Software Testing

How To Break Web Software - A look at security vulnerabilities in web software

admin — Thu, 31 May 2007 16:44:29 -0500

As more applications get "web-ified" moving from the desktop or legacy systems onto the web, attackers follow the vulnerabilities. Without sophisticated tools or "1337 5x1llz", web applications are now the most attacked technology, with the majority of attacks categorized as "easily exploitable".

So, before your application is placed out into one of the most hostile environments, how do you stop your software from being "0wn3d" by the 14 year old in their blacked-out bedroom, or being used by a Russian crime cartel?

GUI Regression Test Tools / Automation

admin — Tue, 29 May 2007 21:28:30 -0500

GUI-level regression test tools are the most commonly used black box test automation tools. There is a huge business (vendors and consultants) invested in these tools. But one of the most common ways of using them (capture-replay) yields poorly designed, unmaintainable code. It is possible to use (most of) the tools in ways that go beyond capture/replay but this requires programming skill, thoughtful design, and a good enough understanding of the tool's (often very poorly documented) programming language

Can you test Completely ? When to Stop Testing ?

admin — Tue, 29 May 2007 21:26:14 -0500

t's impossible to fully test a program. In the face of an infinitely large testing task, we must be skeptical of statements that some people make that the testing project must always do this or always deliver that. In the face of an infinitely large task, everything is a tradeoff--work spent on one task is work not allocated to another. Wise allocation of resources to tasks and deliverables must be a function of the information objectives of the project at hand.

Agile Testing *****

admin — Tue, 29 May 2007 21:24:22 -0500

s more teams are adopting Agile practices such as XP and Scrum, ... all » software testing teams are being asked to become "Agile" as well. But what does that mean?

Improve Testing Effectiveness Training

admin — Tue, 29 May 2007 21:14:56 -0500

Testers' ability to identify, assess and prioritize risk is critical to having the right test focus. Objective, quantitative methods for risk assessment generally do not work well. And s ubjective, intuitive methods for risk assessment are derived as much or more from emotion and psychology rather than "logic".

Become a Software Testing Expert

admin — Tue, 29 May 2007 21:05:36 -0500

You're already an experienced tester. You know how to design tests and report bugs. Now what? Do you feel like an expert?