Developer pillar · Module 3 of 6

Development tools

Good tools make you more productive. Great developers know their tools deeply. Here’s what you need to know.

← Back to Developer Fundamentals Training

Controls stack visual kit

Reusable icons and a telemetry-to-audit diagram aligned to our fundamentals and operational guides.

Governance evidence

Use for control statements that cite ISO/IEC 42001 clause 6.3 change management, EU AI Act Articles 62–75, and SOC 2 trust service criteria.

Secure supply chain

Pair with SBOM, provenance, and intake guidance that references SPDX or CycloneDX formats, SLSA Level 3 attestations, and NIST SSDF tasks PS.3/PO.4.

Telemetry & evaluations

Highlight logging of prompts, responses, refusal rates, and safety filters alongside adversarial evaluation suites from NIST AI RMF playbooks or UK AISI guidance.

Assurance & resilience

Use for incident response and assurance artefacts that must meet OMB M-24-10 24-hour notifications, CIRCIA’s 72-hour clocks, and serious-incident duties under the EU AI Act.

Signals Controls Evidence Audit

Signals: prompt traces, supplier advisories, and safety filter activations streamed into monitoring.
Controls: guardrails, change review, SBOM validation, and access enforcement tied to AI lifecycle gates.
Evidence: runbooks that capture artefacts for ISO/IEC 42001 management reviews and SOC 2 narratives.
Audit: regulator-facing packets that satisfy EU AI Act post-market monitoring, OMB M-24-10, and CIRCIA timelines.

3.1 Git and version control

If you learn one tool, make it Git. It tracks changes to your code, lets you collaborate, and saves you from disasters.

Commits. Snapshots of your code at a point in time. Good commit messages explain why, not just what.
Branches. Parallel versions of your code. Work on features without breaking the main codebase.
Pull requests. Propose changes for review before merging. The standard collaboration workflow.
GitHub/GitLab. Platforms built on Git. Host your code, collaborate, track issues. Your profile is a portfolio.

3.2 IDEs and editors

VS Code

Free, extensible, wildly popular. Works for almost any language. The default choice for most developers today.

JetBrains IDEs

IntelliJ (Java), PyCharm (Python), WebStorm (JS). Powerful but heavier. Many swear by them for language-specific features.

Vim/Neovim

Terminal-based, keyboard-driven. Steep learning curve, but incredibly fast once mastered. A badge of honour for some.

Terminal/CLI

Don’t fear the command line. Learn basic shell commands. Many tools only exist as CLI. It’s not scary once you start.

Other essential tools

Package managers. npm (JavaScript), pip (Python), go mod (Go). Install and manage dependencies.
Debuggers. Step through code line by line. Essential for understanding what’s happening.
Linters/formatters. Catch errors and enforce style. Prettier, ESLint, Black. Set them up once, forget about formatting debates.
Docker. Package applications with their dependencies. “Works on my machine” becomes “works everywhere.”

Free resources

Git: Learn Git Branching — Visual, interactive Git tutorial
Git: Atlassian Git Tutorials — Comprehensive guides
Command line: Codecademy Command Line — Free basics
Docker: Docker Curriculum — Free Docker guide

← Previous: Languages and ecosystems Next: Writing better code →