Archive

Archive for the ‘ISV’ Category

When you apply for a job, read the job posting!

April 8, 2008 17 comments

I am constantly amazed by the number of job candidates who apply for a position without reading the job posting. We are currently hiring for three positions:

  • Agile .NET Developer
  • Agile .NET Developer Internship
  • Graphics Designer

All three involve *doing* something in order to be considered for the position – for the developer positions it requires completing a code sample and sending it in with your resume. For the graphics designer position, it requires putting together a fun design and sending it in with resume.

image I have not kept accurate numbers (since we have run the postings for a while now with lots of applicants) but roughly 1 out 2 candidates for the developer positions and a whopping4 out of 5 candidates for the graphics designer position do not submit their design/code. If I receive 20 applications in two days and your application is canned and does not include the design/code – then guess what happens to yours? … it gets DELETED. Can you believe that there are many applicants who just send a resume without even a cover letter?

If you can’t bother to read a job posting, why do you expect someone else to bother reading your resume?

It is truly amazing that some people believe their resume alone will make them stand out – I imagine many companies don’t even open the resume if the applicant hasn’t met the requirements of the job posting – I know we don’t.

A job is an significant part of our lives and should be treated with importance.

When you next apply for a job:

  1. Read the job posting entirely.
  2. Submit any additional samples/code as required.
  3. Research the company, understand what they do and why you might want to work there.
  4. Write a good cover letter explaining what you find interesting about the company, team or position.

Take these simple steps and you will stand out.

We are hiring! Do you want to write beautiful code in a Test Driven, Refactored, Agile .NET software company in the heart of Washington DC and work on cool products? Take the code test and send your resume along with why you want to join Thycotic to tddjobs@thycotic.com. (don’t forget to read the job posting! :))

Secret Server at FOSE 2008

April 4, 2008 1 comment

Jonathan, Dan, Ken and Kevin, Eddie (absent today) We took the Secret Server booth to the FOSE 2008 Conference this week.  FOSE is the largest IT event for US Government.  It wasn’t really a very long trip for us … about 12 blocks east from our offices in Dupont Circle in Washington DC to the DC Convention Center. 🙂

This was a very different conference for us since the audience varied widely in their roles compared to a conference such as Microsoft TechEd.  We met lots of IT managers and also our core audience of System Administrators and Network Administrators.  If you have an Excel spreadsheet of passwords that you share across your team … then Secret Server is a no brainer for you.

My favorite part of tradeshows is hearing where your product falls short and learning to better understand your customer’s needs.  Secret Server has come a long way in the last year and most the requests we heard were already met within the product.

The next stop for the Secret Server booth will be the Microsoft TechEd 2008 Conference (IT Pro week) in Orlando, Florida in June.  If you are going, please stop by our booth to say hi.

 

Jonathan Cogley is the CEO and founder of Thycotic Software, a .NET consulting company and ISV in Washington DC.  Our product, Secret Server is a enterprise password manager system for teams to secure their passwords.  Is your team still storing passwords in Excel?

Learning from your Burn Down chart

March 18, 2008 Leave a comment

image

The chart to the left represents the Burn Down chart for the Secret Server 4.1 release which shipped on March 14th 2008.  We have always shipped Secret Server on the published date (or in the early hours of morning the next day!) but this release pushed things a little too close for our liking.  What was the problem?  Did we take on too much?  Did we trade off scope like we are supposed to?

Looking at the Burn Down we can see that our velocity was really low in the early stages of the release.  This was mostly due to some support issues that drained our development resources and also some staff shuffling on projects which lead to inefficiencies.  We were able to make up for this with a phenomenal increase in velocity in the final iterations.  Unfortunately this was achieved by using more team resources to accomplish the tasks.  While the increased velocity is good, it also means there was a greater rate of change in the codebase at a point where quality assurance was trying to stabilize the product.  Test Driven Development certainly helps by allowing us to lean on our regression suite of tests but it is still not ideal.

So what went wrong?  We will be having a recap meeting later this week to determine how to improve our planning for future releases. We need to get back on track to our usual release schedule where we are ready for the actual release days before the release date (not bad for a small team with frequent releases!).  I think part of the problem was not planning properly for reducing scope.  We left one of the larger features of the release until the end (the Role Based Security feature) – then we didn’t recognize that this feature could be thinned out to reduce scope but rather implemented most of the originally specified functionality. 

image

Typically our team cannot easily change resources (cost) since most team members are committed to projects and cannot easily shift responsibilities.  We also can’t change the date since customers are expecting a release on a particular date because sales and support have been giving this date out for a few weeks.  This only leaves scope as the final equalizer to make timely releases possible.  In future, we will need to be more careful to ensure that scope can always still be reduced if necessary.

What does your Burn Down Chart tell you?

 

We are hiring!  Do you want to write beautiful code in a Test Driven, Refactored, Agile .NET software company in the heart of Washington DC and work on cool products
Take the code test and send your resume along with why you want to join Thycotic to
tddjobs@thycotic.com.

Secret Server 4.1 goes live!

March 15, 2008 Leave a comment

The team thinks it should be 5.0 since the new features were pretty huge! :)  The full release notes are here.  The new version includes role based security which allows you to slice and dice the access to various features across your organization.  We also have a new feature that allows you to automatically launch Remote Desktop from a secret which is very convenient. 

