Improve agile and app dev meetings
Sometimes, it’s the choice of tools for hybrid work that can simplify remote
collaboration. Sometimes it’s how organizations, teams, and people use them. ...
These basic tools help agile teams manage their priorities, requirements, and
status to complete sprints and releases. There are also opportunities to improve
collaboration with product owners and stakeholders using advanced road maps and
sharing views of Jira issues on Confluence pages. Another option is to reduce
the complexity in developing applications, dashboards, and data integrations
with low-code and no-code tools. These tools can cut the time and collaboration
required to prototype, develop, test, and deploy capabilities, and their visual
programming modalities often lessen the need to create detailed implementation
documents. Rosaria Silipo, PhD, principal data scientist and head of evangelism
at KNIME, agrees and says, “Low-code tools are becoming increasingly popular and
deliver the freedom to prototype swiftly. They enable the collaboration of
simple to complex app dev within an integrated platform, where steps are
consumable by technical and non-technical stakeholders.”
Is UX design regressing today ?
Internet users are confronted all day long with various sites, each with its
logic, rules, and UX design. There is a need for flexibility on the part of
users as they adapt throughout their day to applications that feel they have
achieved the perfect logic for a good user experience. Every company has a
website, a page on all the major social networks, an application. SAAS are
multiplying and smartphones are more and more used to doing everything. This
need for the digital presence of all companies has made the need for Ux
designers explode. As Ux has become something commonplace, non-experts have
expectations of Ux designers, the expectation of designing an application that
pleases. The core of the problem lies in this level of design, an application is
not used in isolation. It is linked to dozens of others and is part of a life
where digital is always present. If some people feel that Ux design is
regressing, it’s because of the lack of consideration for the ecosystem in which
the applications will evolve. All the rules of Ux design can be perfectly
applied, but will still create friction if the logic of use has been thought
only for the application and not for the ecosystem.
Documenting the NFT voyage: A journey into the future
The most crucial task for any NFT project is to focus on innovative design and
diversified utilities for its users. Moreover, the first-to-market NFT project
will always have the edge over other competing projects to generate value.
Unfortunately, while making copies of the original (forks) is easy, it does not
always translate into a successful project. For example, the legendary
Ethereum-based CryptoPunks from Larva Labs is the inspiration behind
PolygonPunks residing on the Polygon blockchain. Although PolygonPunks is very
successful, many consider it a ‘derivative collection’ that can compromise
buyers’ safety. This is why the NFT marketplace OpenSea delisted PolygonPunks
after a request from developers at Larva Labs. The second characteristic of a
good NFT project is how strong the community is. A genuinely decentralized
project with a well-knit community goes a long way in making it a success. As
demonstrated above, the Pudgy Penguins and CryptoPunks communities are robust
enough to protect the legacy of the projects. Moreover, interoperable NFTs help
forge communities across blockchain networks, making them stronger.
“DevOps is a culture, it's not a job description”
In contrast to traditional software development lines, whereby those in product
would define the product, pass it to the developers, who would send it to the
testers, who would then assess its quality before sending it out for wider
use, the ‘Dev-Centric’ culture at Wix advocates that the developer should remain
in the middle of that process; it turns the assembly line into a circle with the
engineer sitting comfortably within the compounds of all the other departments -
the movie star in his own film in charge of filming and the final edit. “DevOps
is a culture, it's not a job description… the DevOps culture, it’s kind of
intertwined with continuous delivery. It is the culture of giving the developers
the responsibility and ability to deploy their product end to end… DevOps is not
a job description and I didn't want the people here in the company to confuse
the two. It is a very similar concept of empowering the developers to run things
on production.” Mordo, who joined Wix in 2010, has seen its growth from a simple
website builder into one of the internet’s biggest players and Israel’s largest
companies.
Developer sabotages own npm module prompting open-source supply chain security questions
"Even if the deliberate and dangerous act of maintainer RIAEvangelist will be
perceived by some as a legitimate act of protest, how does that reflect on the
maintainer’s future reputation and stake in the developer community?," Liran
Tal, Snyk's director of developer advocacy, said. "Would this maintainer ever be
trusted again to not follow up on future acts in such or even more aggressive
actions for any projects they participate in?" "When it comes to this particular
issue of trust, I believe the best way for it to be handled is with proper
software supply chain hygiene," Brian Fox, CTO of supply chain security firm
Sonatype, tells CSO. "When you’re choosing what open-source projects to use, you
need to look at the maintainers." Fox recommends exclusively choosing code from
projects backed by foundations such as the Apache Foundation, which don't have
projects with just one developer or maintainer. With foundations there is some
oversight, group reviews and governance that's more likely to catch this type of
abuse before it's released to the world.
