Rob Kraft
Software Consultant at Kraft Software
Lee's Summit, Missouri, United States
Actions
I have been developing software for almost four decades. Although I have a Master's Degree in Project Management I earned it prior to the primacy of Agile practices, and I felt many of the principles I learned couldn't be applied to software development. My focus is always on the aspect of software development process that needs to most attention, which could be writing code, project prioritization, quality assurance, or building culture. I'm passionate about sharing good development practices, especially security in software development. I've taught classes on SQL Server and programming languages, co-authored books on SQL Server, spent many years developing large applications with C# .Net, and dabble in everything I can.
Area of Expertise
Topics
It's About Time
Can your team develop software more efficiently? Are you aware of what you could be doing better? Great code does not result in a great product or a successful project. Code is only one part of the solution, and sometimes "good enough" code is better than "great" code. This presentation will cover six aspects of software development where teams often could do better, and include suggestions for such. The six aspects are, "We pick the wrong things to work on", "We pick the wrong development practices", "We pick the wrong technology to use", "We execute development poorly", "We fail to invest in ourselves", "We fail to organize and motivate the team". In each of these aspects, mistakes cost us time, and lost time is waste. By considering the time cost of decisions and activities, you can make better choices to reduce wasted time, improving your team's efficiency.
Implementing A Secure Software Development Program
We all know we need to write secure code. We know we need to prevent SQL Injection and Buffer Overflows. But development teams are increasing asked to implement a Secure Development Life Cycle and to "develop software securely". So what else do we need to do to satisfy our clients that our software is secure? Come find out in this session that will cover security risks, security in DevOps, auditing for security, static code analysis tools, securing your environments, securing your 3rd party frameworks and tools, and more you should consider to earn a security auditor's seal of approval for your entire development process. Bonus: this will share some details of the SolarWinds hack highlighting the challenges we face to keep our software secure.
Defense in Depth - Minimizing the Risk of SQL Injection
During this session you will be thrust into the role of the DBA hired to fix SQL Server to prevent it from ever getting SQL Injected, or at least minimize the damage that can be done when it does. From bottom to top this session will cover how services should be configured, how SQL Server should be configured, benefits and risks of SQL Server security configurations, and best practices for app development. Come learn how to defend your servers from hackers, or how to become a SQL Injection hacker yourself!
Better Code Through Abstraction
No one sets out to write bad code. Yet bad code happens. The world has a lot of it. There are some basic rules you can follow to avoid writing bad code. You don't need to master inheritance, generics, functional programming, lambdas, or closures to write good code. Good code is about more than writing code that works. Good code should also be easy for people to read, easy to modify when changes are needed, and easy to add new features to. Once you have trained your mind to write good code, you will also see how easily you can improve existing code. Examples will be shown in C# and javascript.
Which Software Practices Are Right For Your Team?
Scrum, Kanban, TDD, retrospectives, velocity, metrics, Code Reviews. Do you find yourself sitting in sessions at conferences like this listening to speakers sharing good explanations for software practices, but you don't think the practices they recommend are going to work for your team? You're not alone. In this session I will explain what is wrong with everything. Why the solid advice from your last session may be bad advice for your team, and most importantly how to identify why the advice may not apply to you. I will cover the impacts that different deployment models, team structures, cultures, customers, and other variables have upon the practices that work best for you. Come learn how to focus on developing software efficiently and avoiding development dogma.
Scrum and Kanban Gone Awry
Scrum, Kanban, Lean, Six Sigma. We apply these disciplines and frameworks to software development with the intent to improve our processes, but sometimes we lose sight of the goal and follow the practices prescribed by these tools to our detriment. Principles of Scrum, Kanban, Lean, Six Sigma can be used to make your software development worse instead of better, and we see this happening too often. This talk will point out how software development is different from other disciplines to which process improvement frameworks are applied, and how those differences should alter the way we apply them to software development. You will learn what goals you should focus on most when attempting to create high-performing software development teams.
Does Your Software Need Waste Management?
Eliminating waste was a major focus of Mary and Tom Poppendieck's application of Lean manufacturing principles to software development. But the seven forms of waste they identified are not enough. Even eight is not enough! This session will delve into the myriad ways time and resources are squandered in the development process. For each, we will also offer practical insights and actionable strategies to mitigate waste, ensuring a more efficient and streamlined software development experience.
The Origins of our Myths: Waterfall, Agile, Scrum, Kanban, Lean
They meant well, but do any of these methodologies, frameworks, or principles help you deliver software better? Can principles borrowed from manufacturing be used to solve the challenges in creating software? Are they the right tool for the job, or just the only tools we have? In this session we will take a hard critical look at differences between the problems software and manufacturing need to solve. And we will expose principles and guidelines you can use to make better decisions for developing software.
Rules Are Made To Be Broken
Scrum, Kanban, CPI, Six Sigma, DevOps and other methodologies offer prescriptive guidance on optimizing software delivery, but the crucial question remains: is their counsel universally applicable to your specific context? Join us to unravel the instances when it might be prudent to challenge conventional wisdom – whether it's moving cards backward, bypassing estimates, eschewing retrospectives, opting for manual deployment, breaching WIP limits, sidestepping metric collection, forsaking OKRs, or reevaluating velocity. Discover the key principles that should underpin your decision-making process, fostering a tailored and effective approach to software development in your unique environment.
Always Let Your Context Be Your Guide
In our quest for "best practices", we often forget that what works brilliantly in a large software company might fail spectacularly in a small to medium size business or startup. Practices that literally save lives and improve quality for one team can be a waste of time for another. This talk shares at least twenty-five contextual elements that can impact everything from your choice of software methodology to the amount of time a developer should spend trying to make a function run faster. Functional requirements, business regulations, security demands, deployment frequency, and architecture, are just a few of the elements that should inform our technical decisions. Should you use TDD? Should you provide estimates? Should you automate deployments? Should you hold retrospectives? All these questions and more can be answered once you identify your context. Through examples based on real-world experiences, research, and learning from others, you'll gain new perspectives for evaluating your unique development context and making decisions that work for you, rather than blindly following what worked for someone else.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top