(isc)2 agile Agile Delivery Article CSSLP ECS Educational SSDLC

Guide for delivering frequently software features that matter (series) #1/2: the Pillars of successful frequent delivery

Click below for the podcast version (AI generated): Guide for delivering frequently software features that matter: the three Pillars of successful frequent delivery If you’re a software engineer older than 30 years, then you definitely have worked following a non-agile methodology. Those methodologies are based on a fixed structure, a lot of planning, and hope […]

agile Article ECS Educational

Beyond “Move Fast and Fail Fast”: Balancing Speed, Security, and … Sanity in Software Development (with Podcast)

Move fast and fail fast In software development, the mantra “move fast and fail fast” has become both a rallying cry and a source of considerable debate. It champions rapid iteration, prioritizing speed and output, often at the perceived expense of meticulous planning and architectural foresight. This approach, deeply intertwined with the principles of agile […]

Certification Cybersecurity ECS Educational

Comparing “Records of Processing Activities” (ROPA) and “Data Protection Impact Assessments” (DPIA) (with Podcast)

Understanding ROPA and DPIA: Key GDPR Concepts for Tech Companies Podcast of this article:       Let’s explore two essential components of GDPR compliance: Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA). ROPA provides a comprehensive overview of your data handling, while DPIA focuses on assessing and mitigating risks for specific, […]

Article Cybersecurity ECS General Security SSDLC

Accelerating feature delivery in software development

My company develops security products for all major operating systems. We work with startups and with big companies, all striving to develop features (functional and non-functional) as fast and as good as possible. While on the first view this seems like a contradiction, there are actually ways of implementing exactly this. For security software development […]

agile CSSLP ECS Educational Security SSDLC

Delivering secure software in an agile way

  Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements. Agile software development addresses these challenges by emphasizing flexibility, collaboration, and continuous delivery. Agile methodologies break down the development process into smaller, manageable […]

Article Certification Cybersecurity ECS Educational ISMS ISO 27001 Security TISAX

ISO 27001:2022 and TISAX: overlaps and differences

Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two prominent standards in the realm of information security management, particularly within the automotive industry. While ISO 27001 provides a global framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS), TISAX (Trusted Information Security Assessment Exchange), based on the VDA ISA […]