Shakedown Social

BillOSS Rebuild is a new tool by Google that will fetch and recompile every referenced component in your build chain. How bout dem apples, supply chain criminals?<a href="https://oss-rebuild.dev/" rel="nofollow noopener" translate="no" target="_blank">https://oss-rebuild.dev/</a><a href="https://infosec.exchange/tags/supplychain" class="mention hashtag" rel="nofollow noopener" target="_blank">#supplychain</a> <a href="https://infosec.exchange/tags/sdlc" class="mention hashtag" rel="nofollow noopener" target="_blank">#sdlc</a>

JL Johnson :veri_mast:Jira doesn't natively support test cases?! Then why does everyone use it? I'm a Rally guy. *ALL* project artifacts live there. How is Rally not the leader? And why in the hell are we stepping WAY back in time with test cases in excel in order to use Jira instead of Rally? <a href="https://vmst.io/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://vmst.io/tags/CorpLife" class="mention hashtag" rel="nofollow noopener" target="_blank">#CorpLife</a> <a href="https://vmst.io/tags/Jira" class="mention hashtag" rel="nofollow noopener" target="_blank">#Jira</a> <a href="https://vmst.io/tags/WhoMovedMyCheese" class="mention hashtag" rel="nofollow noopener" target="_blank">#WhoMovedMyCheese</a>

CybersecKyleI need a little breather. I’ve been working hard on these prototypes for my class project. I think I’ll grab a bite and relax for a while. <a href="https://infosec.exchange/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://infosec.exchange/tags/Prototypes" class="mention hashtag" rel="nofollow noopener" target="_blank">#Prototypes</a> <a href="https://infosec.exchange/tags/College" class="mention hashtag" rel="nofollow noopener" target="_blank">#College</a> <a href="https://infosec.exchange/tags/Design" class="mention hashtag" rel="nofollow noopener" target="_blank">#Design</a>

JL Johnson :veri_mast:Part of my newly expanded role at work is finance and portfolio management. Which on one hand is kind of interesting. But on the other hand... is TERRIBLE. It's a new year. So all of these teams across the enterprise have a fresh infusion of cash and want their projects (and MY limited resources) NOW.I get it. But also: I have my own projects I need my dev teams working on. So get in line. Cue the escalations, whining, and complaining...<a href="https://vmst.io/tags/CorpLife" class="mention hashtag" rel="nofollow noopener" target="_blank">#CorpLife</a> <a href="https://vmst.io/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://vmst.io/tags/ProjectManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProjectManagement</a>

JL Johnson :veri_mast:My company can't decide on if we want to use Rally, or Jira. So, obviously we're using both. Because, why not?I have more experience with Rally, but the industry standard feels like Jira. Honestly I wish we'd just pick one already.<a href="https://vmst.io/tags/CorpLife" class="mention hashtag" rel="nofollow noopener" target="_blank">#CorpLife</a> <a href="https://vmst.io/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://vmst.io/tags/Jira" class="mention hashtag" rel="nofollow noopener" target="_blank">#Jira</a> <a href="https://vmst.io/tags/Rally" class="mention hashtag" rel="nofollow noopener" target="_blank">#Rally</a>

Slim Bill (He/Him)Inside the SunBurst Attack A Bit of Security for December 9, 2024 SunBurst has two important lessons for us: supply chain security and security vendor claims. Listen to this - <a href="https://youtu.be/Gu1dFqfzf6s" rel="nofollow noopener" target="_blank">https://youtu.be/Gu1dFqfzf6s</a> Let me know what you think! <a href="https://noc.social/tags/cybersecuritytips" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecuritytips</a> <a href="https://noc.social/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#supplychainattack</a> <a href="https://noc.social/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://noc.social/tags/softwarebuild" class="mention hashtag" rel="nofollow noopener" target="_blank">#softwarebuild</a> <a href="https://noc.social/tags/AIforsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#AIforsecurity</a> <a href="https://noc.social/tags/BitofSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#BitofSec</a>

Slim Bill (He/Him)Testing Requirements A Bit of Security for August 29, 2024 How do you test software? It’s easy – you see if the code does what the requirements say. Listen to this - Let me know what you think in the comments below. <a href="https://noc.social/tags/cybersecuritytips" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecuritytips</a> <a href="https://noc.social/tags/softwaretest" class="mention hashtag" rel="nofollow noopener" target="_blank">#softwaretest</a> <a href="https://noc.social/tags/codequality" class="mention hashtag" rel="nofollow noopener" target="_blank">#codequality</a> <a href="https://noc.social/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://noc.social/tags/QA" class="mention hashtag" rel="nofollow noopener" target="_blank">#QA</a> <a href="https://noc.social/tags/BitofSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#BitofSec</a> <a href="https://youtu.be/8Yga4JuZyv8" rel="nofollow noopener" target="_blank">https://youtu.be/8Yga4JuZyv8</a>

billseipelWhat do you do when the business side can't stick with a schedule?You cannot just upend weeks of Sprints because someone higher up dropped a ball.<a href="https://fosstodon.org/tags/sdlc" class="mention hashtag" rel="nofollow noopener" target="_blank">#sdlc</a> <a href="https://fosstodon.org/tags/agile" class="mention hashtag" rel="nofollow noopener" target="_blank">#agile</a>

billseipel3 weeks ago our Sprint schedule was completely upended. Switched on a dime to an implementstion that went live...TODAY.To say that someone "dropped the ball", is an understatement. There was no real, thorough QA. No thorough UAT.Multiple apps, databases updated.A complete abhoration of the SDLC.Meatball surgery. Get it done...as fast as possible... we'll fix it post-release.A horrendous way to develop software. But the client will pay for it with the 60+ hours of overtime.<a href="https://fosstodon.org/tags/sdlc" class="mention hashtag" rel="nofollow noopener" target="_blank">#sdlc</a>

Slim Bill (He/Him)A Bit of Security for Feb 16, 2024 How can we cut down on the number of security defects in code? Let’s take a deep dive into the software development life cycle – the SDLC. Listen to this - Let me know what you think in the comments below or at wjmalik@noc.social <a href="https://noc.social/tags/cybersecuritytips" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecuritytips</a> <a href="https://noc.social/tags/Securecoding" class="mention hashtag" rel="nofollow noopener" target="_blank">#Securecoding</a> <a href="https://noc.social/tags/SDLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SDLC</a> <a href="https://noc.social/tags/CleanroomSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#CleanroomSoftware</a> <a href="https://noc.social/tags/BitofSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#BitofSec</a> <a href="https://youtu.be/dKBXvubN_gE" rel="nofollow noopener" target="_blank">https://youtu.be/dKBXvubN_gE</a>

Terra BruderIntroduction

Recent searches

Search options

Administered by:

Server stats:

#sdlc