The resurgence of design thinking in enterprise software development might seem paradoxical in an era dominated by AI-generated solutions. Yet after witnessing countless projects, the truth is clear: AI makes technical implementation easier while understanding user needs becomes harder. The 5-Phase Design Thinking Framework Why Design Thinking Matters More in the AI Era The proliferation […]
Read more →Category: Development Process
Software Development Life Cycle Processes
DevSecOps: Integrating Security into DevOps – Part 4
In this continuation blog, we will explore some more advanced topics related to DevSecOps implementation. Threat Modeling Threat modeling is the process of identifying potential threats to an application or system and evaluating their impact. It helps identify potential security vulnerabilities and prioritize security activities. The following steps are involved in the threat modeling process: […]
Read more →DevSecOps: Integrating Security into DevOps – Part 5
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Identity and Access Management Identity and Access Management (IAM) is a critical aspect of DevSecOps. It involves managing user identities and controlling their access to resources based on their roles and responsibilities. IAM includes the following activities: Infrastructure as Code […]
Read more →Security as Code: Why DevSecOps Is No Longer Optional in 2025
The traditional approach to security—treating it as a final checkpoint before deployment—has become a liability in modern software delivery. After two decades of building enterprise systems, I’ve witnessed the painful evolution from “security as an afterthought” to “security as code.” In 2025, DevSecOps isn’t just a best practice; it’s a survival requirement for any organization […]
Read more →DevSecOps: Integrating Security into DevOps – Part 6
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Threat Intelligence Threat intelligence is the process of gathering information about potential threats and vulnerabilities to an organization’s systems and applications. It involves collecting, analyzing, and disseminating information about potential threats, vulnerabilities, and threat actors. Threat intelligence includes the following […]
Read more →DevSecOps: Integrating Security into DevOps – Part 7
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Automated Vulnerability Management Automated vulnerability management is a key practice in DevSecOps. It involves using automated tools to identify, prioritize, and remediate vulnerabilities in an organization’s systems and applications. Automated vulnerability management includes the following activities: Shift-Left Testing Shift-left testing […]
Read more →