BestHub
Sign in
Tag

risk mitigation

1 views collected around this technical thread.

Kujiale Project Management
Kujiale Project Management
Jun 3, 2025 · R&D Management

How Dynamic Process Management Drives New‑Domain Exploration in Four Iterations

This article explains how a project team tackled the challenges of entering a new business domain by replacing rigid, one‑size‑fits‑all controls with a dynamic, LEGO‑like management mechanism that evolved through four versions—chaos, layered, contraction, and attack—resulting in faster alignment, risk pre‑positioning, and collaborative evolution.

R&Dagilecollaboration
0 likes · 12 min read
How Dynamic Process Management Drives New‑Domain Exploration in Four Iterations
Dual-Track Product Journal
Dual-Track Product Journal
Apr 11, 2025 · Operations

Why Your Replenishment System Traps You in a ‘More Restock, More Shortage’ Loop—and How to Fix It

This article dissects common failures in e‑commerce replenishment—such as hot‑product black holes, slow‑moving stock graves, and supply‑chain avalanches—and presents a seven‑step framework of dynamic forecasting, tiered strategies, distributed inventory, and automated safeguards to stabilize inventory levels.

Automationforecastinginventory management
0 likes · 9 min read
Why Your Replenishment System Traps You in a ‘More Restock, More Shortage’ Loop—and How to Fix It
Tencent Technical Engineering
Tencent Technical Engineering
Mar 19, 2025 · Information Security

AI Programming Security Risks and Countermeasures

As AI tools soon generate the majority of software, they dramatically amplify hidden security risks—such as hard‑coded secrets, XXE, directory traversal, and privilege escalation—requiring zero‑trust scanning, secret interception, command filtering, privilege‑fuse safeguards, and AI‑native semantic analysis to protect the modern code supply chain.

AI programmingAI securitySoftware Security
0 likes · 9 min read
AI Programming Security Risks and Countermeasures
Architecture and Beyond
Architecture and Beyond
Mar 15, 2025 · Information Security

Prompt Injection Attacks on Large Language Models: Risks, Types, and Defense Framework

This article explains how prompt injection attacks exploit large language models by altering their behavior through crafted inputs, outlines the major harms and attack categories—including direct, indirect, multimodal, code, and jailbreak attacks—and presents a comprehensive three‑layer defense framework covering input‑side, output‑side, and system‑level protections.

AI safetyLLM securityinformation security
0 likes · 16 min read
Prompt Injection Attacks on Large Language Models: Risks, Types, and Defense Framework
Dual-Track Product Journal
Dual-Track Product Journal
Feb 12, 2025 · Product Management

Avoid a 500K Loss: 3 Fatal Requirement Doc Mistakes and How to Fix Them

This article reveals how vague or incomplete requirement documents can cost companies hundreds of thousands, outlines three common fatal mistakes with concrete examples and corrective guidelines, and provides a practical checklist to rescue and improve future specifications.

checkliste-commerceproduct management
0 likes · 5 min read
Avoid a 500K Loss: 3 Fatal Requirement Doc Mistakes and How to Fix Them
FunTester
FunTester
Aug 28, 2024 · Operations

Shadow Testing: Reducing Risk and Ensuring Seamless System Changes

Shadow testing is a parallel deployment strategy that minimizes the risk of system changes, safeguards user experience, validates performance and data integrity, and provides a controlled environment for comprehensive testing, supported by a suite of modern tools and real‑world case studies.

CI/CDContainerizationDeployment
0 likes · 17 min read
Shadow Testing: Reducing Risk and Ensuring Seamless System Changes
AntTech
AntTech
Dec 26, 2023 · Artificial Intelligence

Key Insights from Wang Weiqiang’s Speech on Large‑Model Security at the AI Innovation and Governance Conference

Wang Weiqiang, chief scientist of Ant Group’s Security Lab, highlighted the urgent need for both rapid detection and long‑term trustworthy safeguards for large AI models, outlining Ant’s data‑detox, guard‑rail, and detection platforms as core solutions to emerging risks such as hallucinations, bias, and data leakage.

AI safetyAnt GroupLarge Models
0 likes · 10 min read
Key Insights from Wang Weiqiang’s Speech on Large‑Model Security at the AI Innovation and Governance Conference
High Availability Architecture
High Availability Architecture
Dec 20, 2023 · Information Security

API Anti‑Crawling and Security Architecture: Risk Detection, Strategy, and Effectiveness at Bilibili

This article details Bilibili's comprehensive anti‑crawling system, covering the background of API abuse, the data‑flow framework, risk perception, strategy iteration, verification mechanisms, gateway signing design, and the measurable impact on normal and special‑case interfaces.

API securityBilibiliVerification
0 likes · 19 min read
API Anti‑Crawling and Security Architecture: Risk Detection, Strategy, and Effectiveness at Bilibili
DataFunTalk
DataFunTalk
Apr 20, 2023 · Product Management

How Organizational Analysis Determines the Success of Data Products

This article explains why analyzing an organization’s structure, collaboration patterns, and risks is crucial for data product success, outlines an ideal data‑centric organization model, shares real‑world examples and practical steps, and provides a Q&A on common challenges faced by product teams.

data productorganization analysisproduct management
0 likes · 23 min read
How Organizational Analysis Determines the Success of Data Products
Architects Research Society
Architects Research Society
Nov 3, 2022 · Operations

Potential Costs of Shadow IT for Enterprises

Unapproved software, known as shadow IT, can impose hidden personnel, business, and technical expenses on organizations, and CIOs must identify, prevent, and mitigate these costs to maintain smooth IT operations and avoid legal, security, and productivity risks.

