Ho Chi Minh City Software Testing Conference January 2015
Software Testing in the Agile World
Website: www.hcmc-stc.org
Author: Richard Taylor
Agile teams don’t need traditional metrics: we do everything so quickly that we only need to know our velocity and cycle time". Is this an extreme claim, or is it realistic? When it's possible to implement a completely pure and simple Agile methodology, and react to all feedback almost immediately, it might be true. It's certainly true that some of the metrics which work well in other types of project lifecycle aren't useful in an Agile one. But are test metrics irrelevant in a large Agile project, with multiple teams and a formal release mechanism? What happens when an Agile project has to comply with standards, or with regulatory requirements, to produce proof of product quality? And even if those things aren’t true, aren't there some things we can measure that will tell us how good our Agile testing is, and how it might get better? This presentation should be helpful to anybody who is, or will be, testing in or managing an Agile project team. In it, Richard Taylor explains how to make some of his favourite test metrics useful in an Agile environment and why some others might better be avoided. Various types of coverage, effectiveness and weighted defect measures are explained and demonstrated. Richard shows how we can present both product and process metrics in a way that gives their message clearly to all interested people, including those from the business and from management who aren’t IT specialists.
Mats Grindal - Risk-Based Testing - Details of Our Success TEST Huddle
EuroSTAR Software Testing Conference 2009 presentation on Risk-Based Testing - Details of Our Success by Mats Grindal. See more at conferences.eurostarsoftwaretesting.com/past-presentations/
A short presentation to my internal peer group on some of the potential shortcomings of current penetration testing practices and what might be done about it.
Presentatie over Winkler Prins online voor het basisonderwijs. Winkler Prins online is dé webbased encyclopedie voor het Nederlands taalgebied. Een online kenniskit voor thuis én in de klas, overal te benaderen en altijd up-to-date. Maar ook: betrouwbaar, onafhankelijk en een gegarandeerd veilige omgeving voor kinderen. Winkler Prins online is uitdagend vormgegeven en koppelt een scala van multimedia aan vele artikelen. Als enige in zijn soort kent de Winkler Prins online drie versies, aangepast aan de leeftijd en het kennisniveau van de verschillende gebruikers.
Doelgroep presentatie: BIC-ers, bovenschoolse ICT coordinatoren van basischolen aangesloten bij APS-IT diensten.
Ho Chi Minh City Software Testing Conference January 2015
Software Testing in the Agile World
Website: www.hcmc-stc.org
Author: Richard Taylor
Agile teams don’t need traditional metrics: we do everything so quickly that we only need to know our velocity and cycle time". Is this an extreme claim, or is it realistic? When it's possible to implement a completely pure and simple Agile methodology, and react to all feedback almost immediately, it might be true. It's certainly true that some of the metrics which work well in other types of project lifecycle aren't useful in an Agile one. But are test metrics irrelevant in a large Agile project, with multiple teams and a formal release mechanism? What happens when an Agile project has to comply with standards, or with regulatory requirements, to produce proof of product quality? And even if those things aren’t true, aren't there some things we can measure that will tell us how good our Agile testing is, and how it might get better? This presentation should be helpful to anybody who is, or will be, testing in or managing an Agile project team. In it, Richard Taylor explains how to make some of his favourite test metrics useful in an Agile environment and why some others might better be avoided. Various types of coverage, effectiveness and weighted defect measures are explained and demonstrated. Richard shows how we can present both product and process metrics in a way that gives their message clearly to all interested people, including those from the business and from management who aren’t IT specialists.
Mats Grindal - Risk-Based Testing - Details of Our Success TEST Huddle
EuroSTAR Software Testing Conference 2009 presentation on Risk-Based Testing - Details of Our Success by Mats Grindal. See more at conferences.eurostarsoftwaretesting.com/past-presentations/
A short presentation to my internal peer group on some of the potential shortcomings of current penetration testing practices and what might be done about it.
Presentatie over Winkler Prins online voor het basisonderwijs. Winkler Prins online is dé webbased encyclopedie voor het Nederlands taalgebied. Een online kenniskit voor thuis én in de klas, overal te benaderen en altijd up-to-date. Maar ook: betrouwbaar, onafhankelijk en een gegarandeerd veilige omgeving voor kinderen. Winkler Prins online is uitdagend vormgegeven en koppelt een scala van multimedia aan vele artikelen. Als enige in zijn soort kent de Winkler Prins online drie versies, aangepast aan de leeftijd en het kennisniveau van de verschillende gebruikers.
Doelgroep presentatie: BIC-ers, bovenschoolse ICT coordinatoren van basischolen aangesloten bij APS-IT diensten.
An introduction to construction monitoring and testing services commonly performed on construction sites. (Authored by me on behalf of Geotechnical Services, Inc.)
