“Like matter and antimatter, in the presence of unplanned work, all planned work ignites with incandescent fury, incinerating everything around it.” ~ Gene Kim, The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win1 The book makes the case for proper planning, rigor, and discipline as an antidote to getting out of the impossible quagmire of technical debt, tightly coupled systems and unachievable product deadlines.

“Teams that are best at DevOps and continuous delivery can release software thousands of times more quickly and with a small fraction of the defects.” The above quote is from Dave Farley’s review1 of “The State of DevOps” report2. It rang so true that I tweeted it. Martin Fowler responded to the original Tweet from Dave asking if there was a transcript available.

As a person who loves checking off items in ’to-do’ lists and checklists, I’ve always liked books that have a list of rules/principles. Hence books like Effective Java, 201 Principles are the ones that come to mind when I think of a reading list of books related to Software Development.

Course from Coursera by Google

Background While writing a note about My Reading Journey, I was reminded that I hadn’t put a section on list of books related to Computer Science in My Reading List. Was reminded of that again when I read today’s WSJ. The paper had a section towards the end dedicated to Cybersecurity.

Came across a list of Threat Models in a book on Zero Trust Networks that I just started reading. I had heard of two models in the past - STRIDE and DREAD in the context of security thread classification and ranking for Cyber-physical systems Seifert & Reza (2016). Before going into the popular models, what is Threat Modeling?

Course from Coursera by Google

Intro Wanted to create an API spec for brainstorming an API that we’re developing. Swagger is probably the most popular API design tool. I had used Apiary (https://apiary.io/) in the past (2013-14). It had features like defining the API spec using yaml and it getting rendered beautifully as API documentation. Nothing like a great API documentation that shows different methods, parameters, objects, input/output status codes and even a server/sandbox to try it out.

The optimism around cybersecurity was dampened today by a news article on WSJ - “Cybersecurity Startups Feel a Pinch on Funding and Sales”. Cybersecurity startups are finding they have to do more with less, as the economic drag of coronavirus precautions makes it difficult to sell their products and enlist new customers while it simultaneously diminishes the size of their funding rounds, investors say.

Starting to read up on blockchain. RV mentioned that I might need to learn Go if I need to tryout some HyperLedger frameworks in the future. Go has a cool playground to try things online and a tour which teaches you basics. Rather than looking at them, I wanted to look at some actual code and infer how things work.