Why I don't believe in Evidence-Based Management (4 of 6): Seek evidence to support your belief, and you shall find

Posted by on Comments (0)
This is my fourth post in a series of critical posts on Evidence-Based Management (EBM), which is currently being promoted heavily by Scrum.org. This series discusses a number of objections that I have against EBM; a quality movement that intends to improve managerial decision-making by urging managers to use the best available (scientific) evidence (Pfeffer & Sutton, 2006). My previous post focused on the problematic definition of evidence that underlies EBM. In this post, I will argue that this problematic definition opens the door for another problem: the potential for manipulation. [More]

12 strategies to quickly harden your .NET webapplication

Posted by on Comments (1)
Securing a website built on Microsoft’s MVC framework is not exceptionally hard. Out of the box, MVC offers a lot of protection against common OWASP attacks from the box. If you combine MVC with Entity Framework - like most of us - you don’t have to worry about SQL injection attacks either. But getting your MVC app through a penetration test is a bigger challenge. This post summarizes what I’ve learned so far. [More]
Posted in:   Tags:

Why I don't believe in Evidence-Based Management (2 of 6): Origins and EBM applied to software development

Posted by on Comments (0)
In this series of posts, I discuss a number of objections and criticisms to Evidence-Based Management (EBM) and how it is being applied to software development. In this post I explain what EBM is and where it originated. I also discuss how EBM is being applied to software development by Scrum.org. [More]
Posted in: Agile   Tags: