Writings about software: development and security| beny23.github.io
This post is all about sustainablity. And communication. And agile. Let me start from the beginning. I’m sat on the train, coming back from Lean Agile Scotland 2024 and I’m thinking about what I’ve heard, seen and done. The conference was great, and allowed for catching up with old and new friends, finding kindred spirits and having good food. Yes, the older you get, the more important the question of “where shall we eat?| beny23.github.io
Writings about software: development and security| beny23.github.io
Sheffield is the city of steel, and at the heart of it lies a lovely university building - the Owen building that hosted the North’s premier hacker con And I had been accepted to talk at SteelCon about AppSec and Agile and who wouldn’t want to drive over Snake Pass to cross into the wrong side of the Pennines. [Ducks]. Over the past year, I found myself going to quite a few community infosec events (I did the Northern BSides triathlon last year - Lancs, Leeds and Newcastle) and I feel lik...| beny23.github.io
After the fantastic experience of speaking at Agile on the Beach 2023 a year before, I was back for more agile. This meant more driving: again I took the motorway barge for the long road trip from the North West to almost the tip of the South West. For international readers, when I say North West, I mean England, somewhere near Preston, and the South West is in pretty Falmouth, Kernow (Cornwall).| beny23.github.io
Peter Drucker said “What gets measured, gets managed”. When I turned up at Old Trafford, home of Manchester’s red team (it’s a security conference, geddit) for The Future of Cyber, I certainly was measurably impressed by the setting even though I’m usually found more on the blue spectrum of infosec. But let’s get into the talks! Measure, measure, measure First, Greg Notch talked about the importance of using metrics in communication.| beny23.github.io
About two months ago I stumbled across a great YouTube video of a talk by Charity Majors called Compliance standards should be modern development practices. Now let’s step back for a minute. Am I seriously suggesting that anything with the word “compliance” is going to be a riveting watch? Why, yes I am. And with good reason. I’m a fan of good security and I like agile. And I think one of the major stumbling blocks about putting Sec into DevOps is to forget the agile origins of DevOps...| beny23.github.io