You can’t win. You can only control how quickly you lose.
Like most people who’ve played it, I love Tetris. I still remember playing it for the first time on a friend’s Nintendo Game Boy. Not only is Tetris one of the best games of all time, it’s an excellent analogue for technical debt. The impacts of technical debt are something I’m deeply familiar with — I deal with them every day.
I’ll also share a personal story of how my team and I reduced technical debt in some billing code, fixing a $1 million-per-year bug.
Within software companies, product and project managers (PMs) work with software developers to prioritize what code will be written and shipped to customers next. …
Steps you can take today to improve your security posture
I’ve long said that security is inversely proportional to convenience. While I still believe that to be true, there are plenty of simple things you can do right now that will help to improve the overall security of your company without sacrificing productivity. Here are a few examples which I frequently share with my clients.
Keep a paper trail
Use an issue tracker and start the habit of filing a ticket for everything — this gives you the ability to look back at any point in time at what needed to be done, why it was done, and by whom.
- Building a new feature?
File a ticket and define the security considerations of it. …
That doesn’t mean they aren’t useful
I’ve written before about why I think security culture is important. In that article, I mentioned that some of my clients are surprised that I don’t audit their product code. Here are three reasons why:
- Attackers think bigger
Potential flaws in your product software aren’t the only opportunity for threat actors. …
About
