They can’t mix, can they? Seems like a contradiction to talk about classical project management and the best agile software development methodology ? But let me ask you this: ever feel like traditional project management is great for mapping out the big picture but falls short when it comes to the nitty-gritty of execution? And […]
Understanding ROPA and DPIA: Key GDPR Concepts for Tech Companies Podcast of this article: Let’s explore two essential components of GDPR compliance: Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA). ROPA provides a comprehensive overview of your data handling, while DPIA focuses on assessing and mitigating risks for specific, […]
I think the entire software development world saw NVIDIA’s CEO saying that the world will stop needing software developers, because they will be replaced by AI. Well, considering that this comes from the guy who sells the core on which AI is built, is understandable. But is there any truth to this? Let’s look at […]
My company develops security products for all major operating systems. We work with startups and with big companies, all striving to develop features (functional and non-functional) as fast and as good as possible. While on the first view this seems like a contradiction, there are actually ways of implementing exactly this. For security software development […]
In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on risk. Incorporating security into the SDLC ensures that security is not an afterthought but an integral part of the development process. Security User Stories are specific, actionable items that articulate the security needs of […]
Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements. Agile software development addresses these challenges by emphasizing flexibility, collaboration, and continuous delivery. Agile methodologies break down the development process into smaller, manageable […]
The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn where I asked the readers why are IT professionals using Crowdstrike on some systems that shouldn’t be in need of such protection in the first place. The answers in various groups were mostly related to: […]
Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two prominent standards in the realm of information security management, particularly within the automotive industry. While ISO 27001 provides a global framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS), TISAX (Trusted Information Security Assessment Exchange), based on the VDA ISA […]
Introduction SOC 2 (Service Organization Control 2) certification is a framework designed by the American Institute of CPAs (AICPA) to help organizations manage customer data based on five Trust Service Criteria: , confidentiality,processing integrity, availability, security and privacy. This certification is crucial for service organizations that store or process customer data in the cloud. Comparison […]
What is Secure by Design? Secure by Design products are those where the security of the customers is a core business requirement, not just a technical feature. Secure by Design principles should be implemented during the design phase of a product’s development lifecycle to dramatically reduce the number of exploitable flaws before they are […]
You must be logged in to post a comment.