Category Archives: Software Development

How to Overcome Tech Challenges As a Startup

technology startupsWhen a business is still in the early stages, it will face a number of challenges. At Santex, we provide solutions and support for overcoming those challenges. Startups are burgeoning in the United States, with more than 100 million startups being founded each year, according to a national report by GEM. This report, from Silicon Valley Bank, says that nearly two out of three US startups believe that 2018 will be better than last year, with hiring at a five-year high.

While being a startup in 2019 is great in many ways, the journey is not without its pitfalls and challenges. This post will cover some of those challenges and how your startup can overcome them.

Customer Satisfaction

No matter what type of business you’re running, whether it’s a startup or a well-established company, customer satisfaction is of the utmost importance. With continuous advances in technology, customers have higher expectations and demands that must be met. Since both current and prospective customers have so many options, they can leave your company in the dust if they aren’t satisfied by what they’re getting.

In order to stay ahead in the customer satisfaction game, your startup needs to do quite a bit of pre-planning. With technology enabling better user experience and 24/7 customer support, keeping people happy means going above and beyond the bare minimum.

Market Competition

For most, if not all startups, the competition is fierce. There are hundreds of companies across the United States offering the same products and/or services. Because of this, it’s vitally important to stand out from the competition however you can. What can you do that will help you stand out? For starters, you need to keep an eye out for what your competitors are doing. This will help you have a competitive edge when you create your own strategy.

At the same time, it’s also essential for startups to be willing to collaborate with one another in order to succeed. A collaborative environment can lead to great rewards now and in the future. A good startup also needs to be open to the possibility of failure. Fear of failure can sometimes paralyze a startup which can actually hamper growth and innovation.

Industry Growth Is Ongoing

As a startup, your business will constantly be growing and changing, especially in the first couple of years as you work to find your footing. Your business will need to grow alongside the needs of your customers, which goes back to pre-planning for the present and planning for the future. Your business will need to stay one step ahead of your customers, modifying your offering based on their wants and needs.

However, there’s no denying that this rapid growth can be challenging, requiring you to adapt to new technologies and roll out new products quickly. This is where Santex can help, by providing resources and support that will help your startup as it grows.

Adding Value With Scalability

When it comes to scalability, it’s important to add value as you’re scaling your business. This is easy to do because, especially in the early days, there is low risk when it comes to tech. Much of the tech that startups use has already been developed. Because of this, many startups are able to skip the new technology development phase and get right to providing value for their customers.

Moreover, if product-market fit happens early, the startup can end up dominating the market early on. The best way to truly add value is to ask your customers what products or services they would benefit from having. From there, create a plan to roll those out in a scalable manner.

Talent And HR: A Winning Combination

When it comes to having a solid startup, one of the most important components is hiring and retaining top talent. Hiring top talent from the start is a critical element of growth, but it also puts a serious strain on the limited resources of a tech startup. Outsourcing some tech development to a competent software development company like Santex may be a smart strategy at this stage.

Another important component of a good startup is having a good startup culture. This will mean different things for every company, but it can includes things like providing good work/life balance for employees, making sure every employee is aligned to the company’s vision, and being willing to make unconventional hiring choices.

Working With Limited Resources

All startups are working with limited resources, especially in the first year, but often beyond that, into year two and even year three. Because of this, it’s important to be doing focused work in those first years. Bouncing from project to project doesn’t serve anyone, least of all customers who are relying on your products or services. You want them to keep coming back and spread the word about your company. Focus sharply on getting feedback from your customers and building products based on that feedback.

A lean startup also needs to be able to make good use of the resources they do have available to them. This means not spending money frivolously or becoming too big too soon. Start slow and aim for steady and organic growth as much as possible.

The Santex Experience: Gi-Fly Bike

Created by Bignay Inc., a company dedicated to improving urban spaces, the Gi-Fly Bike is an “all in one folding pedelec city bike,” that contains a built-in electric engine to assist the rider with pedaling. While the bike’s parts and technology were both cutting-edge, Gi-Fly was struggling with the smartphone integration. Their goal was to allow the end user set up the bike via the mobile app. This app would assist the user with all the bike’s features, including locks, GPS, social media, and more.

The company turned to Santex for support, which in turn created an API, along with the website and both iOS and Android mobile apps for the company. The software developed by Santex helps the end user use the bike to its fullest potential. The user can now set up the bike via the mobile app. The app “talks” to the API, downloading the firmware, software, and more via Bluetooth technology.

As soon as the firmware is running, it begins communicating with the bike via the mobile app, allowing the end user to set their preferences for using the bike and the mobile app. One amazing feature of the mobile app is that it will automatically lock the bike once the phone is a certain distance away. Having this built-in technology prevents bike theft and allows the end user peace of mind.

Santex also helped Gi-Fly Bike enhance their website by using the most current technologies and frameworks.

The Gi-Fly bike had more than 300 sponsors and $426,000 in financial contributions on Kickstarter, with delivery required at a certain time. Because of Santex’s support, they were able to complete delivery on time.Download Ebook Software Development

10 Best Practices for Software Development

software development servicesRight Resources, Right Talent in Software Development

Hiring the right talent makes all the difference in the world when it comes to software development. When going through the hiring process you’ll want to make sure those you’re considering have the right skills and relevant experience to get the job done. This will enable you to allocate work to the appropriate person. Once the team members are in place, make sure they have whatever they need to put their expertise to the right use. From the correct software and hardware and the appropriate automated tools to the right development and testing software and platforms. Doing so will ensure that robust products are being created.

