Archive of posts in category 'Quality'

Please note: This archive page is only available in English. If a German version of a post is available, you can change the language once you've opened the post.
See all posts

Scroll down to see more ...

post icon DevSecOps Report – Proactively prevent vulnerabilities

09/17/2021 Daniel Huchthausen in Quality

DevSecOps Report – Proactively prevent vulnerabilities

Terms like DevOps or DevSecOps have become an integral part of our industry. In other words, agile software development that is focused on security is one of the most important approaches to modern development. Or is it?

Read more
post icon Want developers to code with security awareness? Bring the training to them.

09/08/2021 Matias Madou in Quality

Want developers to code with security awareness? Bring the training to them.

These are exciting times, with digital transformation bringing new disruptive technologies that impact the way we work, sleep, eat and how we spend our personal time. For developers, this fast paced world offers plenty of opportunity to be part of something great. The chance to make their mark on a project that would affect others for decades to come. But as these new opportunities emerge, so do new risks.

Read more
post icon Is it possible to shorten release cycles and improve security at the same time?

09/02/2021 Daniel Huchthausen in Quality

Is it possible to shorten release cycles and improve security at the same time?

The world’s reliance on software is already great and will continue to grow. That's why the security of applications will also become increasingly important. This development is further reinforced by the global pandemic, as more businesses and services have increased their online availability. The U.S. Federal Bureau of Investigation (FBI), for example, has reported a 300% increase in cybercrime since the beginning of the pandemic: This shows that with the growing reliance on software and applications, the risk of attacks is also increasing.

Read more
post icon More security thanks to micro-learning and gamification – Secure Code Warrior plugin for SCM-Manager

06/17/2021 Daniel Huchthausen in Quality

More security thanks to micro-learning and gamification – Secure Code Warrior plugin for SCM-Manager

The regularity of media reports on cyberattacks shows that security is, or should be, a key issue for software development teams these days. Learning methods like micro-learning and gamification help to raise awareness and knowledge about security issues. The new Secure Code Warrior plugin for SCM-Manager integrates these approaches into the review process.

Read more
post icon How to use Clean Code Development effectively in 2020

05/19/2020 Artur Klosek in Quality

How to use Clean Code Development effectively in 2020

You can find out here how Clean Code Development can help you and what hurdles the integration of the approach entails in everyday life

Read more
post icon DevSecOps and GDPR – Why Open-Source Governance is so important

09/04/2018 Shane Close in Quality

DevSecOps and GDPR – Why Open-Source Governance is so important

In an economy that is shaped by applications, software development teams face the challenge to release new versions faster, improve the quality and to expedite innovation.

Read more
post icon Crypto 101 basics

04/25/2018 Oliver Milke in Quality

Crypto 101 basics

Especially in DevOps-environment like ours, developers are increasingly coming into contact with cryptography. This post layes out practice-oriented fundamentals for everyday development work without diving too far into security-related aspects.

Read more
post icon Functional Testing with Gauge

01/17/2017 Daniel Huchthausen in Quality

Functional Testing with Gauge

Gauge is a lightweight behavior driven testing framework that allows you to automate end-to-end tests. In this post we will show an example of how to write a test framework with Gauge in Java code. If you want to learn how to install and get started with Gauge, you should read this introductory post from our partner blog.

Read more
post icon Testing Docker© Infrastructure with Serverspec

10/06/2016 Daniel Huchthausen in Quality

Testing Docker© Infrastructure with Serverspec

It is already quite common to describe infrastructure in code with e.g. Puppet or Chef. These days there is another option for that: Docker©. Especially for Docker© it is important to keep track of the infrastructure’s configuration, because sources for your containers might have changed or vanished. Therefore you should test your infrastructure to ensure that it is as expected. Serverspec offers you the ability to do exactly that.

Read more
post icon How to improve software quality

02/24/2016 Daniel Huchthausen in Quality

How to improve software quality

In the last post we defined quality as » the degree of conformance to explicit or implicit requirements and expectations« and took a closer look at the different terms of the definition. During this examination it became clear that quality starts with thoroughly defined requirments. In this post we want to go one step further and show which steps can be taken to improve quality.

Read more
post icon Understanding Software Quality

02/24/2016 Daniel Huchthausen in Quality

Understanding Software Quality

People often talk about high quality software products, but what is that? How can you measure or compare the quality of an application? Let´s take a closer look at this topic and discuss what quality is all about and how it can be improved.

Read more
post icon Automatic Code Review with SonarQube and Jenkins Part 2/2

09/11/2014 Daniel Huchthausen in Quality

Automatic Code Review with SonarQube and Jenkins Part 2/2

Subsequent to the first part of this post you can improve your code quality by implementing an automated code review system to your projects. You only need to perform a few modifications to SCM-Manager, Jenkins and SonarQube. In the first part of this article we already showed you the necessary configuration of SCM-Manager and Jenkins. Now, in the second part we will show you the necessary modifications to integrate SonarQube to the automated process.

Read more
post icon Automatic Code Review with SonarQube and Jenkins Part 1/2

09/09/2014 Daniel Huchthausen in Quality

Automatic Code Review with SonarQube and Jenkins Part 1/2

A good way to improve code quality is to use code review. Often teams recoil from code review because it demands a lot of time. An alternative could be an automated code review system that checks your code for compliance with certain metrics and rules. With the Cloudogu EcoSystem you can implement such a system based on SCM-Manager, Jenkins and SonarQube. In this first part we will show you how to configure SCM-Manager and Jenkins. The second part will be about extending the system by integrating SonarQube. 

Read more