Mythical Beasts and Where to Find them
Best Practices in Software Development
.avif)
During a recent meeting with several junior developers, I found myself repeatedly trying to justify my design pattern. As exasperating as it was for me, it also brought some important issues to light for our team. Bringing previous experiences to a new project can be great, and fresh ideas are always good, but some things don’t transfer directly. And just because something has always been done a particular way doesn’t mean it’s the right — or only — way of doing it.
.avif)
We all start in the software field at the bottom of the barrel and have to work our way up. Being new doesn’t mean that you can’t make meaningful contributions to a project, or that your ideas are of less value than other more senior developers’ ideas. What it does mean is that you have less experience in the field. That lack of experience is both a benefit and a hindrance. Junior developers are often in the position of looking at a problem “from the outside” — not stuck in the “that’s just how it’s always been done” trap — and it’s eye-opening to hear fresh ideas. That being said, being new doesn’t necessarily make a fresh idea a good one, and the way we’ve always done something isn’t wrong simply because it’s old.
If you run a keyword search for ‘software development best practices’, you’ll find thousands of sites trying to sell you their brand of ‘best practices’, as if getting the desired results on any project is as simple as checking off a standardized list of tips and tricks. The reality is that the definition of ‘best practices’ really depends on many factors, and what works best for one project may not be feasible for another. So if there’s no winning formula, is there any such thing as ‘best practices’? Actually, yes.
In the most general sense, ‘best practices’ are guidelines that are developed over time, proving their usefulness by providing consistently high quality results. That’s it. There’s no magic bullet here. From a developer’s standpoint, ‘best practices’ are those that lend themselves to the production and delivery of quality software. When you listen to what experienced developers say about the right way to do things, you’ll hear the value of lessons learned over the course of lengthy development processes and multiple iterations of the projects they’ve worked on.
The vast differences between the products we build are the bread and butter of software development. If they weren’t, we’d all be out of work.
There it is, folks, the perfect software package. Behold its wondrous capabilities. It’ll even do the creative stuff for you. Can I get a ride to the unemployment office?
While each project we work on yields experience and knowledge that can be brought to bear on future challenges, there’s no such thing as one right way to approach every project. Developers with limited experience may struggle to understand why an approach that works well in some contexts won’t translate directly to others. With thousands of sites and books out there hailing the mystical power of “XYZ best practices to be to be successful,” it’s no wonder the promise of universally applicable ‘best practices’ become something of a holy grail to junior developers.
So why are about best practices? Care about them because the right ones — those informed by a depth and breadth of relevant experience — can make the difference between a successful project that stands the test of time, versus a hot mess that’s neither maintainable nor extensible. But also realize that the wrong ones can complicate your code base, slip the schedule and make troubleshooting issues difficult.
To determine which practices are the best ones for the task at hand, look for those that capitalize on your team’s strengths and work well within the development environment. By questioning, discussing and being respectful to other points of view, you can establish your own demonstrably effective ‘best practices’ that can be relied on to deliver successful results.
For more wisdom from the mythical cybersecurity realm, check out our other articles on Medium. You can also find us at AdaptForward.com.
.avif)
.avif)
RELATED POSTS

Cybercriminals: Not Just Guys in the Basement Anymore
Wait—What Just Happened Here?
I may not be old enough to remember a time when cybercriminals were not a credible threat to healthy networks, but I do remember a time when they were...

DPRK Cyber Actors: Pyongyang’s Favorite Fundraisers
Wait—What Just Happened Here?
At a recent threat intelligence conference, a briefer asked the audience to briefly describe the Democratic People’s Republic of Korea (DPRK)’s cyber program. I h...

Which is easier to teach: DCO or Threat Intelligence?
Wait—What Just Happened Here?
I had the pleasure of hearing a fellow cybersecurity professional speak at a conference recently that gave some excellent training advice on how to operationalize intellige....

Employee Spotlight: Joe Fulco Wins NCMS Society Award – Again!
Employee Spotlight: Joe Fulco has once again been honored with the prestigious NCMS Society Award, recognizing his outstanding contributions to the field of National Industrial Security.

What is Model Context Protocol?
What is Model Context Protocol? What are the Benefits? What are the Risks?
An educational piece that educates on Model Context Protocol and what it means for the DoD

The 2025 DBIR Is Clear: Small Defense Contractors Are the New Primary Target
Verizon 2025 DBIR and what it means for Small Defense Contractors
In the world of cybersecurity, perception lags behind reality. Many small and mid-sized defense contractors still believe they fly under the radar. The 2025 Verizon Data Breach Investigations Report (DBIR) puts that myth to rest.

What Happens When CVE Goes Dark?
The Hidden Threat to DoD Cyber Strategy, Zero Trust, and AI Modernization
In this thought leadership piece, Adapt Forward addresses the urgent need to modernize our national vulnerability intelligence infrastructure. The near-shutdown of the CVE program exposed a systemic fragility in the foundation of Zero Trust, AI-driven defense platforms, and CTEM pipelines. While CVE has served as a critical baseline for decades, it’s no longer sufficient in a world where adversaries move at machine speed. This article breaks down why CVE can’t be sunset overnight—but must evolve into a risk-aware, threat-informed, AI-compatible system. We outline the future: predictive scoring, contextual enrichment, and mission-driven collaboration across public and private sectors.

Hire Vets Gold Award
Adapt Forward Earns 2024 HIRE Vets Gold Medallion Award – For the Second Year in a Row
We are proud to announce that Adapt Forward has once again been awarded the HIRE Vets Gold Medallion by the U.S. Department of Labor—marking our second consecutive year receiving this prestigious national honor.

Inc 5000
Adapt Forward Named to the 2020 Inc. 5000 List of America’s Fastest-Growing Companies
We’re thrilled to announce that Adapt Forward has been ranked #542 on the 2020 Inc. 5000 list, the most prestigious ranking of the nation’s fastest-growing private companies!

James Cogswell Award
Adapt Forward Receives 2024 James S.Cogswell Award for Outstanding Industrial Security Achievement
We’re proud to announce that Adapt Forward has been selected as a 2024 recipient of the James S. Cogswell Outstanding Industrial Security Achievement Award by the Defense Counter Intelligence and Security Agency (DCSA).

Employee Spotlight: Joe Fulco Wins NCMS Society Award – Again!
Employee Spotlight: Joe Fulco has once again been honored with the prestigious NCMS Society Award, recognizing his outstanding contributions to the field of National Industrial Security.

What is Model Context Protocol?
What is Model Context Protocol? What are the Benefits? What are the Risks?
An educational piece that educates on Model Context Protocol and what it means for the DoD

The 2025 DBIR Is Clear: Small Defense Contractors Are the New Primary Target
Verizon 2025 DBIR and what it means for Small Defense Contractors
In the world of cybersecurity, perception lags behind reality. Many small and mid-sized defense contractors still believe they fly under the radar. The 2025 Verizon Data Breach Investigations Report (DBIR) puts that myth to rest.

What Happens When CVE Goes Dark?
The Hidden Threat to DoD Cyber Strategy, Zero Trust, and AI Modernization
In this thought leadership piece, Adapt Forward addresses the urgent need to modernize our national vulnerability intelligence infrastructure. The near-shutdown of the CVE program exposed a systemic fragility in the foundation of Zero Trust, AI-driven defense platforms, and CTEM pipelines. While CVE has served as a critical baseline for decades, it’s no longer sufficient in a world where adversaries move at machine speed. This article breaks down why CVE can’t be sunset overnight—but must evolve into a risk-aware, threat-informed, AI-compatible system. We outline the future: predictive scoring, contextual enrichment, and mission-driven collaboration across public and private sectors.

Hire Vets Gold Award
Adapt Forward Earns 2024 HIRE Vets Gold Medallion Award – For the Second Year in a Row
We are proud to announce that Adapt Forward has once again been awarded the HIRE Vets Gold Medallion by the U.S. Department of Labor—marking our second consecutive year receiving this prestigious national honor.

Inc 5000
Adapt Forward Named to the 2020 Inc. 5000 List of America’s Fastest-Growing Companies
We’re thrilled to announce that Adapt Forward has been ranked #542 on the 2020 Inc. 5000 list, the most prestigious ranking of the nation’s fastest-growing private companies!

James Cogswell Award
Adapt Forward Receives 2024 James S.Cogswell Award for Outstanding Industrial Security Achievement
We’re proud to announce that Adapt Forward has been selected as a 2024 recipient of the James S. Cogswell Outstanding Industrial Security Achievement Award by the Defense Counter Intelligence and Security Agency (DCSA).