About Jim Bird
Jim is an experienced CTO, software development manager and project manager, who has worked on high-performance, high-reliability mission-critical systems for many years, as well as building software development tools. His current interests include scaling Lean and Agile software development methodologies, software security and software assurance.
List/Grid Author Archives Subscribe to the RSS feed of Jim Bird
What does Code Ownership do to Code?
In my last post, I talked about Code Ownership models, and why you might want to choose one code ownership model (strong, weak/custodial or collective) over another. Most of the arguments ...
Code Ownership – Who Should Own the Code?
A key decision in building and managing any development team is agreeing on how ownership of the code will be divided up: who is going to work on what code; how much work can be, and ...
Architecture-Breaking Bugs – when a Dreamliner becomes a Nightmare
The history of computer systems is also the history of bugs, including epic, disastrous bugs that have caused millions of $ in damage and destruction and even death, as well as many ...
Penetration Testing Shouldn’t be a Waste of Time
In a recent post on “Debunking Myths: Penetration Testing is a Waste of Time”, Rohit Sethi looks at some of the disadvantages of the passive and irresponsible way that application ...
War Games, Pair Testing and Other Fun Ways to Find Bugs
I’ve already examined how important good testing is to the health of a project, a product and an organization. There’s a lot more to good testing than running an automated test ...
How do you measure Devops?
If you’re trying to convince yourself (or the team or management) that your operations program needs to be changed for the better, and that trying a Devops approach makes sense – ...
Yes Small Companies Can – and Should – Build Secure Software
‘For large software companies or major corporations such as banks or health care firms with large custom software bases, investing in software security can prove to be valuable ...
Peer reviews for security are a waste of time?
At this year’s RSA conference, one of the panel’s questioned whether software security is a waste of time. A panellist, John Viega, said a few things that I agreed with, and a lot ...
Appsec at RSA 2013
This was my second time at the RSA conference on IT security. Like last year, I focused on the appsec track, starting with a half-day mini-course on how to write secure applications ...
A Bug is a Terrible Thing to Waste
Some development teams, especially Agile teams, don’t bother tracking bugs. Instead of using a bug tracking system, when testers find a bug, they talk to the developer and get it ...