Consider Outsourced Teams

Sometimes outsourcing software development is more beneficial than trying to do everything in-house, and often costs the same or even less. In 2017, nearly one-third of companies outsourced their software development, and 78% of those companies felt good about making that decision. As with anything, there are best practices to implement and mistakes to be aware of when it comes to outsourcing software development.

First, we’ll talk about best practices to implement:

  1. Consider whether your project is right for outsourcing. Can someone else do it better than your team?
  2. Make a plan. Don’t just hand off a project without having a clear and detailed plan for what needs to happen and when.
  3. Look for a trusted provider. Vet whoever you’re planning to outsource to in order to ensure they can handle the work you’re giving them. Make sure they’re up to date on the latest trends relating to the project.
  4. Have a dedicated team. Even if you’re outsourcing a project, you should still have an in-house team to keep an eye on things. It doesn’t need to be a big team – a couple of people can manage the gig.
  5. Go Agile. Break the project into multiple iterations that are a few weeks each. Don’t forget to allow time for testing throughout the process.
  6. Pricing isn’t everything. Just because someone is offering a good price doesn’t mean they’re the right person for the job. You get what you pay for.
  7. Research and development. Don’t outsource a project without doing your homework.
  8. Document. Leave a paper trail no matter what.
  9. Communicate. Be sure to keep the lines of communication wide open with your team and the team you outsourced to.
  10. Own the project. Take ownership and be prepared to adjust along the way.

Second, we’ll talk about mistakes to avoid:

  1. Lack of research. Do your homework on the companies you’re considering outsourcing to. You want to be sure you choose the company that has a firm grip on providing software services.
  2. Unclear requirements. Be explicit about what needs to occur during the software development process.
  3. Not on-trend. You don’t want to outsource to a company that isn’t keeping up with modern trends.
  4. Lack of tech-savvy manager. You want the project manager to be ahead of the curve when it comes to technology.
  5. Don’t underestimate quality assurance (QA) and testing. These are two of the most vital aspects of software development.

Think About Your Development Process

When it comes to choosing a software development process, you have a few good options, including the waterfall model, the agile methodology, and the iterative spiral methodology. Choosing the best methodology for your project and strictly adhering to it will lead to greater success. It can also be helpful to create a prototype to study the feasibility of and explore new technology.

Don’t Forget to Budget

When it comes to budgeting a software development project, it’s not just about creating a financial budget. You also need to budget a schedule, resources, and efforts involved in the project. When creating estimations, you want to use proven techniques that won’t lead to a short-scheduled project. Not leaving enough time to complete each aspect of the development can quickly lead to disaster.

Keep it Simple

When it comes to software development, especially those projects that are being outsourced, it’s important to keep things simple. There’s no need to overthink it. Create processes and plans that will ensure the project runs smoothly and will keep the lines of communication open between your team and the outsourced teams.

Code, Code, Code

It’s important to keep the actual coding process as simple as possible. Max Kanat-Alexander came up with the idea of code simplicity in order to “reduce unnecessary complexity in software development.” Code simplicity works in tandem with Don’t Repeat Yourself (DRY) and You Aren’t Gonna Need It (YAGNI), both of which are mantras in agile development.

Effectively Implementing Code

When it comes to effectively implementing code, there are a couple of things you can do to make the process go more smoothly. The most widely used method is creating smaller modules that are coded and self-tested throughout the development process. Automating processes also helps ensure that functionality is not broken within the software being developed.

Test, Test, Test

We cannot stress this enough. Testing is vital to successful software development, especially if you’ve outsourced the development. If you’ve outsourced the project, be sure the company doing the development is testing along the way. You’ll also want to do your own testing when you get the final version before releasing to the public. If you’re doing the development, build testing into the development process so that you can make changes as issues arise.

Leaving a Paper Trail: Documentation

The documentation related to the software is just as important as the software itself, especially if you’re outsourcing the development. You want to have a consistent paper trail of communication between your company and the outsourced company to ensure there are no issues. Some important documents include a project plan, requirement specifications, high and low-level design (HLD and LLD), test plans and reports, status reports, and user documentation. This documentation can also be helpful if staffing changes occur at your company in the future.

Deploy and Review

Build reviews into your software development process. All deliverables, including code and documents, should be reviewed by both peers and experts. Having reviews of the software also ensures that there are no bugs before the software is released to the public.

Conclusion

Outsourcing software development has both benefits and pitfalls, but it can be done successfully if you follow the recommendations here and in our newest e-book, Santex’s Ultimate Guide to Development Outsourcing. If you still have questions or need more guidance, don’t hesitate to reach out; we have a well-rounded team who can assist with whatever your needs might be.Download Ebook Software Development

 

Top Challenges in Software Application Development

outsourcing software developmentWhen introducing software systems to your company there are some key things to keep in mind. Software application development is a complex process that is not everyone’s cup of tea. Not only is it vital to have more than a basic understanding of computing processes, but anyone solving programming problems should be able to think analytically and have the ability to troubleshoot.

Software Systems Are Intangible and Complex

Whether you’re creating a software system of your own or using one that has already been created, it’s important to understand that the system is going to be intangible and complex. Most professionals across the world design and develop the software conceptually which makes it abstract and difficult to grasp immediately. There will likely be a learning curve in either creating the software or in learning how to navigate it once it has been installed and customized to fit your needs. In fact, you may not even be able to customize the software until you’ve learned to navigate the bare essentials of the software.

