Home » Author Archives: Jim Bird

Author Archives: Jim Bird

Jim Bird
Jim is an experienced CTO, software development manager and project manager, who has worked on high-performance, high-reliability mission-critical systems for many years, as well as building software development tools. His current interests include scaling Lean and Agile software development methodologies, software security and software assurance.

Don’t Blame Bad Software on Developers – Blame it on their Managers

software-development-2-logo

There’s a lot of bad software out there. Unreliable, insecure, unsafe and unusable. It’s become so bad that some people are demanding regulation of software development and licensing software developers as “software engineers” so that they can be held to professional standards, and potentially sued for negligence or malpractice. Licensing would ensure that everyone who develops software has at least ...

Read More »

Top 10 Lists for Designing and Writing Secure and Safe Software

software-development-2-logo

If you care about writing secure code, should know all about these Top 10 lists: OWASP Top 10 The OWASP Top 10 is a community-built list of the 10 most common and most dangerous security problems in online (especially web) applications. Injection flaws, broken authentication and session management, XSS and other nasty security bugs. These are problems that you need ...

Read More »

Does DevOps Reduce Technical Debt – or Make it Worse?

devops-logo

DevOps can help reduce technical debt in some fundamental ways. Continuous Delivery/Deployment First, building a Continuous Delivery/Deployment pipeline, automating the work of migration and deployment, will force you to clean up inconsistencies and holes in configuration and code deployment, and inconsistencies between development, test and production environments. And automated Continuous Delivery and Infrastructure as Code gets rid of dangerous one-of-a-kind ...

Read More »

Software Architecture in DevOps

devops-logo

A new book by Len Bass, Ingo Weber and Liming Zhu “DevOps: A Software Architect’s Perspective”, part of the SEI Series in Software Engineering, looks at how DevOps affects architectural decisions, and a software architect’s role in DevOps. The authors focus on the goals of DevOps: to get working software into production as quickly as possible while minimizing risk, balancing ...

Read More »

DevOps is Killing Maintenance. Let’s Celebrate.

devops-logo

DevOps probably isn’t killing developers. But it is changing how people think about development – from running projects to a focus on building and running services. And more importantly, DevOps is killing maintenance, or sustaining engineering, or whatever managers want to call it. And that’s something that we should all celebrate. High-bandwidth collaboration and rapid response to change in Agile ...

Read More »

Can DevOps(Sec) make Software more Secure?

devops-logo

There was a lot of talk at RSA this year about DevOps and security: DevOpsSec or DevSecOps or Rugged DevOps or whatever people want to call it. This included a full-day seminar on DevOps before the conference opened and several talks and workshops throughout the conference which tried to make the case that DevOps isn’t just about delivering software faster, ...

Read More »

Backdoors, Sabotage or Just Plain Stupidity

software-development-2-logo

Someone on your development team, or a contractor or a consultant, or one of your sys admins, or a bad guy who stole one of these people’s credentials, might have put a backdoor, a logic bomb, a Trojan or other “malcode” into your application code. And you don’t know it. How much of a real problem is this? And how ...

Read More »

Towards Compliance as Code

devops-logo

Infrastructure as Code is fundamental to DevOps. Automating the work of setting up and maintaining systems infrastructure. Making it defined, efficient, testable, auditable and standardized. For the many of us who work in regulated environments, we need more. We need Compliance as Code. Take regulatory constraints and policies and compliance procedures and the processes and constraints that they drive, and ...

Read More »

Making Refactoring Work

software-development-2-logo

A recent academic study raises some questions about how useful and how important refactoring really is. The researchers found that refactoring didn’t seem to make code measurably easier to understand or change, or even measurably cleaner (measured by cyclomatic complexity, depth of inheritance, class coupling or lines of code). But as other people have discussed, this study is deeply flawed. ...

Read More »

Putting Security into Sprints

agile-logo

To build a secure app, you can’t wait to the end and hope to “test security in”. For teams who follow Agile methods like Scrum, this means you have to find a way to add security into Sprints. Here’s how to do it: Sprint Zero A few basic security steps need to be included upfront in Sprint Zero:     ...

Read More »
Want to take your Java Skills to the next level?
Grab our programming books for FREE!
  • Save time by leveraging our field-tested solutions to common problems.
  • The books cover a wide range of topics, from JPA and JUnit, to JMeter and Android.
  • Each book comes as a standalone guide (with source code provided), so that you use it as reference.
Last Step ...

Where should we send the free eBooks?

Good Work!
To download the books, please verify your email address by following the instructions found on the email we just sent you.