With the rapid rise of AI agents and the emergence of increasingly powerful models, some of which may introduce new security risks, it feels timely to revisit the topic of software security. More importantly, it raises the question of how we can write code, often with the assistance of AI, that remains robust and secure in the face of these evolving threats. Code is written, features are delivered, and only near the end of the development cycle does a security team step in to

We’ve explored a range of approaches to measuring software delivery and ensuring teams build effectively in my recent posts. From well-established engineering and testing practices to modern delivery metrics. The metrics we’ll explore today, however, are far newer, emerging in response to the rapidly evolving role of AI in the software development lifecycle. As AI becomes embedded in the software development process, from code generation to testing and documentation, engineer

Building software is not just about technical decisions or the mechanics of designing, building, and maintaining systems. At its core, great software is created by healthy teams operating within healthy systems . The quality of what gets delivered is deeply influenced by the environment in which people work, the sustainability of their workload, the clarity of priorities, and how well the system supports them in doing their best work over time. While flow, quality, reliabilit

In my recent posts, we’ve looked at several ways of using metrics to help understand the delivery of teams across different aspects. Looking retrospectively is a great way of identifying ways to improve – but you also want to use your data to help you be more proactive and identify ways to better plan and predict the outcomes of your different delivery efforts. In software delivery, speed and quality mean little if outcomes are unpredictable. Leaders and stakeholders need to