Don’t let this complexity overwhelm you, especially if you’re using purchased software. There’s a good chance the company that created the software also created resource materials to go along with it that will help you overcome the learning curve. If you’re creating software of your own, it would be prudent to create resource materials so you and others can become experts in using the software.

Interaction With Other Systems

Whether you’re using your own company’s software or that of another company, you’ll want to make sure the software will interact well with any other systems you might have in place. If you’re developing your own software systems, it will be much easier to implement interaction with other systems you already have in place. You can simply write that interaction into the code of the software. When using software from other companies, you may need to teach the software to interact with the other systems.

Once you figure out how to get the software to interact appropriately with the other systems, write those processes down so that they can be used in the future if the software gets updated. This is where training and testing will also play a role.

Changes In Software Requirements and Designs

Keeping up with changes in software requirements and designs is one of the most common problems you will face, particularly when you’re developing your own software. You’ll want to keep team members and other end users updated on any changes in usage and design that you make to the software. Developing software is not a static endeavor; rather, software should be updated consistently. Implement a plan for letting users know about updates to the software and how those changes might affect the design and usage of the software.

Is Your Software Application User-Friendly?

When creating software, it’s important to make sure it’s user-friendly. Don’t make it any more complex than it needs to be. Provide both end users and your team with the resources they need to learn how to use it optimally.

Do You Have The Right People To Do It?

programming problems software developmentWhen developing software of your own, be sure you have the right people to do it. Look for people who have a strong understanding of basic computing and software, but who are also willing to learn any new skills necessary for creating the software. If someone on your team is interested in getting their feet wet in the software development realm, invite them to join the team as an observer.

Let them know up front they might not be able to get hands-on with software development this time around, but be open to the fact that they’re willing to learn new skills. By observing the other developers, they can see where their strengths might lie and work on those, either through company supported training or on their own time. It says a lot about an employee who is willing to step up and learn new skills to stay sharp on the job.

If you don’t have the right employees for a particular software development application, then outsourcing your software development to the right software development company can be an effective and relatively inexpensive solution.

Don’t feel too overwhelmed by software development. While there is a definite learning curve, there are plenty of resources available to help you achieve success in that aspect of your business.

Be sure to check out our e-book, Best Practices for Software Outsourcing. This book will provide a number of ways for you to successfully outsource your software development. We consider ourselves passionate about software innovation. We are here to help you and your company succeed.

software outsourcing practices agile methodology

7 Steps for Software Implementation Success

Software ServicesWhen implementing new software at a company, you want to ensure that the implementation is going to be successful and that the transition will go smoothly. The last thing team members want to be dealing with is obstacles when it comes to learning and understanding new software. Here, we offer seven ways to ensure that the software implementation process goes off without a hitch.

Planning

Having a plan for successful software implementation is the most important step. You want to know right from the start what processes the software will help with and what it will take to implement it. Will new security measures need to be put in place? Will team members need to be trained on how to use the software? This phase helps you think through the implementation process before launching anything. Planning ahead will always make for a smoother implementation.

Process Design

Companies use process design to figure out how to run their businesses. Most of the software you will purchase will have a process design already built in, especially if it’s for sales or other day-to-day things. If you’re not sure how to implement process design, you can hire a design analyst or work with a specialized web development company like Santex to figure it out. You want to have good processes in place before implementing the software so that you can stay on top of any issues that may arise and have methods in place for troubleshooting any problems that might come up after implementation.

Solution Design

After you’ve created the process design, it’s time to come up with the solution design, which is essentially the roadmap of business requirements and processes. During this step, you will map the software to your business requirements so that everything is working in tandem. It’s key to remember that these initial requirements are just a starting point. As you learn the software, you may find that other methods work better and you can then implement those.

The ultimate goal of solution design is to figure out which aspects of the software you can use as they are and which aspects you will need to customize to fit the needs of your business and your team members.

Configuration and Customization

During the configuration step of software implementation, you’ll spend time installing the software and configuring the capabilities the software has right out of the box. This step really needs to come first, before any processes are defined and any customization is done. What you’ll find during the configuration process is that some aspects of the software will easily meet your company’s needs out of the box, while other aspects will need to be configured and connected to the roadmap you designed previously. Once you’ve done the out of the box configuration, you’ll be able to do custom configurations and customize the software.

During the customization phase of software implementation, you’ll be able to create solutions that meet your specific business needs. During the customization phase, you can add new fields, new screens, and new processes that weren’t initially part of the software. Customization of software is very useful when it comes to the financial aspects of your business. For example, you may want to set specific pricing for your customers. Customizing the software allows you to do this. Keep in mind that you should only customize processes that make sense for your business. Don’t just customize for the sake of customizing.

Integration

Integration is an important step in the software implementation process and involves migrating data from one system to another in order to meet the processes outlined in the system design. By having integrated software systems, you can avoid having to manually enter the data from one system into another system. Avoiding this redundancy increases the accuracy and completeness of the data you’re logging.

When working on integration, the timing is key. An important question to ask is whether you will need to run the integrations in real time or if they can be run behind the scenes, outside of normal business hours. Ideally, you should be able to run them behind the scenes so that the usual workflow isn’t interrupted by systems going down.

Reporting

During the reporting phase of the software implementation, time should be spent figuring out what information your business will need to make tactical and practical decisions. You want all reports created to provide useful information to the person requesting those reports. It’s important to have a format for reporting so that there’s no confusion when someone requests a report. When creating reports, users need to be very specific about what data they want included. For example, creating an Excel spreadsheet, even with mock numbers, can help bridge the gap of understanding between those producing the report and those reading the report.

