The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Sponsored Link

Artima Weblogs
Thinking Aloud
A Weblog by Johan Peeters
Welcome Guest
  Sign In
1 page [ 1 ]
March 6, 2011,  5 comments
Chris Wysopal likens application security debt to technical debt in a couple of recent blog posts. It turns out that the debt metaphor is particularly apt as, like financial debt, application security debt is susceptible to interest rate fluctuations.
April 3, 2007,  5 comments
At last week's SPA conference, Paul Dyson and I ran a workshop on planning non-functional requirements in agile projects. Here is a personal account.
June 2, 2006,  18 comments
Not by angry customers suing for damages after security breaches, or by governments breaking up monopolies, but by open source developers and security professionals accusing them of being obsessed by security.
May 16, 2006,  35 comments
The ICT security community is suspicious of agile processes. "They do not produce formal documentation" is an often-heard complaint. Agile developers, on the other hand, blithely ignore security concerns.
June 5, 2005,  2 comments
Agile iteration planning has traditionally maximized business value based exclusively on user stories. However, implementing a user story increases the attack surface of a system and consequently the risk of abuse. The cost of absorbing such risk is often not taken into account. Abuser stories redress the balance.
March 1, 2005,  Submit comment
Security is a blind spot in application development.
January 8, 2005,  4 comments
Security professionals have long regarded agile development processes with suspicion, in spite of their reputation for improving software quality. I report on a panel discussion at JavaPolis confronting agile processes with security engineering.
December 24, 2004,  Submit comment
Eamonn McManus beat me to blogging about JavaPolis on Artima. I add a little sprinkling of Trust and Sex.
August 16, 2004,  4 comments
How do you get rid of a mainframe? Don't let it become a monster that feeds off your fears.
February 28, 2004,  5 comments
JavaScript is not as innocuous as some would like to believe.
February 25, 2004,  13 comments
XSS has been around for a long time, but the current appetite for weblogs opens up new opportunities for attackers.
December 7, 2003,  Submit comment
The plot summarized and deconstructed.
November 11, 2003,  Submit comment
A trailer for the security track at JavaPolis featuring O.S. security semantics in language-based systems, JAAS and auditing.
1 page [ 1 ]
Subscribe to be notified of new weblog posts by Johan Peeters via RSS.

Sponsored Links


Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use