Arthur Hicken from Parasoft presented on challenges in testing Internet of Things (IoT) applications and how to improve IoT testing. IoT applications involve multiple disparate technologies across different layers which makes testing difficult. While end-to-end testing is challenging to automate and not very effective, component-level testing using stubs, mocks and service virtualization can help improve test automation and coverage. Effective IoT testing requires prioritizing automated component tests over manual end-to-end tests and measuring test quality across layers to assess features holistically.
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingJosiah Renaudin
A common problem in mobile and IoT systems is the large number and combinations of hardware, operational, and software configurations that need to be tested. For example, the so-called Android fragmentation problem might lead a test team to test hundreds of device and several software configurations, potentially yielding thousands or even tens of thousands of tests. Combinatorial testing, a technique involving mathematics and specific tooling, allows teams to reduce the number of test cases, while still assuring good error finding capabilities. Jon Hagar examines test combinatorial patterns supported by tools that will help you speed up testing these many configurations and use for other test tasks, too. During this session Jon will identify and demonstrate specific tools to solve real-world mobile and IoT testing problems. Take back reference materials and data to help your team justify adding combinatorial testing to its toolkit and regular testing activities.
Are you new to Black Duck or open source security? Do you need a refresher? Understanding the fundamentals of open source security is critical to keeping your data and organization safe. During this session, we'll share best practices from the world's leading experts to help you establish a foundation for success.
Making the Strategic Shift to Open Source at Fujitsu Network CommunicationBlack Duck by Synopsys
Fujitsu Network Communication (FNC) was historically an closed-source development organization. Today, FNC is not only a consumer of open source in their software development, but also an active open source contributor with the release of Warrior (http://warriorframework.org). In this session, FNC Open Source champion, Karan Marjara will walk through FNC's move toward embracing the open source model as a strategic benefit, and demonstrate how they are leveraging open source with Warrior.
Many future challenges will require complex technical solutions. Open source development models and open technical collaboration provide a model to harness disperse resources and technical expertise on a mass scale to leverage resources and talent in ways never known before. We'll discuss these models, how open source projects are deploying them and consider applications of these models to other challenges
The paper focuses on IoT as the latest trending technology in market and the challenges which a tester faces at both manual and automation front. The paper also sheds light on the scope of IoT in agile. The automation techniques which can be used are also elaborated in the same.
How do organizations build secure applications, given today's rapidly moving and evolving DevOps practices? Join Black Duck and our customer experts on best practices for application security in DevOps.
You’ll learn:
-New security challenges facing today’s popular DevOps and Continuous Integration (CI) practices, including managing custom code and open source risks with containers and traditional environments
-Best practices for designing and incorporating an automated approach to application security into your existing development environment
-Future development and application security challenges organizations will face and what they can do to prepare
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingJosiah Renaudin
A common problem in mobile and IoT systems is the large number and combinations of hardware, operational, and software configurations that need to be tested. For example, the so-called Android fragmentation problem might lead a test team to test hundreds of device and several software configurations, potentially yielding thousands or even tens of thousands of tests. Combinatorial testing, a technique involving mathematics and specific tooling, allows teams to reduce the number of test cases, while still assuring good error finding capabilities. Jon Hagar examines test combinatorial patterns supported by tools that will help you speed up testing these many configurations and use for other test tasks, too. During this session Jon will identify and demonstrate specific tools to solve real-world mobile and IoT testing problems. Take back reference materials and data to help your team justify adding combinatorial testing to its toolkit and regular testing activities.
Are you new to Black Duck or open source security? Do you need a refresher? Understanding the fundamentals of open source security is critical to keeping your data and organization safe. During this session, we'll share best practices from the world's leading experts to help you establish a foundation for success.
Making the Strategic Shift to Open Source at Fujitsu Network CommunicationBlack Duck by Synopsys
Fujitsu Network Communication (FNC) was historically an closed-source development organization. Today, FNC is not only a consumer of open source in their software development, but also an active open source contributor with the release of Warrior (http://warriorframework.org). In this session, FNC Open Source champion, Karan Marjara will walk through FNC's move toward embracing the open source model as a strategic benefit, and demonstrate how they are leveraging open source with Warrior.
Many future challenges will require complex technical solutions. Open source development models and open technical collaboration provide a model to harness disperse resources and technical expertise on a mass scale to leverage resources and talent in ways never known before. We'll discuss these models, how open source projects are deploying them and consider applications of these models to other challenges
The paper focuses on IoT as the latest trending technology in market and the challenges which a tester faces at both manual and automation front. The paper also sheds light on the scope of IoT in agile. The automation techniques which can be used are also elaborated in the same.
How do organizations build secure applications, given today's rapidly moving and evolving DevOps practices? Join Black Duck and our customer experts on best practices for application security in DevOps.
You’ll learn:
-New security challenges facing today’s popular DevOps and Continuous Integration (CI) practices, including managing custom code and open source risks with containers and traditional environments
-Best practices for designing and incorporating an automated approach to application security into your existing development environment
-Future development and application security challenges organizations will face and what they can do to prepare
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...Black Duck by Synopsys
We take a deep dive into security researchers Charlie Miller and Chris Valasek’s keynote at last week’s FLIGHT 2017 conference. What is “Hidden Cobra” and is it targeting US aerospace, telecommunications and finance industries? Both banks and the Pentagon are making big moves into open source. And why it’s smart to assume that every application is an on-premise application.
