Arpit MohanMy TL;DR style notes from articles I read today.
Integrating Security With Agile Development
- Create an up to date threat model and data flow diagram. Focus on one security story in each development sprint.
- Teach your team basic threat modeling. Get them to think about it in each sprint cycle.
- Integrate a static analysis tool into IDE & Dependency / Open source security checks into local build processes whenever possible.
- Integrate both of these into a CI/CD pipeline, and break the build on issue thresholds.
- Configure dynamic test tools into the CI/CD pipeline on deploys.
Full post here, 6 mins read
10 tips for reviewing code you don’t like
- Discuss. Don’t critique. Don’t argue.
- Talk facts. Talk respectfully. No snarky remarks.
- Don’t say something is obvious just because it is obvious to you.
- Ask questions. Ask for clarifications. Ask why someone did what they did.
- Share what you expect and set time aside for reviews in advance.
Full post here, 5 mins read
The Importance of Web Performance Benchmarking
Focus on these web performance benchmarking KPIs for online applications:
- Page load time
- Application availability
- Webpage size & content
- Third-party services performance
- User engagement &/or transactions
Full post here, 5 mins read
I share these TL;DR versions of articles on software engineering that I read every weekday through my newsletter - in.snippets(). Sign up here if you liked what you just read.