Discover comprehensive manual testing courses in Hyderabad to kickstart your career in quality assurance. Join our expert-led program and gain hands-on experience in manual testing methodologies. Learn test case design, bug tracking, and test execution techniques. Enroll now for a valuable skill set that opens doors to rewarding job opportunities in the IT industry. Take the first step towards becoming a proficient manual tester with our Hyderabad-based course.
8. Nicole Player, MGT - Creating a Mine with Datamine Scenario Planning and S...Kristy Marshall
Creating a Mine with Datamine Scenario Planning and Sustained Value Delivery
Contact sales@dataminesoftware.com to enquire about Datamine software solutions.
An introduction to construction monitoring and testing services commonly performed on construction sites. (Authored by me on behalf of Geotechnical Services, Inc.)
Discover comprehensive manual testing courses in Hyderabad to kickstart your career in quality assurance. Join our expert-led program and gain hands-on experience in manual testing methodologies. Learn test case design, bug tracking, and test execution techniques. Enroll now for a valuable skill set that opens doors to rewarding job opportunities in the IT industry. Take the first step towards becoming a proficient manual tester with our Hyderabad-based course.
8. Nicole Player, MGT - Creating a Mine with Datamine Scenario Planning and S...Kristy Marshall
Creating a Mine with Datamine Scenario Planning and Sustained Value Delivery
Contact sales@dataminesoftware.com to enquire about Datamine software solutions.
We have experience with testing projects, both large and small. Sometimes our test estimates are accurate—and sometimes they’re not. We often miss deadlines because there are no defined criteria used to create our estimates. Sometimes we miss our schedules due to crunched testing timelines. Shyam Sunder briefly describes the different test estimation techniques including Simple, Medium, Complex; Top Down, Bottom Up; and Test Point Analysis. To assist in better estimating in the future, Shyam has prepared test estimation templates and guidelines, which can significantly help organizations in proper estimation of testing projects. Through his work, effort and schedule variations have significantly improved from ±60 percent to ±2 percent. Shyam explains the test estimation templates in detail and demonstrates how to choose the estimation templates for your organization’s software development process. Learn why effective software test estimation techniques help in tracking and controlling cost/effort overruns significantly.
Navigating the Software Testing Maze: Avoiding Common PitfallsAnanthReddy38
In the world of software development, testing stands as the guardian of quality, the gatekeeper that ensures applications meet user expectations. However, the path to successful testing is riddled with pitfalls that can lead to delayed releases, frustrated teams, and disappointed users. In this article, we will shine a light on some of the most common software testing pitfalls and provide guidance on how to avoid them.
Pitfall 1: Insufficient Test Planning
The Trap: Rushing into Testing
One of the most common pitfalls in testing is inadequate test planning. Skipping or rushing through this crucial step can lead to confusion, missed requirements, and poorly defined test cases.
The Solution: Comprehensive Test Planning
To avoid this pitfall, invest time in thorough test planning. Start by understanding the project’s objectives, defining test goals, and establishing clear test objectives. Develop a test strategy and create detailed test plans that cover scope, resources, schedules, and responsibilities. Involve stakeholders in the planning process to ensure alignment with project goals.
Pitfall 2: Neglecting Test Data
The Trap: Overlooking Data Needs
Test data is the lifeblood of testing. Neglecting to plan and manage test data can result in incomplete testing, inaccurate results, and overlooked defects.
The Solution: Data Management Strategy
Create a data management strategy that outlines data requirements for each test case. Ensure data availability, quality, and security. Implement data masking or anonymization techniques to protect sensitive information. Automate data provisioning to streamline testing processes and minimize data-related bottlenecks.
Pitfall 3: Inadequate Test Case Design
The Trap: Shallow Test Cases
Weak test case design can lead to superficial testing that misses critical scenarios and defects. Test cases should thoroughly cover application functionality, including edge cases and error conditions.
The Solution: Effective Test Case Design
Invest time in creating well-defined test cases. Utilize techniques like boundary value analysis, equivalence partitioning, and decision tables to identify test scenarios. Ensure test cases are clear, detailed, and cover positive and negative scenarios. Collaborate with development and business teams to validate test case completeness.
Pitfall 4: Manual Testing Overload
The Trap: Overreliance on Manual Testing
Relying solely on manual testing for repetitive and time-consuming tasks can hinder testing efficiency. Manual testing is prone to human error and is often less efficient for regression testing.
The Solution: Test Automation
Leverage test automation to increase testing efficiency and coverage. Automate repetitive test cases, regression tests, and smoke tests. Select appropriate test automation tools and frameworks and ensure regular maintenance to keep automated tests up to date.
Pitfall 5: Inadequate Regression Testing
The Trap: Neglecting Regression Testing
The key to a successful project is being able to quickly and effectively identify the quality of the application under test
For a multi-shore project this can be achieved with automation and test frameworks, an agile integrated testing model, and visibility and communication across the process.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems