by Andrew Whalen | Mar 25, 2026 | Articles
Most quality problems do not begin as mistakes. They begin as shortcuts. A similar integration is implemented slightly differently. A naming convention is ignored “just this once.” A reusable module is bypassed to save time. A complex microflow grows instead of being...
by Andrew Whalen | Mar 25, 2026 | Articles
Security work often feels reactive. A vulnerability scan produces findings. A penetration test identifies misconfigurations. An access review uncovers excessive privileges. A hotfix must be rushed into production. The cycle is familiar. Build. Release. Scan. Fix. For...
by Andrew Whalen | Mar 25, 2026 | Articles
Developers in regulated environments operate under dual pressure. Delivery cycles are short. Business expectations are high. Features must move from idea to production quickly. At the same time, every change must be traceable. Every deployment must be approved. Every...
by Andrew Whalen | Mar 17, 2026 | Articles
In the early stages of a Mendix journey, speed is the dominant metric. Ideas move quickly. Business cases are validated rapidly. Applications reach production in weeks instead of months. The platform proves its value. But over time, another question begins to surface....
by Andrew Whalen | Mar 10, 2026 | Articles
Validation after the fact is no longer sufficient In many organizations, security is treated as a validation step. Code is written. Features are released. Security reviews happen afterward. If issues are found, they are fixed. This model has worked for years. It feels...
by Andrew Whalen | Mar 2, 2026 | Articles
Compliance is not something you assemble, it is something you control. In conversations with platform owners and compliance leaders, I often hear a familiar reassurance: “We are compliant. We passed our audit.” It sounds solid. Responsible. Controlled. But in a...
Recent Comments