Now this classic book has been fully updated and revised with leading-edge practices--and hundreds of new code samples--illustrating the art and science of software construction. Capturing the body of knowledge available from research, academia, and everyday commercial practice, McConnell synthesizes the most effective techniques and must-know principles into clear, pragmatic guidance. No matter what your experience level, development environment, or project size, this book will inform and stimulate your thinking--and help you build the highest quality code. Discover the timeless techniques and strategies that help you: Design for minimum complexity and maximum creativity Reap the benefits of collaborative development Apply defensive programming techniques to reduce and flush out errors Exploit opportunities to refactor--or evolve--code, and do it safely Use construction practices that are right-weight for your project Debug problems quickly and effectively Resolve critical construction issues early and correctly Build quality into the beginning, middle, and end of your project

    After splitting a monolithic application or building a microservice ecosystem from scratch, many engineers are left wondering what s next. In this practical book, author Susan Fowler presents a set of microservice standards in depth, drawing from her experience standardizing over a thousand microservices at Uber. You ll learn how to design microservices that are stable, reliable, scalable, fault tolerant, performant, monitored, documented, and prepared for any catastrophe.Explore production-readiness standards, including:Stability and Reliability: develop, deploy, introduce, and deprecate microservices; protect against dependency failuresScalability and Performance: learn essential components for achieving greater microservice efficiencyFault Tolerance and Catastrophe Preparedness: ensure availability by actively pushing microservices to fail in real timeMonitoring: learn how to monitor, log, and display key metrics; establish alerting and on-call proceduresDocumentation and Understanding: mitigate tradeoffs that come with microservice adoption, including organizational sprawl and technical debt"

    This groundbreaking new book sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers, and operations, delivery teams can get changes released in a matter of hours-- sometimes even minutes-no matter what the size of a project or the complexity of its code base. Jez Humble and David Farley begin by presenting the foundations of a rapid, reliable, low-risk delivery process. Next, they introduce the "deployment pipeline," an automated process for managing all changes, from check-in to release. Finally, they discuss the "ecosystem" needed to support continuous delivery, from infrastructure, data and configuration management to governance. The authors introduce state-of-the-art techniques, including automated infrastructure management and data migration, and the use of virtualization. For each, they review key issues, identify best practices, and demonstrate how to mitigate risks. Coverage includes - Automating all facets of building, integrating, testing, and deploying software - Implementing deployment pipelines at team and organizational levels - Improving collaboration between developers, testers, and operations - Developing features incrementally on large and distributed teams - Implementing an effective configuration management strategy - Automating acceptance testing, from analysis to implementation - Testing capacity and other non-functional requirements - Implementing continuous deployment and zero-downtime releases - Managing infrastructure, data, components and dependencies - Navigating risk management, compliance, and auditing Whether you're a developer, systems administrator, tester, or manager, this book will help your organization move from idea to release faster than ever--so you can deliver value to your business rapidly and reliably.

    More than four dozen architects -- including Neal Ford, Michael Nygard, and Bill de hOra -- offer advice for communicating with stakeholders, eliminating complexity, empowering developers, and many more practical lessons they've learned from years of experience. Among the 97 principles in this book, you'll find useful advice such as:Don't Put Your Resume Ahead of the Requirements (Nitin Borwankar) Chances Are, Your Biggest Problem Isn't Technical (Mark Ramm) Communication Is King; Clarity and Leadership, Its Humble Servants (Mark Richards) Simplicity Before Generality, Use Before Reuse (Kevlin Henney) For the End User, the Interface Is the System (Vinayak Hegde) It's Never Too Early to Think About Performance (Rebecca Parsons) To be successful as a software architect, you need to master both business and technology. This book tells you what top software architects think is important and how they approach a project. If you want to enhance your career, 97 Things Every Software Architect Should Know is essential reading.

    Today, Rails developers and architects need better ways to interface with legacy systems, move into the cloud, and scale to handle higher volumes and greater complexity. In Service-Oriented Design with Ruby and Rails Paul Dix introduces a powerful, services-based design approach geared toward overcoming all these challenges. Using Dix's techniques, readers can leverage the full benefits of both Ruby and Rails, while overcoming the difficulties of working with larger codebases and teams. Dix demonstrates how to integrate multiple components within an enterprise application stack; create services that can easily grow and connect; and design systems that are easier to maintain and upgrade. Key concepts are explained with detailed Ruby code built using open source libraries such as ActiveRecord, Sinatra, Nokogiri, and Typhoeus. The book concludes with coverage of security, scaling, messaging, and interfacing with third-party services. Service-Oriented Design with Ruby and Rails will help you Build highly scalable, Ruby-based service architectures that operate smoothly in the cloud or with legacy systems Scale Rails systems to handle more requests, larger development teams, and more complex code bases Master new best practices for designing and creating services in Ruby Use Ruby to glue together services written in any language Use Ruby libraries to build and consume RESTful Web services Use Ruby JSON parsers to quickly represent resources from HTTP services Write lightweight, well-designed API wrappers around internal or external services Discover powerful non-Rails frameworks that simplify Ruby service implementation Implement standards-based enterprise messaging with Advanced Message Queuing Protocol (AMQP) Optimize performance with load balancing and caching Provide for security and authentication

