layout: post title: What is and why have a release calendar? —
In the last few weeks, I’ve had the chance to write for Scalyr about Practial Cloud Security for Startups and about the relationship between disaster recovery and site reliability engineering.
Like many of you, the last few weeks have been difficult and different for me and mine. I’ve still been out writing, and I have a few posts scattered to the winds that I’d like to tell you about.
The folks at Scalyr asked me to talk about AI Ops this week. AI Ops is a newer term, but it’s an exciting idea that could unlock some very powerful technology down the road. I had a good time talking about what I know and where I think the tech might go.
This week, over at Stackify, I explore what I remember being a big trend: Test Driven Development.
If you’re bootstrapping a startup, sometimes security falls by the wayside. Over at Sqreen this week, I take a look at some high-leverage steps any startup can take to boost their security posture.
Testing UIs can be difficult, complicated work. Thankfully, there are great frameworks to give you a boost as you get started. Over at Testim, I take a look at the difference between two libraries: Jest and Enzyme. Give it a read and maybe try one out in your next project.
Memory leaks are one of the most common pain points which degrade software user experience. Over at Raygun this week I do an introductory course to memory leaks and how you can keep them out of your software.
When you’re trying to get a startup off the ground, security can often fall by the way side. This presents all sorts of problems down the line, when your customers expect that you’re keeping their data safe. Over at Sqreen, I talk about how to manage Security Debt for your startup so that you don’t dig a hole right out of the gate.
It’s easy to embark on Data Engineering projects only to find that halfway through, you’re lost with no way out. This is a common experience for many Data Engineers, but most can’t or won’t do the work to make sure the project is scoped correctly before they dive in. Fortunately, that process doesn’t have to be hard. I outline how to scope a data engineering project over at DataOpsZone this week.
Data compliance is one of those things that’s both really important, and headache-inducing. DataOpsZone invited me over to talk about it this week, and I think what I have to say is worth a read.
Content Security Policies are a great way to boost the overall security of your webapp. Sadly, this tool is often missed during application development. I dive into how they work and why they’re necessary over at Sqreen this week.
A quick outline over at Sqreen this week.
I really enjoy working in C#, and one of my favorite features is their support for Where-style queries directly in code, through LINQ. Over at SubMain this week, I dove into how to use those queries, and some things you should know if you’re just learning them. Give it a read!
I wrote this week over at Enov8 about Software Security Anti-Patterns. These are mistakes I see teams make regularly. Is your team falling victim to any of them?
Code review is something that nearly everyone agrees is important. It’s also something that nearly everyone disagrees on how to do best.
It’s a bonus post this week, as I also approached the topic of how to fit Continuous Deployment into existing delivery pipelines this week over at Plutora.
Just because Java has fewer security pitfalls than languages like C++ doesn’t mean it’s automatically secure. I outline five things you can do to make your Java projects more secure over at Sqreen.
Also this week, I walked through some rules you should apply when looking for a penetration tester for your security team. The details are over at Sqreen.
I spent a bit with ASPE Training this week running down 5 configuration management tools you should know in 2019. If you’re looking for a good CM tool, check it out.
It’s been a few weeks since I’ve had a new post to share, but there’s new stuff. This week, I took some time to talk with Sqreen about Security traps to avoid when transitioning to a microservice. It’s a fun post, and I had a good time writing it.
I spend a little bit of time over at Plutora this week, putting together the best practices that I’ve found for getting started with Containerization. Give it a look.
Suffering a security breach doesn’t need to be a scary thing. It’ll offer some challenges, but you can make it through. I recently walked through the first steps you need to take if you find out you’ve been breached. If you want to know what you should do, read on.
It’s hard to remember, but there used to be a time when webapps didn’t need to know about the “real world.” That time is long past. If you’re looking to add geographic awareness to your app, check out my introduction to the Rails Geocoder.
I’ve used a lot of code review tools in my time. Some were great. Some were…not that. I did a run down over at SubMain about some of the best tools I’ve ever used. I’d love it if you gave a look.
The folks over at TestConfigurationManagement.com got me started on ITIL and how to do it right this week. We dove into why Configuration Management is a key part of any ITIL implementation’s success. Check it out.
Code documentation is a big, contentious topic. That didn’t stop me from sharing my opinion on how to get started and do it right over on SubMain
I took some time for testenvironmentmanagement.com to dive into some reasons that I’ve found IT Service Management projects fail. It’s a short read, go check it out.
I took some time to look at Python and PHP for the folks over at Stackify. This is an in-depth dive into the two languages to determine which makes the most sense for a WebApp these days. Give it a read if you’re interested.
In a word: yes! While many teams have taken up agile SDLC methodologies, waterfall is still a good fit for many teams.
Devise is one of my absolute favorite software packages of all time. It’s the gold standard for web authentication libraries. I was really excited to get the chance to talk about some tips and tricks for doing it right, over on the Stackify Blog
Carve Systems asked me to dive into the world of security testing tools, and I came out with ten can’t-miss packages.
I took a deep dive recently into NodeJS and Python for someone writing their first webapp. If you’re thinking about getting started in web development but don’t know what language to pick, check out my post on Stackify’s blog.
I spent some time recently writing about the DevOps world. It was a chance to dive into Kubernetes and Docker from a beginner’s perspective. If you’re looking to learn about these two great tools, here’s your chance.
I recently spent some time talking about Infrastructure as Code. What is it? How does it work? How can it benefit your business?
testenvironmentmanagement.com was looking for some insight into Enterprise Configuration Mangement recently. I put on my manager hat and laid out 5 reasons that, in my experience, endeavors to set up good ECM can fail. Read it here.
The good folks at Stackify were hoping to clear up some confusion around Docker. They thought it’d be a good idea for me to lay out the differences between a Docker Image and a Docker Container, so I did a little writeup. Check it out!
I spent a little time recently diving into what makes for a successful data governance implentation for our friends at ASPE Training. If you’re trying to spruce up your DG implementation, give it a look.
I’ve been doing quite a bit of writing on the internet these last few months, and felt like now was a good time to start collecting those posts. If you’ve read all the way back to this post, you’ve found the beginning. There’s no more to see!