DevOps, as discussed in last weeks blog, brings a number of benefits to software firms that need to quickly get their coded goose to market, so to speak. Most of these are tangible benefits, while some are unquantifiable advantages that certainly help deliver the goods. I’m going to run through 5 benefits here today; two technical, two business, and one unmeasurable.
DevOps is a word that has been creeping into the Software Development Life Cycle (SDLC) lingo of late, and it's not one readily understood. Much like some new meme you missed when making coffee and upon your return are left wondering if everyone around you is speaking the same language, or fully compos mentis, it provokes sideways glances and fake nods of agreement. So, for arguments sake I am going to define the term today, and let this forever be the dictionary definition.
Last week I covered the general idea behind Cross-site Scripting (XSS), and this week I am going to get a little deeper into how you can prevent it happening to your web app or site. There are a number of tactics you can use to make your project a less attractive target, and even though it’s probably impossible to have a complex user app and be totally immune to XSS, you can at least be more difficult than the next guy. This gives you the added advantage of sending wannabe hackers towards easier pickings.
One of the good things about writing a weekly blog is the impetus it provides to keep studying different topics. This week Cross-site Scripting (XSS) is in the crosshairs, as it is of the most common security vulnerabilities in software (see chart below, sourced from the WHID. Essentially an attacker embeds a script on a page, which is then executed on the client-side rather than on the server-side. Typical client-side scripting languages are HTML and JavaScript, or even SVG.
Two weeks ago I covered the benefits of building a good team and how it pays off once you get over the initial hurdles, which require engendering a level of trust, ownership, and confidence in those around you. This week I want to focus more specifically on how using the right tools can aid and accelerate this process.