Author Archives: Ajitesh Kumar

Ajitesh Kumar

I have been recently working in the area of Data analytics including Data Science and Machine Learning / Deep Learning. I am also passionate about different technologies including programming languages such as Java/JEE, Javascript, Python, R, Julia, etc, and technologies such as Blockchain, mobile computing, cloud-native technologies, application security, cloud computing platforms, big data, etc. For latest updates and blogs, follow us on Twitter. I would love to connect with you on Linkedin. Check out my latest book titled as First Principles Thinking: Building winning products using first principles thinking

Top 6 things to Avoid Logging

Following are some of the things you may not want to write in the log file or write in masked form: Passwords (goes without saying) Database connection strings Encryption keys/access tokens Sensitive personal data Session identification value (must be masked) File Paths (consider masking)

Posted in Application Security. Tagged with .

Different Roles & Responsibilities in a Business Process Lifecycle

Following are different roles and responsibilities involved in a business process lifecycle which consists of four key stages such as modeling, implementation, execution/control and monitoring/optimization: Process Owners: The primary responsibility of a process owner is to own business process from strategic point of view and has end to end responsibility for the process. The diagram below represents the spectrum of responsibility of a process owner. The details could be further read on this page. Process Analysts: Process analysts analyses the business processes with the process owners and define the process model including information such as activity flow, information flow, rules, documents, business policies, business rules, performance measures (KPI). IT Developers: …

Continue reading

Posted in BPM. Tagged with , , .

What are different types of Business Processes?

Following are different types of business processes: UI intensive processes: Navigational flow and data aggregation is controlled from a user interface layer rather than in a BPEL process. These processes are used for cases where a GUI application performs the process orchestration or control. Synchronous transactional processes: These are a collection of short-running BPEL processes provide real-time responses to graphical user interfaces or for transactional sub-processes. These are used for cases when you need high performance and the caller needs a response immediately. Asynchronous transactional processes: The invoker/caller makes the request and does not wait for the responses. Process is assured to occur at a later time in a separate transaction. These processes are used for cases when …

Continue reading

Posted in BPM. Tagged with , .

Why REST with Bonita When You can Mix ‘N’ Match :-)

To give you quick overview on what is referred to as Bonita here, Bonita is referred to as BonitaSoft BPM Tool. As per BonitaSoft corporate website, Bonita BPM improves business operations by connecting people, processes, and information systems into easily managed applications. The blog aims to highlight some of the aspects of Bonita BPM REST API and, some of the reasons due to which one would want to go with REST based integration with Bonita BPM. Those of you working with BonitaSoft tool including Bonita Portal for accessing workflow applications on top of BonitaSoft workflow engine & Bonita Studio for creating workflows, may have been exploring to find out ways and …

Continue reading

Posted in BPM. Tagged with , .

Make Business Analysts Your Friend & Deliver Great Product

In my experience, I have found application developers not very clear on roles and responsibilities of business analyst (BA) and, more importantly their need in the project. Thus, they do not pay attention to what business analysts has to say on the requirements and end up faltering on various aspects of project execution due to lack of proper understanding of the business requirements. This creates a lot of frustration to both application developer and business analysts. Below is a diagram representing a conversation with BA and an application developer.   What is the problem if business owners and application developers communicate directly without a business analyst as a bridge? The …

Continue reading

Posted in Software Engg. Tagged with .

How to Create Your Next Web Application on WordPress

If you have decided to code your next web application on top of WordPress framework, following are some of key considerations that would help you to get started quickly: Database interactivity from your custom pages Creating custom pages Retrieving GET parameters URL Rewrite Following is detail on all of the above points: Database Interactivity: Having your custom pages interact with the database is one of the key. Following are tips to get set with database connectivity from custom pages.The database information including host, database name, username and password is all configured in the wp-config.php in the root folder. All you got to do is include wp-config.php file in your database …

Continue reading

Posted in Software Engg, Web, Wordpress. Tagged with , .

Top 3 Most Visited Blogs for Great Software Code Quality

Following are top three most visited blogs this month in relation with software code quality: The rule I followed to become a great developer Refactoring 3000 lines of code Security code review tips for application developers Thanks to my readers for appreciating above blogs. I shall keep it flowing…

Posted in Software Quality. Tagged with , .

Strategies to Consider for Your Code Migration Project

Are you planning to start your code migration project. Have you been looking forward to accelerate your code migration project while ensuring that the quality is not compromised? Following are some of the strategies that you may want to consider for your code migration project: Development Methodology: As code migration requires greater team collaboration and frequent testable releases, it may be advisable to adopt agile development methodology such as SCRUM. With agile development methodology, the features to be migrated could be put in the backlogs and the migration is done based on this backlog. Agile development method ensures that you have complete visibility at all times on what is done …

Continue reading

Posted in Migration. Tagged with .