    You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

    It is offered for sale in print format as a convenience.Get a head start evaluating Windows 8.1 - with early technical insights from award-winning journalist and Windows expert Ed Bott. Based on the Windows 8.1 Preview release, this guide introduces new features and capabilities, with scenario-based advice on how Windows 8.1 can meet the needs of your business. Get the high-level overview you need to begin preparing your deployment now.Preview new features and enhancements, including:How features compare to Windows 7 and Windows XP The Windows 8.1 user experience Deployment Security features Internet Explorer 11 Delivering Windows apps Recovery options Networking and remote access Managing mobile devices Virtualization Windows RT 8.1

    This book is chock-full of material that will help you with your Django projects.We’ll introduce you to various tips, tricks, patterns, code snippets, and techniques that we’ve picked up over the years.

    At that career level, you’ll no longer be required to work towards the next promotion, and being promoted beyond it is exceptional rather than expected. At that point your career path will branch, and you have to decide between remaining at your current level, continuing down the path of technical excellence to become a Staff Engineer, or switching into engineering management. Of course, the specific titles vary by company, and you can replace “Senior Engineer” and “Staff Engineer” with whatever titles your company prefers. Over the past few years we’ve seen a flurry of books unlocking the engineering management career path, like Camille Fournier’s The Manager’s Path, Julie Zhuo’s The Making of a Manager, Lara Hogan’s Resilient Management and my own, An Elegant Puzzle. The management career isn’t an easy one, but increasingly there are maps available for navigating it. On the other hand, the transition into Staff Engineer, and its further evolutions like Principal and Distinguished Engineer, remains challenging and undocumented. What are the skills you need to develop to reach Staff Engineer? Are technical abilities alone sufficient to reach and succeed in that role? How do most folks reach this role? What is your manager’s role in helping you along the way? Will you enjoy being a Staff Engineer or you will toil for years to achieve a role that doesn’t suit you? "Staff Engineer: Leadership beyond the management track" is a pragmatic look at attaining and operating in these Staff-plus roles.

     It is about business process management (BPM) and Business Process Model and Notation (BPMN 2.0). Truth be told, there are several BPMN books on the market. Some of them are quite good, so why should you care about this one? This book distills the experience the authors accumulated while running Camunda, a consulting company that specializes in BPM. Camunda helped to define the BPMN specification, and during the past ten years, they have applied BPMN in over 1000 customer engagements. These were big businesses, small companies, and public institutions. Now you can benefit from this practical experience. Topics covered: The basics of modeling processes with Business Process Model and Notation (BPMN 2.0) Methods to apply BPMN successfully to real-world problems A practical approach for automating processes with BPMN 2.0 The alignment of business and IT as an attainable goal Advice on introducing BPMN across your company This book explains the notation, of course, but it also delves into the kinds of challenges that process designers face every day. It talks about pitfalls to avoid. It gives dos and don'ts. There are guidelines and best practices. In the 3rd edition we added introductions to the related BPM standards CMMN 1.1 for case management, handling unstructured processes DMN 1.1 for decision management, you might know as business rules management (BRM) This third edition in English is based on the successful fith German edition, which, according to amazon.de, it is the highest-ranked book on BPMN in German. The number of five-star ratings awarded by readers speaks volumes. Also available in Spanish. Note: The resolution of all images for the 3rd edition of the ebook has been increased to improve the digial reading experience.

    The exam is designed to ensure that someone who is handling computer security in a company has a standardized body of knowledge. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. It also provides tips on how to prepare for the exam and take the exam. It also contains CISSP practice quizzes to test ones knowledge. The first domain provides information about risk analysis and mitigation. It also discusses security governance. The second domain discusses different techniques for access control, which is the basis for all the security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental for operating the system and software security components. Domain 6 is a critical domain in the Common Body of Knowledge, the Business Continuity Planning, and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domains 7, 8, and 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework in determining the laws about information system.

    Web-based companies live or die by the ability to scale their infrastructure to accommodate increasing demand. This book is a hands-on and practical guide to planning for such growth, with many techniques and considerations to help you plan, deploy, and manage web application infrastructure.The Art of Capacity Planning is written by the manager of data operations for the world-famous photo-sharing site Flickr.com, now owned by Yahoo! John Allspaw combines personal anecdotes from many phases of Flickr's growth with insights from his colleagues in many other industries to give you solid guidelines for measuring your growth, predicting trends, and making cost-effective preparations. Topics include:Evaluating tools for measurement and deployment Capacity analysis and prediction for storage, database, and application servers Designing architectures to easily add and measure capacity Handling sudden spikes Predicting exponential and explosive growth How cloud services such as EC2 can fit into a capacity strategy In this book, Allspaw draws on years of valuable experience, starting from the days when Flickr was relatively small and had to deal with the typical growth pains and cost/performance trade-offs of a typical company with a Web presence. The advice he offers in The Art of Capacity Planning will not only help you prepare for explosive growth, it will save you tons of grief.

