Visual Studio tips

Top 10 Visual Studio Refactoring Tips

Wednesday, September 09, 2020

With the version 2019 Visual Studio is now mature when it comes to refactoring. This post proposes a tour of the top 10 most used refactoring actions in my opinion. ) Renaming an Identifier With Ctrl+R,R you can rename any code identifier: a variable, a field, a class… The renaming experience is pretty clean when only one …

web app security

The Cyberthief’s New Best Friend: Web Apps

Thursday, September 03, 2020

Web apps are now one of the top favorites—if not the absolute favorite—means of attack by cyberthieves, based on the latest Verizon Data Breach Investigations Report, which examined 41,686 security incidents, including 2,013 confirmed data breaches. The data came from 73 sources of data accessed by the carrier, only seven of which were internal to …

SAST and SCA

SAST and SCA: Putting the Puzzle Together

Thursday, August 27, 2020

Developing correct and secure software isn’t easy. A typical application includes a large amount of original and third-party code, and it all has to work together without opening up security holes. Any change to existing code, whether it’s a simple refactoring or the addition of a major feature, could create a new risk. Checking the …

modular architecture

Modularity and Agile Architecture

Thursday, August 20, 2020

What is Agile Architecture? Architecture is an important aspect of agile software development efforts. It is critical to scaling agile to meet the needs of the business. “Agile architecture is a set of values and practices that support the active evolution of the design of a system, concurrent with the implementation of new business functionality”. The …

Swaggerhub developer perspective

A Developer’s Perspective of CI/CD Integrations with SwaggerHub

Thursday, August 13, 2020

In my career thus far I’ve been very fortunate to have held positions at various stages along the software development lifecycle and beyond. It’s given me great insight and appreciation for the demands of today’s developers. Whether I’ve been speaking to frustrated developers on a product demo, or in the depths of the code base …

CodeSonar for Java and C#. Julia tools.

Expanding CodeSonar SAST Capabilities with Java and C#

Wednesday, August 05, 2020

GrammaTech recently acquired the intellectual property and assets of JuliaSoft S.r.l. to extend its CodeSonar Static Application Security Testing (SAST) platform with automated code analysis for Java and C# code. This an exciting announcement because of how well the Julia static analysis engine fits with CodeSonar and both team’s approach to quality, safety and security. …

Technical debt management - Cloudbees Flow

Technical Debt Management with Feature Flags: Strategy & Best Practices

Thursday, July 30, 2020

Technical debt is accumulated as unmanaged flags accrue in an application’s code. And the associated marginal gain (i.e. each unmanaged flag added) directly impacts the amount of time and resources needed for testing. This can lead to more serious issues with the affected development, performance/testing and product processes becoming more expensive. As software teams grow …

Application Security Testing Techniques

Recommended Application Security Testing (AST) Techniques

Thursday, July 23, 2020

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription required). Primarily, “application security testing (AST) is a critical practice within the software development life cycle (SDLC) and covers multiple techniques, from early development stages through to, and including, production.” Clearly, …

Visual Studio Find in Files screen

10 Visual Studio Navigation Productivity Tips

Wednesday, July 15, 2020

A large code base is a complex asset. Visual Studio is a complex environment. In this context developers spend a significant part of their time searching and navigating across code elements and the multiple IDE tools and options. Fortunately Visual Studio proposes many features to simplify navigation that I am going to present.  Note that …

looking into a crystal ball

Cybersecurity Predictions for 2020

Thursday, July 09, 2020

Just like New Year’s resolutions, a lot of people make predictions — but not everyone follows up on them. Last year, we looked into the 2019 crystal ball and tried to predict the trends concerning cybersecurity for that year. Now that it’s 2020, let’s review those predictions to see how well we did, and make some new …