Training and Testing

When it comes to successful software implementation, training and testing are two important components.

Training can come in different forms, from training the project team to training the end user on how the software works. When implementing a new software, it’s important to offer training, even if people might have used to software at another company. Software gets updated often and aspects change. By staying up to date, a company can have a successful and smooth software implementation. Training shouldn’t be a one and done thing, either. Whether there is training on software or other business components, it should be ongoing and based on the company’s needs at the time.

The final step in successful software implementation is testing. There are four different types of testing: unit, project team, integration, and end user. Each of these should be done at various stages of the software implementation process to ensure that things are running smoothly and that the entire team has been properly trained on how to use the software.

As with training, testing is an ongoing process that should be done throughout the software implementation process, and when the team has been using the software for a while.

When implementing software, it’s important to follow these steps in order for your company to be successful. Once you have a method for implementing software in place, it’s easy to apply that method to other software installs.

When it comes to successfully implementing new software, Santex can be a great support. Not only can we assist with engineering and consulting, we also provide a level of general support. Be sure to check out our newest e-book, Best Practices for Software Outsourcing, for even more information about software development and software outsourcing.

software outsourcing practices agile methodology

Why Does Your Company Need to Outsource Software Development?

Outsourcing software development is one of the most efficient ways to take your company to the next level. Outsourcing software development can increase profitability, improve your competitiveness in the marketplace, accelerate business operations, and, most importantly, increase customer satisfaction — and revenue along with it. With the right outsourcing team, your company will be ready to keep up with the demands of the ever-changing marketplace.

outsourcing softwareAlthough outsourcing software development is not a new tactic for product development, many companies still hesitate to seek outside help. However, when outsourcing is done right, the benefits of contracting a specialized team far outweigh the disadvantages.

Here are some of the top reasons you should outsource your software development needs.

Focus on your business

In today’s marketplace, team members often wear several hats and deal with many operations within the company. Your company’s IT department may not be able to put aside their current responsibilities to concentrate on a new project. Hiring and onboarding new developers can take months, but you have needs that must be addressed now.

Wise business managers know that their employees perform at their best when given the time to focus their efforts and plan accordingly. Stretching employees thin can affect team morale, productivity, quality of work, and employee retention. By outsourcing your software development needs, you are freeing up your team’s time to focus on what they do best. As a result, your product will be ready to hit the market faster, and with the best possible team behind it.

Software applications may play a key role in your business, but they may not be your core business. Entrusting your product development to a firm whose core business is software development ensures that you have access to growth strategies and operating processes which will be focused on creating high-quality software for your company.

Find talented resources and experience

For businesses looking to gain a competitive edge, outsourcing projects can open up access to technologies that may be unattainable otherwise. A software development firm can provide a pool of experts to take care of needs that your team currently cannot meet.

If certain programming skills are in high demand, the hiring pool for in-house employees may be limited. Conversely, if you need a niche technical skill or an innovative emerging technology, you may not want to commit to a full-time employee. Furthermore, the more specialized a skill, the fewer the people who will be available to execute it. You also may need subject matter expertise from someone who has worked on several similar projects and has the exact skill and technical profile needed to carry out your vision.

Outsourcing your projects means that you can expand your team to cover the exact skills and specialties required to develop your project. If a new demand or technical skill arises, the software development firm can easily cover those needs. If a team member is unable to work on a project, the firm can easily find a replacement, saving you time, resources, and money.

Save time and money

While costs should never be the most important factor of a business decision, the time and cost savings of outsourcing your software development may indeed convince you to search for an outside firm.

The costs of hiring and onboarding a full-time employee don’t end with a paycheck. In addition to the taxes and benefits (paid time off, health insurance, and 401(k) matching) that are provided on an employee’s behalf, additional costs of technological devices, hardware, software, office space, and direct management need to be taken into account when considering the costs of a full-time employee. Contracting a team to deal with a specific project may be more cost-effective in the long run compared to onboarding another in-house employee.

Furthermore, when it comes to outsourcing, the world is indeed your oyster. You can contract a firm from anywhere in the world, especially since much of the work and communication can be done virtually. As the cost of living varies throughout the world, the cost of outsourcing services varies along with it.

In today’s world, it can be challenging to keep up with the demands of the ever-changing marketplace. Outsourcing your software development projects can help your team members focus on what they do best, ensure that you find talented resources and expertise, and save time and money in the long run. In our e-book, “Best Practices for Software Outsourcing,” we offer more information about the factors to consider when outsourcing your programming needs.

At Santex, we are committed to your team’s success through our quality and passion. Along with building long-lasting and mutually beneficial relationships with our clients, our custom outsourcing services provide flexible solutions to meet your software needs. Software innovation is our passion, and our teams offer “the best talent in the right moment” to help you achieve your technology goals.

software outsourcing practices agile methodology

What to Consider When Hiring a Software Development Company

software development

It can be challenging to find the best software development company to meet your needs. There is often more to outsourcing that meets the eye, and choosing the wrong firm can cost you time, money, and your project’s position in the marketplace.

What are your project requirements?

Do you need to make a web application or a conventional website? Will the most complicated feature on this site be a blog or shopping cart, or will your project need to be integrated with a customized back-end system, such as an ERP or payment system? Do you have a maximum budget or a strict delivery timeline, or is having features your customers will love your biggest priority?

If your needs go beyond what can be found in a plug-in or a ready-made program, you need to find a software development firm with a wide range of expertise, such as software engineering, user interface optimization, web analytics, traditional web design, and more.