    The Web is awash in Ruby code that is now virtually impossible to change or extend. This text helps you solve that problem by using powerful real-world object-oriented design techniques, which it thoroughly explains using simple and practical Ruby examples. Sandi Metz has distilled a lifetime of conversations and presentations about object-oriented design into a set of Ruby-focused practices for crafting manageable, extensible, and pleasing code. She shows you how to build new applications that can survive success and repair existing applications that have become impossible to change. Each technique is illustrated with extended examples, all downloadable from the companion Web site, poodr.info. The first title to focus squarely on object-oriented Ruby application design, Practical Object-Oriented Design in Ruby will guide you to superior outcomes, whatever your previous Ruby experience. Novice Ruby programmers will find specific rules to live by; intermediate Ruby programmers will find valuable principles they can flexibly interpret and apply; and advanced Ruby programmers will find a common language they can use to lead development and guide their colleagues. This guide will help you Understand how object-oriented programming can help you craft Ruby code that is easier to maintain and upgrade Decide what belongs in a single Ruby class Avoid entangling objects that should be kept separate Define flexible interfaces among objects Reduce programming overhead costs with duck typing Successfully apply inheritance Build objects via composition Design cost-effective tests Solve common problems associated with poorly designed Ruby code

    As traffic volume and data demands increase, these applications become more complicated and brittle, exposing risks and compromising availability. This practical guide shows IT, devops, and system reliability managers how to prevent an application from becoming slow, inconsistent, or downright unavailable as it grows.Scaling isn't just about handling more users; it's also about managing risk and ensuring availability. Author Lee Atchison provides basic techniques for building applications that can handle huge quantities of traffic, data, and demand without affecting the quality your customers expect.In five parts, this book explores:Availability: learn techniques for building highly available applications, and for tracking and improving availability going forwardRisk management: identify, mitigate, and manage risks in your application, test your recovery/disaster plans, and build out systems that contain fewer risksServices and microservices: understand the value of services for building complicated applications that need to operate at higher scaleScaling applications: assign services to specific teams, label the criticalness of each service, and devise failure scenarios and recovery plansCloud services: understand the structure of cloud-based services, resource allocation, and service distribution

    For decades, technology leaders have struggled to balance agility, reliability, and security. The consequences of failure have never been greater whether it's the healthcare.gov debacle, cardholder data breaches, or missing the boat with Big Data in the cloud.And yet, high performers using DevOps principles, such as Google, Amazon, Facebook, Etsy, and Netflix, are routinely and reliably deploying code into production hundreds, or even thousands, of times per day.Following in the footsteps of The Phoenix Project, The DevOps Handbook shows leaders how to replicate these incredible outcomes, by showing how to integrate Product Management, Development, QA, IT Operations, and Information Security to elevate your company and win in the marketplace."Table of contentsPrefaceSpreading the Aha! MomentIntroductionPART I: THE THREE WAYS1. Agile, continuous delivery and the three ways2. The First Way: The Principles of Flow3. The Second Way: The Principle of Feedback4. The Third Way: The Principles of Continual LearningPART II: WHERE TO START5. Selecting which value stream to start with6. Understanding the work in our value stream…7. How to design our organization and architecture8. How to get great outcomes by integrating operations into the daily work for developmentPART III: THE FIRST WAY: THE TECHNICAL PRACTICES OF FLOW9. Create the foundations of our deployment pipeline10. Enable fast and reliable automated testing11. Enable and practice continuous integration12. Automate and enable low-risk releases13. Architect for low-risk releasesPART IV: THE SECOND WAY: THE TECHNICAL PRACTICES OF FEEDBACK14*. Create telemetry to enable seeing abd solving problems15. Analyze telemetry to better anticipate problems16. Enable feedbackso development and operation can safely deploy code17. Integrate hypothesis-driven development and A/B testing into our daily work18. Create review and coordination processes to increase quality of our current workPART V: THE THRID WAY: THE TECHNICAL PRACTICES OF CONTINUAL LEARNING19. Enable and inject learning into daily work20. Convert local discoveries into global improvements21. Reserve time to create organizational learning22. Information security as everyone’s job, every day23. Protecting the deployment pipelinePART VI: CONCLUSIONA call to actionConclusion to the DevOps HandbookAPPENDICES1. The convergence of Devops2. The theory of constraints and core chronic conflicts3. Tabular form of downward spiral4. The dangers of handoffs and queues5. Myths of industrial safety6. The Toyota Andon Cord7. COTS Software8. Post-mortem meetings9. The Simian Army10. Transparent uptimeAdditional ResourcesEndnotes