A lightning talk from DevSecCon 2022 on reviewing code for security vulnerabilities.

Is this okay!? How to review code for security issues (DevSecCon 2022)

Use git bisect to figure out when you broke the tests.

Use git bisect to see when you broke the tests

Here are some Videos, Slides and Articles that I've found helpful in better understanding our industry's diversity and inclusion problem.

Diversity and Inclusion Resources

I recently spent some time helping a startup set up their technical hiring process. Here are the highlights of what I learned about inclusive job adverts.

Writing inclusive job adverts

Whether reviewing a pull request or your own code, here are eight security questions to ask yourself every time.

Secure your code review: 8 key questions to ask

A talk from the February 2025 Lean Agile Edinburgh Meetup on the Ship/Show/Ask branching strategy.

Ship/Show/Ask: a modern branching strategy (Lean Agile Edinburgh 2025)

A talk from Lean Agile Scotland 2024 on Ship/Show/Ask — a branching strategy that balances speed and collaboration.

Ship/Show/Ask: a modern branching strategy (Lean Agile Scotland 2024)

A talk from the August 2024 Cyber Scotland Connect Meetup on practical techniques for reviewing code with security in mind.

Secure Code Reviews (Cyber Scotland Connect Meetup 2024)

Using the builder pattern in your tests can help reduce duplication while still helping you create very readable, specific tests.

Using a builder pattern for tests

A talk from NDC Security Oslo 2023 on eight practical questions to ask when reviewing code for security vulnerabilities.

Is this okay!? How to review code for security issues

A modern branching strategy that combines the features of Pull Requests with the ability to keep shipping changes.

Ship / Show / Ask

A deployment pipeline is your preflight checklist for getting code to production. Here are three key steps to get started.

How to set up your first software deployment pipeline

Today I learned that you can neatly pack all the files in your git repository into a tarball, automatically excluding files in your gitignore

TIL: Add your git repo to a tarball

The skills you need to thrive in an inclusive workplace are actually the same skills that will make you an amazing software developer

Want to be a better developer? Work somewhere inclusive.

It doesn't matter how quickly you can build software if you can't get it in front of users. Here's a roundup of the most useful resources for improving your release velocity.

40+ great resources that will rock your release velocity

A talk from Lean Agile Scotland 2019 on using production monitoring as a quality strategy — and how to fail better when things go wrong.

Fail better with QA in Production (Lean Agile Scotland 2019)

A talk from the September 2019 Tes Engineering Knowledge Sharing session on how to get started contributing to open source projects.

Contributing to open source is easier than you think (Tes Engineering 2019)

Good microservices have a clear purpose, but not all good microservices have a clear owner. Here is how to best manage shared services.

4 ways to stop your shared microservices from falling apart

Fixing production bugs can be scary and overwhelming. Here are some tricks to help you stay calm and fix even the most terrifying production bug.

10 stress-free steps to fix even the scariest bugs

When faced with an unrealistic deadline, there's a choice to be made. Something's got to give. Here are three techniques to help.

3 prioritization techniques to beat software deadline stress

When so much of the support process goes unnoticed, it's difficult to know where you could be saving time. Here are some questions to ask.

How much is your software support costing you?

You don't need any AI at all to build applications that heal themselves. Here are four key patterns to get started.

How to develop self-healing apps: 4 key patterns

Here are key factors to consider as you build tests that account for all of your cross-functional requirements.

How many layers does your testing cake have?

Tired of your commits taking >10 seconds? Give this a bash.

Quick, clean commits with partial linting

Is your organisation stuck with outdated modes of working and struggling to innovate? DevOps alone is not enough—here is why.

Why your DevOps transformation is failing

Useful lessons I've learned over two years working without dedicated testers.

Two years with no testers: What I learned

Testers tend to get themselves into unnecessary tangles as a result of how they create and maintain their test data. Here are five ways to keep things simple.

5 cures for your test data headaches

A talk from DevConf 2018 on investigating production incidents — what they reveal about your systems and how to learn from them.

The curious case of the production incident (DevConf 2018)

A microservices ecosystem pairs well with a more pragmatic approach to testing. Here are some practical tips for testing microservices.

5 ways to put your microservices to the test

A talk from Agile Africa 2017 on production monitoring as a quality strategy — the tests you never wrote and what to use instead.

QA in production: the tests we never wrote (Agile Africa 2017)

Not sure whether your next feature needs a UI test? Here's a simple set of questions to help you decide.

Should you write automated UI tests? 4 questions to answer first

A set of techniques that focus on fostering a keen awareness of what the actual issues are in production.

3 production QA practices that will save your business money

DevOps practices can push the boundaries further, reducing the cost of change dramatically.

5 ways to cheat the software change curve with DevOps

Things always go wrong in production, but this doesn't have to be a bad thing. Here's how to use production as a quality signal.

QA in Production

A talk from JavaScript in South Africa 2017 on building and running JavaScript microservices in production — the patterns that work and the chaos you have to manage.

Organised chaos: real-world JavaScript microservices (JS in SA 2017)

I've seen teams get slowed down by their approach to testing. Here's how you can avoid that fate.

Are your tests slowing you down?

Even with the best tools, DevOps is just another buzzword if you don't have the right culture.

DevOps culture

Even as they focus on breaking down silos, the teams formed to champion DevOps end up becoming silos themselves.

Don't be a DevOps hero. You're just creating a DevOps silo

Thanks to an explosion of DevOps tools and techniques, releasing new features no longer needs to be stressful.

3 techniques for stress-free release management

How many people are using your website right now? Which features are their favorites? Create the right dashboards and you will have the answers all around you, all the time.

Killer dashboards: What to include and how to build them

11 ideas you can use to give your deployment pipeline that extra push.

11 ideas to crank your deployment pipeline to 11

Make shipping easier with a deployment pipeline.

Running the gauntlet: Setting up your first deployment pipeline

A talk from Agile Africa 2015 on emergent design — why building software incrementally produces better architecture than planning it all upfront.

Emergent Design: Cakes, Showers and Electricians (Agile Africa 2015)

In the world of 'automate everything' – where do you fit in? Is the role of the QA dead?

Is QA dead?

Let's face it. All websites need CSS and yours is probably awful. Here's how to fix that.

Stylish and sane: a guide to better CSS

Building software is something your business needs to do well. Here are four attributes that distinguish the organisations that get it right.

Four attributes of an agile business

A talk from Agile Africa 2014 on the four attributes that define businesses that build software well — and how to develop them.

Four Attributes of an Agile Business (Agile Africa 2014)

Worried your next hire doesn't know your tech stack? Although this reaction is natural, it's misguided.

All Posts

Is this okay!? How to review code for security issues (DevSecCon 2022)

Use git bisect to see when you broke the tests

Diversity and Inclusion Resources

Writing inclusive job adverts

Secure your code review: 8 key questions to ask