Minimum Security Coding to do Before Your Website Launch

I am sure you are very excited to launch your website as soon as the coding for minimum functionality is complete. However, I would only suggest some of the following as bare minimum which you may consider as important things to be taken care before your website launch: Input validation: Some of the following OWASP top 10 vulnerabilities can be averted if only we do coding for input validation. You would give an argument that you actually do the input validation and what different you need to do.  All I would say is what you do in form of input validation is one or more of business rules representing boundary …

Continue reading

Posted in Application Security. Tagged with , , .

If I Woke up as a Test Engineer One Day…

If I, being an application developer, have to spend a day as a tester, following are some of the activities I would do: Analyzing Test Cases: Examine test cases and make sure that the coverage is maximum in terms of including all test scenarios in relation with the use cases. Test Automation: Look for the areas which can be automated and suggest the same to my lead/manager. Digg a little deeper in the code to find bugs which are difficult to find in manual testing. Learn techniques in performance testing as I am very passionate about the same. Learn few tips and techniques in security testing, along with knowledge on …

Continue reading

Posted in Software Engg, Software Quality. Tagged with .

The Rule I Followed to become a Great Developer

DISCLAIMER: The article is in no way an intention of bragging about my development capabilities. The intention is only to emphasize in so many ways on a rule which can surely, in my opinion, help developers improve quite a notch and become a better developer. I would like to reach as many developers as possible with an intention to create a belief in them regarding the principle I spoke. Thanks for reading the blog. Please feel free to share. For several years that I spent in IT industry while working on a different roles and responsibilities such as developer, technology lead and architect, I was looking for that ONE THUMB …

Continue reading

Posted in Software Quality. Tagged with , .

Security Code Review Tips for Application Developers

One of the key aspects of secured application development practice is Security code review. Security code review, as like normal code review, could be done either in automated fashion using one or more tools, or in manual fashion where one or more developers are involved in doing code review. Unlike application normal code review where one needs the knowledge of business functionality and programming language & related technologies’ knowledge, Security code review requires knowledge on different aspects of security including some of the following: Common threats (STRIDE can be a great place to start understanding threats) Vulnerabilities (OWASP Top 10 describes most common vulnerabilities) Remediation techniques recommended in that programming …

Continue reading

Posted in Application Security, Code Review. Tagged with .

Why Attend Meetings when Some Coding can be Done

I am sure many of us at some point of time in our career come across this argument from meeting attendees, primarily inexperienced guys, that he/she is very busy with his current tasks related with coding or testing, and that he may not be able to join the same given the fact that he agreed to attend the meeting earlier. Another instance that I have come across in relation with meeting is people coming up with laptops and get themselves busy with their tasks (coding/testing/others) while meeting is proceeding.   Let’s try and understand what can be some of the different kind of meetings for an application programmer, or tester. …

Continue reading

Posted in Software Engg. Tagged with .

Disagree with Your Customers but Politely

Have you come across those heated email exchanges between customer stakeholders (manager, architect, tech lead, senior engineer etc) and stakeholders from your team including developers, tech lead, managers or architect? If you have worked in IT services company whose primary business is to work on development, support and migration of one or more applications in different technologies, instances like these are more likely to appear. If you want to act as an equal partner and contribute to maximum in overall growth of your customer’s business, you are surely expected to contribute much more than just do what is asked to be done. In that regard, you may be expected to …

Continue reading

Posted in Customer Relationship, Software Engg. Tagged with .

Refactoring 3000 Lines of Code

Have you come across a class file (object-oriented programming languages) which spanned across 3000 lines of code or more? Or, even, a class of 1000 lines or more. I do have seen many such code in my career and trust me, every time I have come across such instances, I have a painful time working with any changes required to be made in the code. Honestly, the changes was made without much assurance that everything would work fine with this change in now and future. Lets  try and understand what’s the problem with long classes (1000 lines code or more)? Low Maintainability: Such classes score very low in maintainability aspect of …

Continue reading

Posted in Code Review, Software Quality. Tagged with .

Preparing Fresher Developers for Billable Projects

Are you one of those project stakeholders/trainers who have been assigned the task to make the fresher developers become billable, meaning, customers paying for their time? This is a tricky one to crack as it is difficult to convince customers that a fresher developer would be able to deliver a great quality code given the lack of experience. As a matter of fact, fresher developers take pride in becoming billable after the training is over owing to the fact that they would be able to start learning from day one, prove his worth and, organization would be able to make optimum usage of his expertise. So, how do you crack …

Continue reading

Posted in Freshers, Software Engg. Tagged with , .