Furthermore, with many technical services, compromising on price may lead to a compromise in quality. If your application or project must be created from scratch, then the firm will probably need to construct something that the developers have never created before. Investing in a team with creative, flexible, experienced professionals increases your chances of getting the details right earlier on, allowing you to enter the market much sooner.

Here are a few tips to keep in mind to help the process of outsourcing your software development project go as smoothly as possible.

Proven track record

Although a firm’s portfolio may be impressive, it’s essential to know more about what happened behind the scenes. Even if the projects and web applications themselves look great, you have no way of knowing if these endeavors were delivered under budget and on time. The final project may have come to fruition only after constant conflicts between the software developers and the client. Asking for references now can lessen the chance of unpleasant surprises later, and an established company should have at least a few satisfied clients who would be willing to speak with you.

If a firm’s portfolio or client list is attracting you to a particular firm, you need to know whether the same software developers and engineers would also be assigned to your project. Make sure to ask about the specific developers who would be a part of your development team. When possible, ask for a reference from a client who has worked with these individuals before.

Maintain constant communication

Transparency is key in any client-provider relationship, especially if you are considering outsourcing a project to people you may never meet in person. In this digital era, the channels to maintain communication are as numerous the people who need them.

If you want to receive occasional updates and follow the progress with a project management tool, make sure the team and project manager are willing and able to use these tools. If you need frequent updates with details along the way, make sure that the project manager knows this and budgets time for these conversations. If the software developers use their own particular process, consider using their tools to ease the process.

Regardless of the exact process and tools of communication being used, your team of developers should be able to provide clear milestones and delivery dates, as well a list of their requirements from you.

As your project and relationship with the firm are coming to an end, determine what type of assistance, if any, you will need once the final project has been delivered. Will you be able to contact the firm once the application is up and running? How many iterations are included in your package? Will you be given the source files once the project is over?

The source files, such as descriptions of your database structures, access to code repositories, login credentials for site hosting, and Photoshop and Illustrator files, are essential to maintaining full ownership of your project. If you hope to make even one slight adjustment to your project in the future, ensure that your contract is transparent about the delivery of the source files upon completion of the project.

Finding the best software development company for your needs should not be taken lightly. In our e-book, “Best Practices for Software Outsourcing,” we elaborate on the factors that your company should take into consideration when looking to contract your project or web application to a software development firm.

At Santex, our software technology professionals abide by the values of participation, trust, passion, and courage when building a relationship with our clients. Our multidisciplinary teams are constructed with the goal of having “the best talent in the right moment,” and our business model prides itself on being able to provide flexible, creative solutions to meet your needs.

Software Outsourcing Santex

Best Practices in Code Documentation

By Francisco Verastegui – Santex Technical Board Member

Code documentation good practices

Code documentation is an important part of the development process. Understanding code documentation is worth the effort in the long term, especially as applications get bigger and more complex. Code documentation allows us to save time and minimize the learning curve in understanding the functionality of the API, libraries and applications. Here we explain four practices that will help you embrace code documentation as part of your development process.

  1. Document your APIs in a simple and concise way

Libraries and APIs are designed to be used by people who might not have time to read code or may not have access to it. Because of this, documentation should reflect your code objectives in a simple (easy to understand) and concise (focusing on the important facts) way.

  1. Keep your code documentation code up-to-date

Whenever you change code, the code documentation should be updated. This is especially true if business rules will be affected. Software evolves over time, as does the code attached to that software. Therefore, it’s important not to start the code documentation process too early since you may need to make a lot of changes. 

  1. Focus on the ‘Why,’ not the ‘How’

Code documentation should explain ‘Why’ and the code ‘How’.The main idea of this principle is: “Your code documentation should explain the “why” and your code should explain the “how.””

Good source code can be self-explanatory, but we still need to give it meaning. This means not repeating the “how.” The following examples explain the same method with different approaches to code documentation. The examples are in Java, but we are able to apply these concepts to other programming languages, as well.

Example 1

In this case, the code documentation (JavaDoc) explains the “how.” The context isn’t clear, nor are the business rules that are the reason for the creation of the method. Basically, the code documentation is providing the same information we could get by reading the code.

Not clear code documentation

Example 2

In this example, the method’s JavaDoc focuses on the “why,” explaining the context and the business rules that support it. It is also important to explain the business reason behind an exception that the method might throw.

Well done code documentation Detailed Explanation

“When we are editing a recurring series:” This is the context. Whether to include it or not will depend on if it is a business-related method or just an ‘isolated’ method like the ones we can find in a utility class (reused by different parts of our code).

“We have to enforce the rule that recurring {@link Order}s can’t exceed a period of more than 24 hours:” This is the main part providing the “why” because it explains a business rule. It also explains the main reason for creating the method. A method can explain, or be supported by, more than one business rule.

“If the remove TIME portion is less than the install TIME portion, then it is safe to assume that the remove date has rolled onto the next day (e.g. June 1st 7PM -TO- June 2nd 3AM, is still a 24 hour period):” Business rule considerations are important so that we can have a good understanding of the method behavior. To include it or not will depend on the complexity and conditions of the rule we are trying to code.

@throws OrderEditException

– if the order was already deleted by a different user: There needs to be an explanation of the reason (Why) the method is throwing a specific type of exception. Doing this is recommended for any application business exception.

It is important to realize that it is perfectly possible to understand the meaning and the business implications of the method just by reading the code documentation. This is a key concept for APIs that are public and designed to be reused throughout different projects and applications.

