CISO Tradecraft

CISO Tradecraft header image 1
March 26, 2021  

CISO Tradecraft: Modern Software Development Practices

March 26, 2021

Would you like to know the best practices in modern software development?  On this episode G Mark Hardy and Ross Young overview the 12 Factor App and its best practices:

  1. Codebase: One codebase tracked in revision control with many deploys.
  2. Dependencies: Explicitly declare and isolate dependencies.
  3. Config: Store configurations in the environment.
  4. Backing Services: Treat backing services as attached resources
  5. Build, Release, Run: Strictly separate build and run stages 
  6. Processes: Execute the app as one or more stateless processes.
  7. Port Binding: Export services are via port binding.
  8. Concurrency: Scale out via the process model.
  9. Disposability: Maximize robustness with fast startups and graceful shutdowns.
  10. Dev/Prod parity: Keep development, staging, and production as similar as possible.
  11. Logs: Treat logs as event streams.
  12. Admin Processes: Run admin/management tasks as one-off processes.

The episode of CISO Tradecraft discusses important software development concepts such as Extreme Programming, Lean Product Development, and User Centered Design Methodologies.  To learn more about these important concepts please look at the Pivotal Process