Never-Mind the Gap: It Isn't Skills We're Short Of, It's Common Sense
Every person working in cybersecurity today started somewhere, and the amount of
learning material currently available surpasses what was around when many of us
started out. Enticing the right person to one of these outlets can spark a flame
that can burn through an organization faster than anything else. When you ignite
a passion, you ignite something deeper, and aiding these individuals in
manifesting their talent can only benefit your organization. There needs to be a
new narrative that cybersecurity is not only about having technical prowess
because many roles don’t require a high level of technical expertise. These
positions are a great stepping stone into the industry for those who lack the
core technological know-how you might expect when you think of a “cybersecurity
expert” and provide valuable insights and input to the security teams.
Organizations love silos, but what happens when larger strategies overlap silos,
technologies and outcomes?
Explore 9 essential elements of network security
Advanced network threat prevention products perform signatureless malware
discovery at the network layer to detect cyber threats and attacks that employ
advanced malware and persistent remote access. These products employ
heuristics, code analysis, statistical analysis, emulation and machine
learning to flag and sandbox suspicious files. Sandboxing -- the isolation of
a file from the network so it can execute without affecting other resources --
helps identify malware based on its behavior rather than through
fingerprinting. ... DDoS mitigation is a set of hardening techniques,
processes and tools that enable a network, information system or IT
environment to resist or mitigate the effect of DDoS attacks on networks. DDoS
mitigation activities typically require analysis of the underlying system,
network or environment for known and unknown security vulnerabilities targeted
in a DDoS attack. This also requires identification of what normal conditions
are -- through traffic analysis -- and the ability to identify incoming
traffic to separate human traffic from humanlike bots and hijacked web
browsers.
Preparing for the quantum-safe encryption future
Quantum-safe encryption is key to addressing the quantum-based cybersecurity
threats of the future, and Woodward predicts that a NIST candidate will
eventually emerge as the new standard used to protect virtually all
communications flowing over the internet, including browsers using TLS.
“Google has already tried experiments with this using a scheme called New Hope
in Chrome,” he says. Post-Quantum’s own encryption algorithm, NTS-KEM (now
known as Classic McEliece), is the only remaining finalist in the code-based
NIST competition. “Many have waited for NIST’s standard to emerge before
taking action on quantum encryption, but the reality now is that this could be
closer than people think, and the latest indication is that it could be in the
next month,” says Cheng. Very soon, companies will need to start upgrading
their cryptographic infrastructure to integrate these new algorithms, which
could take over a decade, he says. “Microsoft’s Brian LaMacchia, one of the
most respected cryptographers in the world, has summarized succinctly that
quantum migration will be a much bigger challenge than past Windows updates.”
The value of DevEx: how starting with developers can boost customer experience
The benefits of building a great customer experience are clear, but when
identifying how to actually go about curating a world-class customer
experience, things become more complicated. Many start by looking at end-user
features and technologies such as chatbots, conversational AI, omnichannel
messaging, and more as a way to kickstart CX efforts. Yet while all of these
can, and should improve customer experience, they are not addressing customer
experience at its core. The reality is, in order to truly build a
transformational customer experience, you must first start with providing a
better experience for those who are responsible for building your products,
services, and the experiences customers have when interacting with them. You
must start with your developers. Developer experience is customer experience.
... Creating a great developer experience means creating a frictionless
developer experience. If developers can spend less time figuring out tools,
processes, and procedures, they can spend more time innovating and building
modern features and experiences for their end-users.
Why machine identities matter (and how to use them)
It is well accepted that reliance on perimeter network security, shared
accounts, or static credentials such as passwords, are anti-patterns. Instead
of relying on shared accounts, modern human-to-machine access is now performed
using human identities via SSO. Instead of relying on network perimeter, a
zero-trust approach is preferred. These innovations have not yet made their
way into the world of machine-to-machine communication. Machines continue to
rely on the static credentials – an equivalent of a password called the API
key. Machines often rely on perimeter security as well, with microservices
connecting to databases without encryption, authentication, authorization, or
audit. There is an emerging consensus that password-based authentication and
authorization for humans is woefully inadequate to secure our critical digital
infrastructure. As a result, organizations are increasingly implementing
“passwordless” solutions for their employees that rely on integration with SSO
providers and leverage popular, secure, and widely available hardware-based
solutions like Apple Touch ID and Face ID for access.
Quote for the day:
"Confident and courageous leaders
have no problems pointing out their own weaknesses and ignorance." --
Thom S. Rainer
No comments:
Post a Comment