A few items I found insightful, outside of an overall great book:
Great article on Wall St vs New Order/Startup companies. One particular statement stands out:
Engineering Company = Engineering Culture
In Wall Street, Finance is the business, and technology is merely a mechanism that exists to facilitate that business. Technology is seen as a cost center, and when it is necessary to cut costs
I really like gamification. In some firms its in almost part of the culture. Of particular interest around post mortem’s is Google’s gamification leaderboard.
Some individuals are incentivized by a sense of accomplishment and progress toward a larger goal, such as fixing system weaknesses and increasing reliability. For these individuals, a scoreboard or burndown of postmortem action items can be an incentive. At Google, we hold “FixIt” weeks twice a year. SREs who close the most postmortem action items receive small tokens of appreciation and (of course) bragging rights
A few weeks ago, the Sunday Times included a CyberSecurity supplement, available online here. What follows are a few interested pointers:
Worth a listen, Max Saltonstall and Justin McCarthy are joined by Johnathan Hunt, VP of Information Security at InVision to talk about pen testing, bug bounty programs, and secure code.
First up, and worth a read/watch is “How Is Software Developed At Amazon?”. Of note:
Following closely are the many references called out in QA Financial keynote from Jordan Daniel, Head of Testing and Enterprise Release Management, Bank of England:
Another day, another buzzword – DevSecOps. Like most buzzwords, the devil is in the detail 🙂 In this particular case its a continued refinement and improvement of the DevOps tool chain, that correlates well to Accelerate capabilities, with evidencing through metrics:
You may also want to include Rotate, Repair, Repave into your practices as well when considering the Open Source library language flaws.
This video on DiffBlue Secure offers interesting insight into how using the right tool, at the right time as part of the SDLC tool chain, could reduce the defects and incident management overhead. Hopefully this would result in a decisive “Strict prioritisation” graph. Food for thought
ABN Amro provides insight into its Continuous Integration Continuous Delivery (CICD), tooling, software quality and security via this posting. Of interest is how they have partly improved quality via “Build Breakers”. The issue with these breakers is that its fine for new projects who are clear on the bar, but older projects have somewhat of a hurdle to jump before they can adhere to the break.
Solution? DiffBlue
How? If you added DiffBlue to the CI/CD pipeline, in the event that your project drops below the % code coverage breaker, DiffBlue could create the Unit Tests, bringing you quickly back above the breaker.
Moving aged projects/products into your nice shiny CI/CD pipeline could also be aided by DiffBlue. Generate a “full regression suite” before migrating into the CI/CD pipeline. Problem solved. Migration is now part of the build breaker quality solution without the need to hire personnel 🙂
Finally, Accelerate provides a view on the capabilities required to 2x team/product delivery. DiffBlue is part of the solution for Capacity 4, Test Automation. DORA State of DevOps also play to DiffBlue, with regards to Elite/Higher performers undertaking considerably less manual testing than Medium/Low performers.
