CMCrossroads | Configuration Management (CM and SCM) Q&A and Advice

Articles

	What Are the Uses for a Vulnerability Scanner? Today's hyper-connected world calls for extreme vigilance and knowledge of the ever-present threat of cyberattacks. These cyberattacks typically exploit vulnerabilities to breach your networks. What better way to prevent these attacks than to conduct regular vulnerability scans?	Jordan MacAvoy November 17, 2020
	DevSecOps: Incorporate Security into DevOps to Reduce Software Risk DevSecOps is a growing movement to incorporate security into DevOps practices in order to ensure flaws and weaknesses are exposed early on through monitoring, assessment, and analysis, so remediation can be implemented far earlier than traditional efforts. By failing fast with security testing, organizations reduce risk of a security incident and decrease the cost of rework.	Alan Crouch December 13, 2017
	The Risks of Measuring Technical Debt If your organization measures technical debt, have you really considered why you're doing this, and what you will do with that information once it has been gathered? Just because you can measure technical debt doesn't mean you should. Before you start (or continue) measuring technical debt, it's important to recognize that there are consequences.	Wayne Ariola Cynthia Dunlop October 22, 2015
	Critical Questions to Ask When Choosing a Third-Party API This article exposes the risks and hidden costs involved in the seemingly innocent decision of which third-party APIs to use to gather and report data, offload critical functionality, and save implementation time. It addresses some typical reasons the decision-making process over third-party use is overlooked, as well as how to make good choices confidently and consistently.	Paul Bruce September 24, 2015

Better Software Magazine Articles

	Managing Risk in an Agile World Most software projects take great pains to identify and mitigate risks. Traditional risk analysis techniques can be subjective, time-consuming, and complicated. All it takes is a simple spreadsheet.	Jeremy Jarrell April 21, 2017
	A Radical View of Software Licensing and Piracy Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.	Steven Cholerton September 12, 2014
	Reading the Tea Leaves: Predicting a Project's Future Project assessment and forecasting aren't magic. Payson Hall examines six factors that can increase the likelihood of project success.	Payson Hall September 1, 2013
	Using Mission and Risk Diagnostics to Enhance Business Continuity Noah Gamer explains that mission and risk diagnostics provide an excellent approach to risk management for any company. Using these elements together, an organization can create a better business continuity strategy. While risk is not always bad, identifying and mitigating risks can help your organization achieve success.	Noah Gamer July 5, 2013

Interviews

A Discussion on Data Encryption: An Interview with Kerry Cox Jr.

Podcast

Kerry Cox Jr. of Simplified Network Solutions talks about his recent work with Project Sierra, data encryption, the risks often overlooked in our ever-connected world, and how working for the government has helped to shape his career and views on the importance of Internet security.

Cameron Philipp-Edmonds

October 28, 2014

Conference Presentations

	Risk Based Testing: Communicating WHY You Can't Test Everything Slideshow The idea of testing everything is a popular one—in fact many stakeholders think that’s exactly what their quality teams do. It usually isn’t and can’t be; but how can teams communicate this? Join Jenny Bramble as she helps to pave the way using the language of risk-based testing. By defining risk in two simple parts, the team and project have a tangible and usable metric. She shares how to apply this metric and use it to determine where the team should focus testing, making it more effective and efficient whilst communicating that effort through the creation of a risk matrix. As a result, risk becomes the right language for the team to communicate clearly and concisely with everyone involved in the project by using agreed-upon words and definitions. Take away a set of tools that can be used to facilitate both better testing and better communication though precise use of language and risk matrixes.	Jenny Bramble
	Risk Based Testing – Are You Talking the Talk, Or Walking the Walk? Slideshow Risk-based testing is essential to focus our testing, but it is not always easy to apply to our projects. Risk management tends to focus more on project and process risks (i.e., Will we make the deadline? Do we follow our processes?) and less on the product risks that can act as a foundation for a risk-based approach to test. Including this aspect of risk in your test coverage will give you a solid foundation for defining a test strategy that implements and executes the right tests with the right intensity to mitigate the most critical product risks. In this presentation, Gitte Ottosen walks you through approaches to lightweight product risk analysis that can be applied whether you are working in a traditional or agile context. The approaches focus on the conversation around identifying and classifying product risks as a team effort, as well as how to use product risk analysis to support test specification and execution.	Gitte Ottosen
	Agile Testing Is All about Risk—Not Bugs and Quality Slideshow Many organizations make huge investments in software testing, and unfortunately they often don’t understand or extract full value from these activities. This can lead to testing being viewed as a mere formality or necessary evil within an organization. Fortunately, we can deliver more...	Heather Fullen
	Risk Aware, Not Risk Averse Slideshow Most of us dread failures. But things go wrong. We can become paralyzed by the fear of being the creator of the next outage or critical bug. After a failure, we often hold a postmortem, but this rarely addresses how we can be more proactive in preventing catastrophes. Considering our...	Siva Katir

Recommended Web Seminars

Nov 14	The Impact of Continuous Testing: How Organizations Transform Their Testing from Reactive to Innovative
Nov 21	Debunking the Top 5 Myths of AI in Testing
On Demand	Building Confidence in Your Automation
On Demand	Leveraging Open Source Tools for DevSecOps
On Demand	Five Reasons Why Agile Isn't Working

See All

Featured Resources

DevOps Continuous Delivery | TechWell

Open Source Testing Tools eGuide | TechWell

DevSecOps eGuide | TechWell

AI and the Future of Testing eGuide | TechWell

Testing in DevOps eGuide | TechWell

Visit Our Other Communities

Bringing you today’s best agile ideas and thought-leaders with how-to advice on the latest agile development & methodology practices.

The home for software testing and QA professionals—practical advice on test automation, test management, test techniques, and more.

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.

Scrum Master Essentials

Scrum Master Essentials As Agile adoption itself is now mainstream, and with Scrum taking the biggest chunk of an ever expanding Agile pie, the role of the scrum master is more in demand than ever. But what does it truly take to be a good scrum master? Download now.

Upcoming Events

Apr 27	STAREAST Software Testing Conference in Orlando & Online
Jun 08	AI Con USA An Intelligence-Driven Future
Sep 21	STARWEST Software Testing Conference in Anaheim & Online