CMCrossroads | Configuration Management (CM and SCM) Q&A and Advice

Articles

	The Agile Methodologies and Mindset That Got Us Through the COVID-19 Pandemic The landscape of modern technology as well as the way it impacts business operations has transformed since agile methodologies were created. In the past 18 months, that rate of change has greatly accelerated. Let's take a look at just how much agile has helped us adapt to this uncertain time as well as the way that COVID-19 has impacted the agile principles that we can continue to rely on.	Nahla Davies July 29, 2021
	How Kubernetes Can Help to Operationalize Your Container Security As organizations continue to pursue their digital transformations, their IT infrastructures are expanding in both size and diversity. Many are seeing the addition of two new technologies in particular: containers and Kubernetes.	David Bisson February 22, 2021
	What Are the Uses for a Vulnerability Scanner? Today's hyper-connected world calls for extreme vigilance and knowledge of the ever-present threat of cyberattacks. These cyberattacks typically exploit vulnerabilities to breach your networks. What better way to prevent these attacks than to conduct regular vulnerability scans?	Jordan MacAvoy November 17, 2020
	Why Security Vulnerability Assessments Are Necessary The growing menace of cybercrime has necessitated vulnerability assessments and testing. They help organizations understand their security flaws and work toward mitigating them.	Akshaya Choudhary October 13, 2020
	Embedding Security in a DevOps World Faster DevOps processes also create new challenges. It was difficult enough to add security into a traditional waterfall software development lifecycle with monthly or quarterly releases, but now software updates are released several times a day! What can developers do to build and maintain more secure applications? Here are some ways to encourage better security practices throughout the DevOps lifecycle.	Alex Humphrey November 13, 2019
	4 Keys to Protecting Your Data in a DevOps World It may seem like the desires for end-to-end DevOps and protection of sensitive data are in conflict, but if done correctly, they can be two sides of the same coin. DevOps processes such as version control and delivery automation introduce the very measures needed to properly protect production data. The key to keeping data safe while using it during your DevOps process is to focus on these four areas.	Tom Austin September 12, 2018
	DevSecOps: Incorporate Security into DevOps to Reduce Software Risk DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.	Alan Crouch December 13, 2017
	Shift Left: Now for Open Source and Security Compliance Shifting left has been focused on testing proprietary code earlier. But at what point in the lifecycle are you checking your open source compliance and ensuring you do not have security vulnerabilities? If you shift this process left and perform it earlier in your software development lifecycle, just like with testing, you can see the same benefits of saving time, money, and headaches.	Rami Sass November 26, 2015
	Critical Questions to Ask When Choosing a Third-Party API This article exposes the risks and hidden costs involved in the seemingly innocent decision of which third-party APIs to use to gather and report data, offload critical functionality, and save implementation time. It addresses some typical reasons the decision-making process over third-party use is overlooked, as well as how to make good choices confidently and consistently.	Paul Bruce September 24, 2015
	Simplifying Your Software Code Audit Software code audits can be arduous and time-consuming, as today’s software projects use a mix of proprietary, commercial, and open source software. This article outlines a number of methods to simplify and streamline your audit process and understand the best practices in organizing, documenting, labeling, tracking, and managing open source and third-party content brought into software portfolios.	Kate Andreeva September 10, 2015

Pages

Recommended Web Seminars

Jul 18	Test Ahead of the Curve: Insights for Developing a Superior Test Coverage
On Demand	Building Confidence in Your Automation
On Demand	Leveraging Open Source Tools for DevSecOps
On Demand	Five Reasons Why Agile Isn't Working
On Demand	Building a Stellar Team

Featured Resources

DevOps Continuous Delivery | TechWell

Open Source Testing Tools eGuide | TechWell

DevSecOps eGuide | TechWell

AI and the Future of Testing eGuide | TechWell

Testing in DevOps eGuide | TechWell

Visit Our Other Communities

Bringing you today’s best agile ideas and thought-leaders with how-to advice on the latest agile development & methodology practices.

The home for software testing and QA professionals—practical advice on test automation, test management, test techniques, and more.

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.