Table-stakes security often means a checklist to get the security team off the back of the web team. This approach is weak from every perspective: a frustrating web and security collaboration process, vulnerability to excessive spending with security vendors and loose credential hygiene. A holistic threat modeling approach — centering collaboration and effectiveness — can redefine table stakes to everyone’s benefit.

Here are four common approaches followed by tips to center threat modeling.

As CTO, Brewster is constantly seeking new ways to innovate and improve efficiency at Patch. When he joined the team in September of 2014, he turned to Pantheon as a solution to manage infrastructure so his team could spend more time developing and growing the company. Managing a media site with as large a footprint as Patch is no small task, but Brewster and the team make it look easy—regularly scaling to millions of pageviews in a single day without breaking a sweat.

"It is not enough to do your best; you must know what to do, and then do your best" —W. Edwards Deming

Read one developer’s story about navigating the stormy waters of developing websites for colleges and universities for more than a decade.

The web was born in the world of higher education and research institutions. Starting first as a tool for sharing information among researchers and educators, it has expanded in the three decades to connect to practically every portion of our lives.

Joel Hughes is SVP of eMedia & Information Technology at Scranton Gillette Communications, a fourth-generation family-owned business-to-business communications company, named by Folio magazine as one of the 40 fastest-growing companies — and an “All Star” in the magazine industry.

The way people use the phrase “technical debt” implies that good, tested code is debt free. If you are building a software service this is wrong; every line of custom code you maintain is debt.

To be competitive, software products must continually improve. All of the custom code you’ve written yesterday, rewritten today, and what you’ll write tomorrow -- you will be burdened with maintaining, forever.  To build competitive software you must balance this cost when you decide what code gets written, and what gets integrated from upstream.

When working on Drupal 8 theming, it is very helpful to have Twig debug mode on. Debug mode will cause twig to emit a lot of interesting information about which template generated each part of the page. The instructions for enabling debug mode can be found within the comments of the default.services.yml file, among other sources. In short, all you need is the following in your services.yml file:
 
parameters:
  twig.config: