While some fear is healthy (often viewed as a conscience that tells programmers to be careful!), the author believes that byproducts of fear include tentative, grumpy, and uncommunicative programmers who are unable to absorb constructive criticism. When programming teams buy into TDD, they immediately see positive results. They eliminate the fear involved in their jobs, and are better equipped to tackle the difficult challenges that face them. TDD eliminates tentative traits, it teaches programmers to communicate, and it encourages team members to seek out criticism However, even the author admits that grumpiness must be worked out individually! In short, the premise behind TDD is that code should be continually tested and refactored. Kent Beck teaches programmers by example, so they can painlessly and dramatically increase the quality of their work.

    You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

    Salesforce.com (more than 50%) and Twitter (more than 75% fall into this category. Ebay gets more than 8 billion API calls a month. Facebook and Google, have dozens of APIs that enable both free services and e-commerce, get more than 5 billion API calls each day. Other companies like NetFlix have expanded their service of streaming movies over the the web to dozens of devices using API. At peak times, more than 20 percent of all traffic is accounted for by Netflix through its APIs. Companies like Sears and E-Trade are opening up their catalogs and other services to allow developers and entrepreneurs to create new marketing experiences. Making an API work to create a new channel is not just a matter of technology. An API must be considered in terms of business strategy, marketing, and operations as well as the technical aspects of programming. This book, written by Greg Brail, CTO of Apigee, and Brian Mulloy, VP of Products, captures the knowledge of all these areas gained by Apigee, the leading company in supporting the rollout of high traffic APIs.

    Stylin with CSS teaches you everything you need to know start using CSS in your web development work, from the basics of markup of your content and styling text, through to creating multi-column page layouts without the use of tables. Learn how to create interface components, such as drop-down menus, navigation links, and animated graphical buttons, using only CSS no JavaScript required. Discover how to design code that will work on the latest standard-compliant browsers, while working around the quirks of the older browsers. With a mastery of CSS, your web design capabilities will move to a new level, and everything you need to know to get your started and build your skills is right here in this book. You ll be stylin in no time!"

    This groundbreaking new book sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers, and operations, delivery teams can get changes released in a matter of hours-- sometimes even minutes-no matter what the size of a project or the complexity of its code base. Jez Humble and David Farley begin by presenting the foundations of a rapid, reliable, low-risk delivery process. Next, they introduce the "deployment pipeline," an automated process for managing all changes, from check-in to release. Finally, they discuss the "ecosystem" needed to support continuous delivery, from infrastructure, data and configuration management to governance. The authors introduce state-of-the-art techniques, including automated infrastructure management and data migration, and the use of virtualization. For each, they review key issues, identify best practices, and demonstrate how to mitigate risks. Coverage includes - Automating all facets of building, integrating, testing, and deploying software - Implementing deployment pipelines at team and organizational levels - Improving collaboration between developers, testers, and operations - Developing features incrementally on large and distributed teams - Implementing an effective configuration management strategy - Automating acceptance testing, from analysis to implementation - Testing capacity and other non-functional requirements - Implementing continuous deployment and zero-downtime releases - Managing infrastructure, data, components and dependencies - Navigating risk management, compliance, and auditing Whether you're a developer, systems administrator, tester, or manager, this book will help your organization move from idea to release faster than ever--so you can deliver value to your business rapidly and reliably.

    Every Nmap feature is covered with visual examples to help you quickly understand and identify proper usage for practical results.Topics covered include:* Installation on Windows, Mac OS X, Unix/Linux platforms* Basic and advanced scanning techniques* Network inventory and security auditing* Firewall evasion techniques* Zenmap - A graphical front-end for Nmap* NSE - The Nmap Scripting Engine* Ndiff - A Nmap scan comparison utilitySimplified coverage of Nmap 5.00 features.

    NOTE: this Alpha Edition is missing some chapters and may contain errors. See http://saasbook.info for details.

    The rapid maturation of PHP has created a skeptical population of users from more traditional enterprise languages who question the readiness and ability of PHP to scale, as well as a large population of PHP developers without formal computer science backgrounds who have learned through the hands-on experimentation while developing small and midsize applications in PHP. While there are many books on learning PHP and developing small applications with it, there is a serious lack of information on scaling PHP for large-scale, business-critical systems. Schlossnagle's Advanced PHP Programming fills that void, demonstrating that PHP is ready for enterprise Web applications by showing the reader how to develop PHP-based applications for maximum performance, stability, and extensibility.

    The patterns apply to the development process as well as to architecture and coding practices. The content is based on a presentation developed by Scott Guthrie and delivered by him at the Norwegian Developers Conference (NDC) in June of 2013 (part 1, part 2), and at Microsoft Tech Ed Australia in September 2013 (part 1, part 2). Many others updated and augmented the content while transitioning it from video to written form. Who should read this book Developers who are curious about developing for the cloud, are considering a move to the cloud, or are new to cloud development will find here a concise overview of the most important concepts and practices they need to know. The concepts are illustrated with concrete examples, and each chapter includes links to other resources that provide more in-depth information. The examples and the links to additional resources are for Microsoft frameworks and services, but the principles illustrated apply to other web development frameworks and cloud environments as well. Developers who are already developing for the cloud may find ideas here that will help make them more successful. Each chapter in the series can be read independently, so you can pick and choose topics that you're interested in. Anyone who watched Scott Guthrie's "Building Real World Cloud Apps with Windows Azure" presentation and wants more details and updated information will find that here. Assumptions This ebook expects that you have experience developing web applications by using Visual Studio and ASP.NET. Familiarity with C# would be helpful in places.

