One of the largest areas of waste in development are poorly formed requirements. This post presents a very simple technique that can be applied to all user stories to improve quality and reduce waste, as well as examining how this can fit into your current planning and estimation workflow via the underused ‘definition of ready’. It’s a very actionable concept that you can apply immediately.
In this article, author discusses three techniques to defend against malicious users in software systems. These techniques includes creating personas to think strategically about the mischief a malicious user might attempt, misuse cases used to determine how the software should respond to unintended use, and activity diagrams annotated with security concerns.
Product risk analysis (PRA) can be done during the various phases of sequential or agile system development. This article shows how to apply PRA to elevate it from project level to domain level.
This article discusses “human experience” testing and uses concepts from human computer interaction design theory to establish a framework for developing “human experience” test scenarios.
Chris Haddad explains in this article what Shadow IT is, what role it plays in the enterprise and why Enterprise IT needs to embrace it, adapt and address Shadow IT requirements, autonomy, and goals.
The Incremental Commitment Spiral Model: Principles and Practices for Successful Systems and Software describes a process model generator. InfoQ interviewed the authors Barry Boehm and Richard Turner.
This InfoQ article series focuses on automation tools and ideas for maintaining dynamic pools of compute resources.
Security. Cloud. Two words that are almost always together but rarely happily. Learn why that isn’t the case and what you need to known about securing your critical infrastructure in the cloud. 3
Mobile operations management is one of the top priorities of modern enterprise and after establishing solutions for device management, the next challenge is to manage and secure mobile business data.
Approximately 60% of all computers sold worldwide today are portable, making them an easy target for criminals. How can your personal data be protected? With one word - encryption! 2
With the news stories of possible data breaches at enterprises like Target, and companies migrating to cloud environments, CIOs have been asking hard questions about cloud security. 2
In this article, authors discuss the role of big data and Hadoop in security analytics space and how to use MapReduce to process data for security analysis.
CONTENT IN THIS BOX
PROVIDED BY OUR SPONSOR
Introducing Intel® SGX - Hardware Assisted Security for the Application Layer.
Numecent, Bromium, and wolfSSL employ Intel® Software Guard Extensions (Intel® SGX) to create more secure, next-generation solutions.
Intel Software Guard Extensions (SGX) for Dummies.
At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data.
Protect Application Code, Data, & Secrets from Attack.
CPU-enhanced Application Security Product Brief.
Learn more about the Intel SGX SDK, a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.