Home » Author Archives: Jim Bird (page 11)

Author Archives: Jim Bird

Jim Bird
Jim is an experienced CTO, software development manager and project manager, who has worked on high-performance, high-reliability mission-critical systems for many years, as well as building software development tools. His current interests include scaling Lean and Agile software development methodologies, software security and software assurance.

Monitoring Sucks. But Monitoring as Testing Sucks a Lot More

devops-logo

At Devopsdays I listened to a lot of smart people saying smart things. And to some people saying things that sounded smart, but really weren’t. It was especially confusing when you heard both of these kinds of things from the same person. Like at Noah Sussman’s presentation on how rapid release cycles alter QA and testing, based on the work ...

Read More »

Does Devops have a Culture Problem?

devops-logo

At the Devopsdays conference in Mountain View, Spike Morelli led an Open Space discussion on the importance of culture. He was concerned that when people think and talk about devops they think and talk too much about tools and practices, and not enough about culture and collaboration and communication, not enough about getting people to work closely together and caring ...

Read More »

Sooner or Later: Deliver Early or Minimize Waste

agile-logo

There’s an obvious but important tension in Lean/Agile development around when to make decisions. Between the fundamental Agile position that we should do the most important and most risky work first, and the Lean argument that we should make decisions at the last possible moment. We need to decide early and try things out, iterate to minimize risk and time ...

Read More »

Agile Estimating: Story Points and Decay

agile-logo

I’m re-reading Mike Cohn’s Agile Estimating and Planning. It’s the best book I’ve found on this and worth reading, even if he gets too Scrummy at times, and even if you don’t agree with everything he says. Which I don’t. For example, I don’t agree with him that Story Points are better for estimation than Ideal Days. When we do ...

Read More »

Where do Security Requirements come from?

software-development-2-logo

One of the problems in building a secure application is that it’s not always clear what the security requirements are and where they are supposed to come from. Are security requirements supposed to come from the customer? Are they specified in the regulatory and compliance environment? Or are they implicit in the type of application that you are building – ...

Read More »

Are Agile plans Better because they are Feature-Based?

agile-logo

In Agile Estimating and Planning, Mike Cohn quotes Jim Highsmith on why Agile projects are better: “One of the things I keep telling people is that agile planning is “better” planning because it utilizes features (stories, etc.) rather than tasks. It is easy to plan an entire project using standard tasks without really understanding the product being built. When planning ...

Read More »

The pursuit of protection: How much testing is “enough”?

agile-logo

I’m definitely not a testing expert. I’m a manager who wants to know when the software that we are building is finished, safe and ready to ship. Large-scale enterprise systems – the kinds of systems that I work on – are essentially hard to test. They have lots of rules and exceptions and lots of interfaces and lots of customization ...

Read More »

Software Development Metrics that Matter

software-development-2-logo

As an industry we do a surprisingly poor job of measuring the work that we do and how well we do it. Outside of a relatively small number of organizations which bought into expensive heavyweight models like CMMI or TSP/PSP (which is all about measuring on a micro-level) or Six Sigma, most of us don’t measure enough, don’t measure the ...

Read More »

Building security into a development team

software-development-2-logo

Getting application developers to understand and take responsibility for software security is difficult. Bootstrapping an Appsec program requires that you get the team up to speed quickly on security risks and what problems they need to look for, how to find and fix and prevent these problems, what tools to use, and convince them that they need to take security ...

Read More »

Application Security at Scale

software-development-2-logo

This week’s SANS AppSec conference in Las Vegas took on Application Security at Scale: how can we scale application security programs and technologies to big organizations, to small organizations and across organizations to millions of programmers world wide. You can find the presentation slides here. Lots of hilights for me: The conference was kicked off by Jeremiah Grossman from WhiteHat ...

Read More »
Do you want to know how to develop your skillset and become a ...

Subscribe to our newsletter to start Rocking right now!

To get you started we give you our best selling eBooks for FREE!
Get ready to Rock!
To download the books, please verify your email address by following the instructions found on the email we just sent you.

THANK YOU!

Close