  1. Don’t document trivial code

Avoid documenting getter or setter method (unless it does something business-related). In order to avoid this, remove it from your IDE’s auto-generated code template. Avoid documenting simple procedures that are perfectly explained by reading the code.

For example:

Trivial code documentation example

As you can, see doing this only makes code harder to read.

Interested in growing your company? Discover Best Practices for Software Outsourcing today. Download the e-book.

Good committing

By Jose Torres – iOS Developer at Santex

Good git commitPeople in software development know there are a ton of difficulties that a team can face when working on software projects. That’s why best practices were introduced: as a way of preventing  common problems that software teams will eventually face. Best practices cover many aspects, from the setup of the environment to the way we write code and produce deliverables. Unfortunately, one aspect that is usually forgotten or underestimated is the handling of the repository. This usually happens when the team is small – if you are the only member on the team, you are bound to be disorganized. This can hide other potential issues that are usually faced when the team grows and you find yourself in complicated situations or flows. As the team increases its size, a lack of best practices will reveal itself and problems will surface.

As engineers, we should understand the importance of doing things right from the beginning. It shouldn’t matter that our current context shields us from facing complex situations. We have to be prepared for when the context changes and things start to scale. It often happens that engineers have this feeling of “things are working fine,” so therefore the context is “that should mean we are doing things well, right?” Not facing issues in the moment is not a guarantee that things are being done right.

There are many areas of best practices surrounding Software Configuration Management. Let’s focus on some of the best practices that should be used when committing code.

When committing code, we are introducing new code changes to our code base. In distributed version control systems, this is done first in our local repository and then the code is applied (“pushed”) to the central repository. There are multiple approaches to handling the branching model of a repository, but we will focus only on committing. It is basically a general rule that a commit in code should reflect an atomic change. This means that it can only be applied entirely, never partially. And, of course, it should not break the build. All build routines and tests should run successfully.

When committing code, we also have to include a commit message. This message is meant to give more information about the code changes that have been introduced. Such a message will last through eternity, and it is our duty to use it wisely.

Good git commit

Image 1: Sample git log

Limit your commit first line (title) to 50 characters

This is one of the most common suggestions, but it is still often forgotten. The first line is treated as the title of the commit. This means it should be brief and concise. It must be no longer than 50 characters. On the flip side, it should not be too short. The character length may not be a hard limit, but having it in mind ensures that the author thinks for a moment on how to concisely describe the commit. This helps to get quick contextual information when navigating through the git history and ensures that all clients will display the commit info properly.

Consider a blank line before the description

In order for a Git to differentiate the title from the body of a commit, a blank line must be added. Of course, this is only required if we want to add a description. Whether a description is needed or not is up to the author. However, it is a good practice to include a description that adds an explanation of the changes introduced and also some contextual information, like a related ticket number or link.

Include a link related to the issue on Bitbucket/GitHub/JIRA/etc.

This is related to the previous suggestion. It is important to have a reference to the source of the request, so we can have more context of the change overall. This should not be part of the title of the commit, but rather part of the description with the full link. If it is a bug fix, requirement, enhancement, etc., most of these are tracked with software development tools that assign them a unique identifier which makes it easier to track development. On one hand, it helps each commit in the repository to have a full reference. On the other hand, it gives visibility to external tools about when, by whom and in which branches the changes are applied.

Write the message using present tense/imperative mode

Finally, the golden rule of committing: all the writing must be done using an imperative mode like [FIX] and not using past tense like [FIXED].

Define a template

Having all of the previous considerations in mind, the team should define a template. After discussing what should be included in the ticket as the description and syntax of the titles, your team will have a clear idea of how they should commit code. Here is a sample I used for my current project:

Git commit - Sample git log

Image 2: Sample of a git commit structure

All of these best practices will be useful in many of the situations that software teams often face.

Help during the review process

When doing code reviews, we have to check all of the new code that has been introduced. Having a clean commit history with descriptive titles and useful messages helps us to understand the reason behind the changes. Also, as the reviewer will have access to the description with a link to an external tool, he/she is able to understand the full context of the change.

Help when handling merge/rebase operations

This is my favorite. Every time we have to deal with rebase operations it is extremely useful to have a clean commit history. This helps to make sure you are moving the right code changes from one branch to another. Without this information, it would be almost impossible to do without having assistance from the original author, which we know may be impossible sometimes.

Help when writing release notes

When preparing the release notes, a clean commit history is useful so we can see all changes that are part of our release branch (or any branch we are using to prepare a release).

Help during maintenance

Finally, one of the most important reasons for having a clean commit history is so that we can understand the changes that were introduced a long time ago. Often as software engineers, we are often in a situation of not understanding why a specific change was made or why a piece of code was originally introduced. A well written commit will bring together all of this information, and will give important insight to the new authors, allowing them to avoid having side effects when performing a change.

Sample of a git commit structure

Image 3: Sample of a rebase operation for moving code between branches

There are a ton of recommendations and conventions for good committing. These were just some of them! These are the ones I think are the most basic and need-to-know, and are based on the official Git Man page1.

Let me know if you have any others you would like to add or suggest.

Links:

– [1] https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-commit.html#_discussion

7 Habits of Highly Effective People

By Jose Meyer – Project Manager at Santex

Want to give up smoking? Lose weight? Maybe start a course or embark on a career you’ve always had a passion for? These are some of the promises we make to ourselves, usually at the beginning of a new year.

We have renewed hopes, enthusiasm, and joy! But it usually isn’t enough, and many of these desires remain unresolved. It has been said that only 8% of people meet or achieve the self-imposed goals and resolutions they make, whether made at the beginning of a new year or at some other point during the year.