    Jonathan Stark shows you how to leverage your existing web development skills to build native iPhone applications using these technologies." --John Allsopp, author and founder of Web Directions"Jonathan's book is the most comprehensive documentation available for developing web applications for mobile Safari. Not just great tech coverage, this book is an easy read of purely fascinating mobile tidbits in a fun colloquial style. Must have for all PhoneGap developers." -- Brian LeRoux, Nitobi SoftwareIt's a fact: if you know HTML, CSS, and JavaScript, you already have the tools you need to develop your own iPhone apps. With this book, you'll learn how to use these open source web technologies to design and build apps for the iPhone and iPod Touch on the platform of your choice-without using Objective-C or Cocoa.Device-agnostic mobile apps are the wave of the future, and this book shows you how to create one product for several platforms. You'll find guidelines for converting your product into a native iPhone app using the free PhoneGap framework. And you'll learn why releasing your product as a web app first helps you find, fix, and test bugs much faster than if you went straight to the App Store with a product built with Apple's tools.Build iPhone apps with tools you already know how to useLearn how to make an existing website look and behave like an iPhone appAdd native-looking animations to your web app using jQTouchTake advantage of client-side data storage with apps that run even when the iPhone is offlineHook into advanced iPhone features -- including the accelerometer, geolocation, and vibration -- with JavaScriptSubmit your applications to the App Store with XcodeThis book received valuable community input through O'Reilly's Open Feedback Publishing System (OFPS). Learn more at http://labs.oreilly.com/ofps.html.

    This book draws on material Michael created for his renowned Object Mentor seminars, techniques Michael has used in mentoring to help hundreds of developers, technical managers, and testers bring their legacy systems under control. The topics covered include: Understanding the mechanics of software change, adding features, fixing bugs, improving design, optimizing performance Getting legacy code into a test harness Writing tests that protect you against introducing new problems Techniques that can be used with any language or platform, with examples in Java, C++, C, and C# Accurately identifying where code changes need to be made Coping with legacy systems that aren't object-oriented Handling applications that don't seem to have any structureThis book also includes a catalog of twenty-four dependency-breaking techniques that help you work with program elements in isolation and make safer changes.

    

    In Understanding ECMAScript 6, expert developer Nicholas C. Zakas provides a complete guide to the object types, syntax, and other exciting changes that ECMAScript 6 brings to JavaScript. Every chapter is packed with example code that works in any JavaScript environment so you'll be able to see new features in action. You'll learn:How ECMAScript 6 class syntax relates to more familiar JavaScript conceptsWhat makes iterators and generators usefulHow arrow functions differ from regular functionsWays to store data with sets, maps, and moreThe power of inheritanceHow to improve asynchronous programming with promisesHow modules change the way you organize codeWhether you're a web developer or a Node.js developer, you'll find Understanding ECMAScript 6 indispensable on your journey from ECMAScript 5 to ECMAScript 6.

    Leading Scrum coach and trainer Kenny Rubin illuminates the values, principles, and practices of Scrum, and describes flexible, proven approaches that can help you implement it far more effectively. Whether you are new to Scrum or years into your use, this book will introduce, clarify, and deepen your Scrum knowledge at the team, product, and portfolio levels. Drawing from Rubin's experience helping hundreds of organizations succeed with Scrum, this book provides easy-to-digest descriptions enhanced by more than two hundred illustrations based on an entirely new visual icon language for describing Scrum's roles, artifacts, and activities. Essential Scrum will provide every team member, manager, and executive with a common understanding of Scrum, a shared vocabulary they can use in applying it, and practical knowledge for deriving maximum value from it.

    It is through an understanding of service design that truly service-oriented solution logic can be created in support of achieving the strategic goals associated with SOA and service-oriented computing. Bestselling SOA author Thomas Erl guides you through a comprehensive, insightful, and visually rich exploration of the service-orientation design paradigm, revealing exactly how services should and should not be designed for real-world SOA. concise introduction to SOA and service-oriented computing concepts and benefits* A thorough exploration of the service-orientation design paradigm as represented by eight specific design principles* A comparison of service-oriented and object-oriented concepts and principles and a clear definition of what qualifies as service-oriented logic* Detailed coverage of four different forms of service-related design granularity* An exhaustive examination of service contracts, with an emphasis on standardization, abstraction, and the utilization of WS-Policy, XML Schema, and WSDL definitions* A comprehensive study of various forms of service-related coupling with an emphasis on the requirements to attaining a suitable level of loose coupling.* achieve truly agnostic and reusable service logic* Techniques for maximizing service reliability, scalability, and performance by instilling high levels of autonomy and emphasizing stateless design* Approaches for positioning services as highly discoverable and interpretable enterprise resources* Unprecedented coverage of how to design services for participation in complex compositions* The definition of concrete links between each design principle and the strategic goals and benefits of SOA and service-oriented computing* Numerous cross-references to key design patterns documented separately in SOA: Design Patterns www.soabooks.com supplements this book with a variety of resources, including content updates, corrections, and sample chapters from other books. www.soaspecs.com provides further support by establishing a descriptive portal to industry specifications referenced in all of the series titles. www.soaglossary.com establishes a master glossary for all SOA titles in this series. www.prenhallprofessional.comwww.soabo... Foreword Chapter 1: OverviewChapter 2: Case Study Background Pa