Smart home under fuzzing

Thursday, October 06, 2022

Smart homes rely on secure devices. Fuzz testing identifies software vulnerabilities in smart devices by fuzzing wireless and IoT protocols. The Internet of Things (IoT) has been a buzzword for years, but have you noticed that something has changed around you? Take a moment to think about your home. How many connected devices can you …

The Importance of Managing Complexity

Thursday, September 29, 2022

Introduction We write software to make our lives easier; to reduce the complexity and chaos. The need to reduce complexity is at the very center of software development. Unfortunately, we tend to mirror the complexity of the real world in our software and this leads to many problems. As Bruce Schneier in his essay A Plea …

software license

Five types of software licenses you need to understand

Thursday, September 22, 2022

If a company creates software, it also reuses code, including code snippets, libraries, functions, frameworks, and entire applications. In fact, in most applications the majority of the code comprises reused third-party components. And all software code comes with certain rights and obligations if used by others or incorporated in a company’s codebase. Even code snippets …

API-first development and the case for API mocking

Thursday, September 15, 2022

One morning, you realize you have a great idea for an API. You discuss it with your team, then start building out the business case and technical requirements. Where do you go from there? You could write out the business requirements for the API and then code it. Or you could describe your API in …

Building Technical Wealth

Thursday, September 08, 2022

Agile organizations find themselves constrained between the need for speed (velocity) and the need for quality. Technical debt is the enemy of velocity. Most companies don’t address technical debt until it slows or halts developer productivity. At that point, it can be very expensive to pay it down. One of the reasons technical debt is …

Secure SDLC 101

Thursday, September 01, 2022

The digital transformation that has swept across all industry sectors means that every business is now a software business. Whether you’re selling software directly to your customers or developing it to run your operations, your organization needs to protect your bottom line by building trust in your software without sacrificing the speed and agility that …

Why Cyclic Dependencies are a Problem

Thursday, August 25, 2022

In software development, divide and conquer is a design strategy where you recursively break down a problem into two or more sub-problems, until the problem becomes simple enough to be solved directly. This is where software components (packages, assemblies, modules, classes, etc.) come into play. Components break up large blocks of code into smaller, more …

Automated and Manual Testing with Zephyr Enterprise

Thursday, August 18, 2022

Comprehensive software testing has never been more important than it is today. Software will continue to play an essential role in our daily lives. What is changing – and will continue to change – is what we test and how we test it. Modern software codebases are immensely complex. It’s simply not feasible to execute …

Introducing IaC Security from Black Duck

Thursday, August 11, 2022

The news is just in, and it’s big: Black Duck now offers IaC scanning functionality. With no additional licenses required, this capability is available immediately for all existing Black Duck customers. Let’s dig into exactly what this means for you, how it helps your existing security efforts, and what you can expect in the months …

The Importance of Measuring Your Software Architectural Health

Thursday, August 04, 2022

How do you measure the “architectural health” of a software project? Since every software project is different, it is hard to come up with a single number that represents the architectural health of an entire project. Lattix Architect, therefore, provides a variety of architectural metrics. These metrics were chosen based on academic research on system architecture …