One of the causes of this lack of follow-through can be attributed to the lack of establishing habits that allow us to do what is needed or, on the contrary, to quit the habits that don’t allow us to move forward.

A habit is made up of three parts:

  • The stimulus or signal we receive to do something.
  • The routine or activities we do.
  • The reward we receive for having completed those activities.

Good habits - Components of a habit

Identifying these components is a great first step toward being able to start implementing a new, good habit or to break an old, bad habit.

In hist book “7 Habits of Highly Effective People,” Stephen Covey summarizes years of study and research on the habits that we need to incorporate to improve our efficiency in both our professional and personal lives. 

Habit 1: BE PROACTIVE

Complaining, blaming the government, blaming our parents or other people about our fate is very characteristic of REACTIVE people. These people live their lives according to the circumstances that surround them, or given certain conditions.

On the other hand, PROACTIVE people are conditioned by their own decisions. They take responsibility for their actions and accept the consequences of what they have decided to do.

A reaction occurs when a stimulus is received. Human beings have the FREEDOM to choose their answers. Proactive people put that freedom to use.

To create an analogy with the IT world, the materialization of this habit would be the recognition of ourselves as the PROGRAMMERS of our lives.

Habit 2: START with the GOAL in MIND

The creation process is made up of two parts; all things are created two times. The first creation is the mental creation, which is followed by the materialization – the physical creation. Habit two is about mental creation, visualization.

This habit refers to the creative process of imagining what we want to be, where we want to go. This is the time when we imagine what the result will be of the activities we want to carry out.

Following the analogy from the IT world, this habit refers to designing or creating the PROGRAM of our life.

Habit 3: FIRST things FIRST

When someone asks us what the important things in our life are, most of us would say health, family, friends, and work matter the most. However, in the practice of our daily routines, we do things that do not go according to what we think or want it to be.

For example: We say that health is important, but we do not dedicate time to exercising, and/or we continue to consume unhealthy foods. We say that family and friends are important to us. However, we do not always dedicate the time necessary to preserve, understand, or make those relationships grow. In the work environment, we often do not dedicate the time needed to renew ourselves and continue learning in order to keep ourselves up to date.

The third habit refers to defining priorities in all the areas of our lives and in all the roles that we as human beings must fulfill (parents, spouses, children, brothers, professionals, friends, neighbors, etc).

The relationship between “the urgent” and “the important” is raised with this principle. We should make time for the things that are “important and not urgent.” These are the things we plan based on what we want to develop in our lives and, as a result, we should dedicate less time to the “not urgent – not important” or “not important – but urgent.”

To end the IT analogy, this habit refers to EXECUTING the designed program. It has to be executed based on the priorities we have designed.

Habit 4: Think WIN – WIN

This habit is about seeking mutual benefits. We should share profits, knowledge, recognition, etc., especially in those relationships that we are interested in maintaining over time.

“Think Win-Win” is not an easy task. In general, we are prepared for the Win – Lose type of relationship. If the other wins, that means that we lose. We should stop believing that.

Thinking win-win requires the extra effort and creativity to look for mutually beneficial alternatives and solutions.

Habit 5: Search to UNDERSTAND First, BEFORE Being UNDERSTOOD

Most people listen to respond, but we do not listen to understand, and that is a big issue.

There are different levels of listening – each one depending on the degree of attention we pay to what the other person is telling us. In order to understand, we should develop what is known as “Empathic Listening,” which consists of putting all of our attention and intention into trying to understand what the other person needs to express to us.

For example, in the case of the development of a new product, the listening would need to happen before manufacturing the new product in order to understand the needs of our future consumers. In essence, it is to get out of our own way of thinking and into the shoes of the other person.

It is similar to the fact that to be able to provide a prescription, a doctor must diagnose the patient. This means he/she must understand what is happening to us.

This habit responds to a deep and perhaps unconscious human longing to feel understood.

Habit 6: SYNERGY

This habit is based on creative cooperation. Synergy suggests that through the collaboration of a group of people, we can obtain greater and better results than working individually. “Everything is greater than the sum of its parts.”


Something very interesting about this habit is that it raises the differences between people. Not only should these differences be accepted, but they should also be VALUED. Strength is obtained from differences and not similarities.

Two people with 10 years of work experience working together at the same time, sharing knowledge, have in fact 20 years of experience. There may be five primary colors, but by combining them we can obtain many more colors.

Synergy requires developing common objectives and a sense of mission: “Neither your idea nor mine, but an improved common idea.”

Habit 7: SHARPEN THE SAW

This principle refers to the renewal and continuous improvement of the body, mind, and spirit, social relationships (friends, family, neighbors, etc) and emotional relationships (relationships with ourselves). This well-applied habit generates or allows the development of the other six habits. Basically, it states that we must keep in mind the objective of continuously improving.

Although the concept of sharpening the saw refers to the integral improvement of ourselves, we can take an example of what happens in the world of software development. It is well known that one language or framework can become obsolete in a couple of years, and if programmers do not update themselves, they also become obsolete. This leaves them with less employability in the labor market.

CONTINUITY OF MATURITY 

During the development of habits, the author speaks of “Private Victory” and “Public Victory.”

 

The first three habits refer to the private victory and are habits that are achieved individually: be proactive; start with the goal in mind and prioritize.

The following three habits refer to the Public Victory: Think Win-Win, seek to understand before being understood and to synergize. These are habits that involve the relationships with other people.

