Smart home under fuzzing
Smart homes rely on secure devices. Fuzz testing identifies software vulnerabilities in smart devices by fuzzing wireless and IoT protocols. The Internet of Things (IoT) has been a buzzword for years, but have you noticed that something has changed around you? Take a moment to think about your home. How many connected devices can you …
The Importance of Managing Complexity
Introduction We write software to make our lives easier; to reduce the complexity and chaos. The need to reduce complexity is at the very center of software development. Unfortunately, we tend to mirror the complexity of the real world in our software and this leads to many problems. As Bruce Schneier in his essay A Plea …
Five types of software licenses you need to understand
If a company creates software, it also reuses code, including code snippets, libraries, functions, frameworks, and entire applications. In fact, in most applications the majority of the code comprises reused third-party components. And all software code comes with certain rights and obligations if used by others or incorporated in a company’s codebase. Even code snippets …
Continue reading “Five types of software licenses you need to understand”
API-first development and the case for API mocking
One morning, you realize you have a great idea for an API. You discuss it with your team, then start building out the business case and technical requirements. Where do you go from there? You could write out the business requirements for the API and then code it. Or you could describe your API in …
Continue reading “API-first development and the case for API mocking”
Building Technical Wealth
Agile organizations find themselves constrained between the need for speed (velocity) and the need for quality. Technical debt is the enemy of velocity. Most companies don’t address technical debt until it slows or halts developer productivity. At that point, it can be very expensive to pay it down. One of the reasons technical debt is …
Secure SDLC 101
The digital transformation that has swept across all industry sectors means that every business is now a software business. Whether you’re selling software directly to your customers or developing it to run your operations, your organization needs to protect your bottom line by building trust in your software without sacrificing the speed and agility that …
Why Cyclic Dependencies are a Problem
In software development, divide and conquer is a design strategy where you recursively break down a problem into two or more sub-problems, until the problem becomes simple enough to be solved directly. This is where software components (packages, assemblies, modules, classes, etc.) come into play. Components break up large blocks of code into smaller, more …
Automated and Manual Testing with Zephyr Enterprise
Comprehensive software testing has never been more important than it is today. Software will continue to play an essential role in our daily lives. What is changing – and will continue to change – is what we test and how we test it. Modern software codebases are immensely complex. It’s simply not feasible to execute …
Continue reading “Automated and Manual Testing with Zephyr Enterprise”
Introducing IaC Security from Black Duck
The news is just in, and it’s big: Black Duck now offers IaC scanning functionality. With no additional licenses required, this capability is available immediately for all existing Black Duck customers. Let’s dig into exactly what this means for you, how it helps your existing security efforts, and what you can expect in the months …
The Importance of Measuring Your Software Architectural Health
How do you measure the “architectural health” of a software project? Since every software project is different, it is hard to come up with a single number that represents the architectural health of an entire project. Lattix Architect, therefore, provides a variety of architectural metrics. These metrics were chosen based on academic research on system architecture …
Continue reading “The Importance of Measuring Your Software Architectural Health”
