ci

Where has Kim been for the last couple of years? This post explains why he's been so quiet and what he has been working on.

Developers / Engineers know that a build pipeline is an essential part of creating robust and reliable software, but what to put in it? This talk covers the creation of purpleteam from PoC to Alpha release, and why it’s an ideal fit for the security regression testing slot of your build pipeline.

At BSides Wellington: Kim discusses that Quality (security included) does not have to be neglected when you’re planning, building and running a high performance development team. He discusses how we fail and how to succeed.

Kim discusses how and why Agile Development Teams fail at security, and how to stop failing.

DevSecCon, Singapore: Quality (security included) does not have to be neglected when you’re planning, building and running a high-performance development team. Kim will set the stage with how and why Agile development teams fail, explained with a familiar anecdote taken from his new book “Holistic Info-Sec for Web Developers”, coupled with how you can change this.

Redirects to legacy blog post. It’s my intention that the following details will help you create a system that automates “Specification by Example”.

Redirects to legacy blog post. A short time ago, I was tasked with finding the right software engineer/s for the organisation I was working for. I settled on a process, a set of background questions, a set of practical programming exercises and a set of verbal questions. Later on I cut the set of verbal questions down to a quicker set. In this post, I’ll be going over the process and the full set of verbal questions. In a subsequent post I’ll go over the quicker set.

Redirects to legacy blog post. Is your organisation: * Wanting to get more out of your Software Developers? * Wanting to increase RoI? * Spending too much money fixing bugs? * Development team not releasing business value fast enough? * Maybe your a software developer and you want to lift your game to the next level? If any of these points are of concern to you… read on.

Redirects to legacy blog post. I recently wrote a post for the company I currently work for around the joys of doing TDD. What is your current approach to testing? How can you spend the little time you have on the most important areas? I thought I’d share some thoughts around where I see the optimal areas to invest your test effort.