To achieve the Public Victory, the author indicates that private victory should be achieved first. With the private victory we achieve the “Independence” that basically refers to being responsible for ourselves, our actions, and their consequences.

With the public victory we achieve the “interdependence” needed to achieve, improve, and grow through our relationships with other people.

With both victories, we leave aside the “dependence” of other people who rule over the state in which our life is located.

Good habits - Continuity of maturity

Reference:

  • The 7 Habits of Highly Effective People,  Stephen Covey, 1989

Finding and fixing security vulnerabilities

By Hernan Amaya – Java Developer at Santex

One of the main pillars of the Information Technology industry is security. Can you imagine what software would be like without security? Everyone could access privileged information everywhere, causing potentially precarious situations. It’s obvious that everybody who owns software wants to be secure against cyber attacks. Developers are always concerned about designing and implementing software that is protected. Yet no matter what tools or knowledge are at our disposal, no one can be certain that his or her development is 100% secure. That is why once a certain software is stable, it is good to determine whether or not it has any security vulnerabilities. Luckily, nowadays it is possible to use security vulnerability scanners for this purpose.

Our main goal is to share how to use different security scanners. We will also find and explain how to fix security vulnerabilities in a web application. Every tool exposed is automatic and straightforward and uses default configurations. We will scan demo.testfire.net. This web application is available for commercial use and free tools. To conclude, we will highlight all the vulnerabilities found in this web application.

AppScan

IBM developed this commercial tool. It runs on Windows and has a trial version that allows you to  scan the web application located at demo.testfire.net.

After installing and running the software in your local environment, select the following options: File -> New -> Regular Scan for accessing the wizard.

Adding software dependency to your project – web frameworks

AppScan offers three possible exploration methods. The first option is for scanning web applications. The second option is for REST APIs. The third option is for SOAP web services.

Leave the AppScan option selected and press the Next button.

Web scan against cyber attacks - Appscan wizard, enter the URL.

Enter https://demo.testfire.net and click Next.

Web scan against cyber attacks - Appscan wizard, select login method.

Leave the recorded option selected and click Next.

Web scan against cyber attacks - Appscan wizard, select test policy.

Scroll and select ‘Complete’ to let AppScan do an integral scan.

Web scan against cyber attacks - Appscan wizard, select option to complete the wizard.

Leave ‘Start a full automatic scan’ selected and press Finish. A pop-up will appear asking whether to save the project or not. Click ‘Yes’ to save it or ‘No’ to continue without saving it. The scan will start. Wait until it finishes. You may receive suggestions to change configuration options for improving the scan.

Web scan against cyber attacks - Appscan scan expert recomendations.

Press ‘Apply Recommendations’ and wait for the new scan phases to finish.

Web scan against cyber attacks - Appscan scan expert complete.

Click on ‘Issues’ to view the results of the analysis.

Web scan against cyber attacks - Appscan results.

Open VAS

This tool is Open Source and free. Several operating systems such as Windows and Linux support it. After installing Open VAS follow these instructions:

Web scan against cyber attacks – Open VAS, login page.

First, access the URL where Open VAS is running.

Web scan against cyber attacks – Open VAS, main screen.

Click the purple icon and then select “Task Wizard.”

Web scan against cyber attacks – Open VAS, task wizard.

Enter demo.testfire.net and press “Start Scan.”

Web scan against cyber attacks – Open VAS, task in progress

Wait for the task to complete. You can access the results by clicking on the progress bar whenever you want. When it is complete, you will be able to see all the results.

Web scan against cyber attacks – Open VAS, complete results.

Vega

Vega is a free and Open Source web security scanner. It is a web security testing platform to test web applications. It runs on Linux and Windows.

After you have installed Vega follow these instructions.

Web scan against cyber attacks – Vega, starting the wizard.

Press Scan -> Start a New Scan. The wizard will start. Enter demo.testfire.net in the Scan Target URI and click Next.

Web scan against cyber attacks – Vega, wizard, select modules.

Leave the default modules and click Next. You can examine them and add the ones you consider to be necessary, but adding new modules will require more analysis time.

Web scan against cyber attacks – Vega, wizard, cookies and authentication identity.

Leave cookies and authentication identity blank and click Next.

Web scan against cyber attacks – Vega, wizard, parameters.

Leave the parameters that are already on the exclusion list. Add the ones you consider important to exclude. Click Finish.

Web scan against cyber attacks – Vega, scanning process.

Wait until the scanning process ends. It shouldn’t take long.

Web scan against cyber attacks – Vega, scanning results.

Zed Attack Proxy

This tool is free and Open Source as well. It runs on several Operating Systems such as Linux and Windows. After installing it, follow these instructions.

Web scan against cyber attacks – ZAP, star scan.

In Quick Start enter https://demo.testfire.net and press start.

Web scan against cyber attacks – ZAP, scan results

This is a summary of the results:

 

Web scan against cyber attacks – Vulnerability results from different security scanners

 

Conclusion

Security is crucial in software development. Having tools for finding vulnerabilities and suggesting how to fix them is a wonderful benefit.

In this analysis, we scanned demo.testfire.net using several tools. AppScan is a commercial tool that has desktop and web application versions. The technical difference between them is the way you interact with them, and that the latter one’s result is a PDF file. The commercial difference is that, with the web application, you are able to pay for each individual scan, while with the desktop application, you have to pay for an entire year.

To sum up, we have discovered that nowadays the most powerful security scanner available is IBM’s AppScan. However, using several free, Open Source scanners is an excellent alternative. Consequently, combining scanners such as Open VAS, Vega and ZAP can be powerful as well.