Cost ManagementEnterprise SecurityIT Operations
0 likes · 7 min read
Potential Costs of Shadow IT for Enterprises
Zhuanzhuan Tech
Zhuanzhuan Tech
Jun 8, 2022 · Backend Development

Design and Implementation of a Dynamic Configuration Development Solution at Zhuanzhuan

The article analyzes the risks and efficiency challenges of using Apollo for dynamic configuration in various business scenarios, explores past mitigation approaches, and presents a standardized, automated, and immersive view‑driven solution that achieved full coverage and zero production configuration errors in Zhuanzhuan's B2C platform.

AutomationBackend DevelopmentConfiguration Management
0 likes · 8 min read
Design and Implementation of a Dynamic Configuration Development Solution at Zhuanzhuan
NetEase LeiHuo Testing Center
NetEase LeiHuo Testing Center
Apr 22, 2022 · Game Development

Art Asset Risks and Inspection Practices in Game Development

This article examines common risks associated with game art assets, presents real-world external case studies of asset‑related failures, and outlines systematic static and dynamic inspection methods across production, upload, and packaging stages to improve quality, performance, and player experience.

Asset Managementgame artperformance optimization
0 likes · 12 min read
Art Asset Risks and Inspection Practices in Game Development
ByteDance Data Platform
ByteDance Data Platform
Apr 20, 2022 · Operations

How Progressive Delivery Cuts Release Risk While Accelerating Iterations

This article explains progressive delivery and feature‑flag based smart release, showing how controlled rollout pace and stage authorization reduce deployment risk, enable rapid iteration, and integrate with CI/CD, A/B testing, and monitoring for safer software releases.

CI/CDFeature FlagsProgressive Delivery
0 likes · 17 min read
How Progressive Delivery Cuts Release Risk While Accelerating Iterations
DevOps
DevOps
Oct 12, 2021 · Operations

Gray Release (Canary Deployment): Concepts, Benefits, and Implementation Guide

This article explains what gray release (canary deployment) is, why it is needed to reduce risk and improve product quality, and provides a step‑by‑step guide covering strategy, user targeting, data feedback, rollback, deployment architectures, and version management for modern software operations.

Canary DeploymentSoftware DeploymentVersion Control
0 likes · 13 min read
Gray Release (Canary Deployment): Concepts, Benefits, and Implementation Guide
AntTech
AntTech
Apr 8, 2021 · Information Security

Mobile Communication Security: From 2G/4G to 5G – Technical Risks, Attacks, and Countermeasures

The article reviews a two‑part lecture series on mobile communication security, covering the evolution from 2G/4G to 5G, detailing technical vulnerabilities such as 5G messaging, NULL SCHEME, key‑reuse attacks, IMP4GT and SLIC, and describing industry‑academic collaborations and mitigation efforts.

5G securitymobile communicationnetwork attacks
0 likes · 10 min read
Mobile Communication Security: From 2G/4G to 5G – Technical Risks, Attacks, and Countermeasures
360 Quality & Efficiency
360 Quality & Efficiency
Jul 18, 2019 · R&D Management

Handling Reverse‑Scheduled Projects: Strategies for Development and Testing Teams

This article explains how to evaluate the necessity of reverse‑scheduled projects, assess timeline feasibility across requirement, development, and testing phases, and presents three practical approaches—adding manpower, adjusting requirements, and improving efficiency—along with key precautions to ensure successful on‑time delivery.

developmentproject managementresource allocation
0 likes · 6 min read
Handling Reverse‑Scheduled Projects: Strategies for Development and Testing Teams
360 Tech Engineering
360 Tech Engineering
Jun 10, 2019 · Information Security

Design and Practice of Big Data Platform Security: Insights from 360’s Data Center Technical Director

In this interview, 360’s Big Data Center Technical Director Xu Hao discusses the critical data security challenges faced by enterprises, outlines regulatory, system‑level, and managerial risks, and shares practical strategies for building robust security governance, platform architecture, permission controls, and cloud‑based data protection.

Big DataCloud SecurityData Security
0 likes · 13 min read
Design and Practice of Big Data Platform Security: Insights from 360’s Data Center Technical Director
转转QA
转转QA
Mar 6, 2019 · R&D Management

How to Handle Changing Requirements and Improve Project Delivery

This article discusses common problems in fast‑paced project iterations—such as volatile requirements, low‑quality demand, delayed testing, and cross‑team dependencies—and presents practical methods like user stories, demand checklists, early annotations, developer‑led requirement reviews, and testing best practices to improve delivery speed and quality.

Requirement EngineeringUser Storyagile
0 likes · 8 min read
How to Handle Changing Requirements and Improve Project Delivery
Baidu Intelligent Testing
Baidu Intelligent Testing
Mar 27, 2017 · Operations

Gray Release (Canary Deployment) Strategies and Practices

The article explains gray release as a smooth, risk‑mitigating deployment method, outlines why it is needed, describes its limitations, and compares four practical gray‑release solutions—including code‑level flags, pre‑release machines, SET isolation, and dynamic routing—before recommending a combined approach.

Canary Deploymentdeployment strategygray release
0 likes · 11 min read
Gray Release (Canary Deployment) Strategies and Practices
Baidu Intelligent Testing
Baidu Intelligent Testing
Apr 5, 2016 · Operations

Hot Reload: Common Pitfalls and How to Avoid Them

This article examines the hidden risks of hot‑reload mechanisms in web services, illustrates real incidents caused by careless configuration updates, analyzes root causes, and offers practical steps for detecting and fixing such pitfalls to improve operational reliability.

Configuration ManagementIncident AnalysisSoftware Operations
0 likes · 7 min read
Hot Reload: Common Pitfalls and How to Avoid Them