Delivery process improvement ideas rise from the frustration felt by teams executing the process. If you want to improve a team’s delivery processes, I recommend putting your team in control of improving itself and support the team with practices and resources to help them do that.
Reading time: 3.5 minutes Are there any 'silver bullets' in software development? Fred Brooks led the IBM's System/360 development effort and recounted that delivery story and strategies in The Mythical Man-Month (brilliant) said: "There is no single development, in...
The State of Application Secret Delivery and Audit Practices should help you explain to others why delivering application secrets is challenging, the risks of unsafe practices, and a general approach for improving your application secret delivery process.
Configuration is data interpreted by a program to change its behavior so that it supports a particular use case. This post describes the challenges and techniques for creating a configuration interface that is safe and usable.
Reading Time: 2 minutes Was Digital Transformation a good idea? Many organizations are making fundamental changes to the way their applications are structured and operated. These changes are intended to address real problems. Structurally, monolithic applications can...
Lack of understanding how to deliver secrets to applications securely is the biggest challenge identified by DevOps practitioners in the Secret Delivery and Audit Practice study.
This post describes how you can deliver secrets securely when using VMWare, Terraform, and Chef.
Finding the needles in a large haystack is sometimes the hardest part of solving a problem. Debugging is also a skill you can learn and develop.
Let’s examine three controls customers can adopt to help keep control of their data stored in S3 or another Cloud object store while still making it accessible or manageable by third parties.
Helping customers answer security questions in the general case and preventing bad configurations from making it into the wild is one of the main themes at AWS’ inaugural Security conference, re:Inforce. They have done this by operationalizing the ‘Provable Security’ field for their services.
Learn how to design, build, and operate systems in the Cloud one day and concept at a time. A few times a week, Stephen Kuenzli will share his thoughts on building robust systems, architecting for and migrating to AWS, and using DevOps and engineering practices to manage complexity and deliver safely.