We have also had interest from many customers about “hardening” their Secret Server installation so there is a new “hardening” report which gives a pass/fail for various features that will make security tighter.  This is really the classic tradeoff between security and convenience.

hardening 

“Simply put, it is possible to have convenience if you want to tolerate insecurity; but if you want security, you must be prepared for inconvenience.”
– General Benjamin W. Chidlaw

 

We are hiring!  Do you want to write beautiful code in a Test Driven, Refactored, Agile .NET software company in the heart of Washington DC and work on cool products
Take the code test and send your resume along with why you want to join Thycotic to
tddjobs@thycotic.com.

What makes some code confusing?

February 23, 2008 18 comments

Developers look at code for hour upon hour every day.  After some years of doing this, you can just look at something and almost intuitively understand what it is doing – assuming that some effort has been made by the developers to keep the code clear and understandable.  But every now and then, you find a doozy.

I came across this one while working on a feature with Alessandro – my programming pair partner that day.

public bool MayUserChangeEntity()
{
    return !(Id > 0 && Security.GetCurrentAccount().IsNormalUser() && Entity.GetEntity(EntityId).EntityNumber > 0);
}

I looked at this with my pair for a good five minutes and was still no closer to grasping it!  Why do I struggle to understand this expression?

  • Because it is all on one line?  No, ternaries are perfectly normal and effective when used well.
  • Clearly some time had been spent by the developers to summarize the intent of this method and unfortunately the developers were taking advantage of the && operator to avoid executing the more expensive checks by putting them at the end (this prevented them using Introduce Explaining Variable since the performance gain would be lost).
  • Is it the number of terms being evaluated?  That seems unlikely since they are not overly complex.
  • Is it the negative return?  Yes, but more than that.  As the number of conditions increase it seems to be harder for me to understand the implication of the negative especially combined with the multiple “and” logic.  I think the brain struggles a little with the negation and the boolean && … you start wondering if all the && become || due to the negation or is that incorrect?

Needless to say, we decided to “refactor to understand” and quickly broke it out into simpler terms:

public bool MayUserChangeEntity()
{
    return !IsSaved() || Security.GetCurrentAccount().IsSpecialUser() || IsEntityDraft();
}

private bool IsSaved()
{
    return Id > 0;
}

private bool IsEntityDraft()
{
    return Entity.GetEntity(EntityId).EntityNumber == 0;
}

Let’s review what we achieved:

  • We kept the same basic structure of the conditions.
  • We created more methods (and more code) but made some of the expressions easier to understand by using a method name to explain the idea.  (Using Extract Method instead of Introduce Explaining Variable can be a good way to get clarity but still get the benefits of only evaluating the expression if necessary.)
  • We removed the negated boolean logic and converted the conditions to separate positive checks.

It is difficult to say that the resulting code is *MUCH* better but I have no trouble reading the one liner ternary now.  The human brain is a strange machine.

 

 

We are hiring!  Do you want to write beautiful code in a Test Driven, Refactored, Agile .NET software company in the heart of Washington DC and work on cool products
Take the code test and send your resume and why you want to join Thycotic to
tddjobs@thycotic.com.

Secret Server 4.0 has shipped!

December 22, 2007 Leave a comment

theming

We were hoping to ship one day early but a few delays in getting some updated artwork and some of the upgrade documentation caused us to ship yesterday on the scheduled day.  Secret Server has never missed a launch date since first being released in November 2005 – this is something we attribute to Test Driven Development, Pair Programming and an agile planning schedule.  Usually this means reducing scope slightly as the launch date approaches – this time we had to drop a fix for supporting backup when SQL Server is not on the IIS box but it will come in an update in early January.

So what is new in 4.0?

Theming

Theming allows you to create your own company theme for Secret Server – this was a popular request with customers. 

We also shipped two new themes with 4.0 – Blue Chrome and Corporate.

Inherited Permissions on Folders

Managing permissions on secrets and folders is tedious.  4.0 brings permission inheritance across secrets,sub-folders and folders.  This makes it possible to specify who has access at a high level and allow those rights to cascade through the hierarchy.

Additional Highlights

  • Optional, customizable Login Policy Statement for corporate environments
  • Migration from the Microsoft .NET Framework 1.1 to 2.0
  • Ability to search by sub-folder
  • More…

 

Jonathan Cogley is the CEO and founder of Thycotic Software, a .NET consulting company and ISV in Washington DC.  Our product, Secret Server is a enterprise password manager system for teams to secure their passwords.  Is your team still storing passwords in Excel?

Do you have what it takes to be a Thycotic TDD Developer?

October 11, 2007 5 comments

thycotic Thycotic is gearing up for a new product development cycle and we are looking to grow our team of passionate test-first developers. Our team is one of the best places to learn and improve your agile development skills.

Can you solve the problem below?
http://www.thycotic.com/codetest.txt

Please submit your solution with your resume to tddjobs@thycotic.com

You willbe joining a highly capable team of .NET developers who work on consulting projects for clients and interesting products such as Secret Server.

Requirements:

  • You want to develop using Test Driven Development (that is *ALL* we do!)
  • You live, breathe, sleep, eat and drink code of the C# or VB.NET flavor
  • You enjoy or are excited about Pair Programming
  • You have a strong understanding of Object Oriented principles, the .NET Framework, ASP.NET, relational databases and web application development
  • You have the permanent legal right to work in the United States
  • You have excellent written and spoken English
  • You are able to communicate effectively with co-workers and clients/customers
  • You are willing to work in the Washington DC Metro Area

Why come to Thycotic?

  • We always practice TDD and Pair Programming
  • We are a Microsoft Gold Certified Partner
  • Your ideas and opinions will be valued
  • You will be working in the heart of Washington, DC
  • You will continually learn about new development techniques and technologies

PLEASE NO RECRUITERS, THIRD PARTIES, INDEPENDENTS OR OFFSHORE COMPANIES.