (Intel® SGX) to create more secure, next-generation solutions.
Intel Software Guard Extensions (SGX) for Dummies.
At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data.
Protect Application Code, Data, & Secrets from Attack.
CPU-enhanced Application Security Product Brief.
Learn more about the Intel SGX SDK, a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.