The best of November’s application security and open security news (so far) follows in this week’s edition of Open Source Insight.
A Data-Driven Approach for Mobile Testing and AutomationTechWell
In the world of mobile app testing, data is your friend. So harness your data to your advantage to create an automation and testing strategy. Satyajit Malagu acknowledges that multiple devices, platforms, languages, crashes, bugs, and app stores make the scope of mobile app testing humongous. When you add in inherent human biases and team dynamics, the problems you face and prioritization challenges can be overwhelming. The data collected from analytics, bug trends, monitoring tools, test results, and other sources can help illuminate a clearer path. Join Satyajit as he provides an overview of the tools available to ensure a quality iOS/Android app. Discover a systematic way to determine which tool is suitable for which phase and context of each mobile project. Leave with a rubric on how you can direct your testing and automation efforts based on your collected data.
The presentation on Security Testing for Healthcare applications was done during #ATAGTR2017, one of the largest global testing conference. All copyright belongs to the author.
Author and presenter : Gurupad Managoli
Black Duck and Tech Contracts Academy discussed the implications of open source software in tech contracts. The topic of open source has been at the forefront of the technology industry for many years, but as the use of open source in commercial applications explodes, so do concerns about addressing license and ownership issues in contract negotiations.
David Tollen is the founder of Tech Contracts Academy (www.TechContracts.com) and of Sycamore Legal P.C., in San Francisco. He’s the author of The Tech Contracts Handbook: Cloud Computing Agreements, Software Licenses, and Other IT Contracts for Lawyers and Businesspeople. He will dive into these topics from the perspective of both buyers and sellers and aims to educate on Intellectual Property (IP) protection and other terms and how they should work during contract negotiations.
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Mobodexter
BlackHat USA 2015 got recently concluded and we head a bunch of news around how BlackHat brought to light various security vulnerabilities in day-to-day life like ZigBee protocol, Device for stealing keyless cars & ATM card skimmers. However the presenters, who are also ethical hackers, also gave a bunch of tools to help software community to detect & prevent security holes in the hardware & software while the product is ready for release. We have reviewed all the presentations from the conference and give you here a list of Top 10 tools/utilities that helps in security vulnerability detection & prevention.
This presentation, given at Embedded World 2016, discusses a multi-stage strategy for ensuring that all the elements of the solution stack work correctly and the IoT solutions you deliver will meet quality requirements.
Application Asset Management with ThreadFixDenim Group
Too many organizations have an incomplete picture of their application portfolios. Because you are unable to protect attack surfaces that you don’t know about, this leaves them vulnerable. In this webinar, we will cover the capabilities that ThreadFix has to allows security teams to manage their application asset portfolios. We will also take a deeper dive into several tools such as nmap and OWASP Amass that can help security analysts better enumerate all of the applications in their organization’s portfolio.
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck by Synopsys
Keeping applications secure, whether you're developing for internal use or for your customers, isn't easy. Today, applications are a mix of open source and custom code. Identifying and resolving security vulnerabilities in both requires the right tools and know-how. Black Duck and IBM are working together to help you keep your applications secure.
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
How to design secure software products for IoT, embedded application, smart metering, smart lighting, medical application with the help of Common Criteria
This talk will review a number of application assessment techniques and discuss the types of security vulnerabilities they are best suited to identify as well as how the different approaches can be used in combination to produce more thorough and insightful results. Code review will be compared to penetration testing and the capabilities of automated tools will be compared to manual techniques. In addition, the role of threat modeling and architecture analysis will be examined. The goal is to illuminate assessment techniques that go beyond commodity point-and-click approaches to web application or code scanning.
From the OWASP Northern Virginia meeting August 6, 2009.
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSalil Kumar Subramony
Veracode provides the world’s leading Application Risk Management Platform. Veracode's patented and proven cloud-based capabilities allow customers to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Veracode was founded with one simple mission in mind: to make it simple and cost-effective for organizations to accurately identify and manage application security risk.
Network intrusion. Information theft. Outside reprogramming of systems. These examples are just a few of the several reasons why software security is becoming increasingly more important to all industries. No system is immune, so it’s more important than ever to understand why secure code matters and how to create safer applications.
With this presentation you'll learn how to:
-Protect your systems from risk
-Comply with security standards
-Ensure the entire codebase is bulletproof
Whether you're a huge enterprise or a small start-up, you can't escape global digitalization. As digital technologies like machine-2-machine communication, device-2-device telematics, connected cars, and the Internet of Things become more integral in today’s world, more threats will appear as hackers use new ways to exploit weaknesses in your organization and products.
During SoftServe’s free security webinar, Nazar Tymoshyk will explore the reasons why recent victims of digital attacks couldn’t withstand a threat to their security and share how you can build secure and compliant software with the help of security experts. A real-life case study will demonstrate how SoftServe assessed and mitigated security threats for a top organization.
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...Denim Group
This webinar takes a dive into the biggest features and benefits in the latest ThreadFix release and the evolving feature set. We will focus on ThreadFix’s new capabilities, including - managing internal penetration testing teams with ThreadFix, tracking vulnerability time to live policies, as well as a host of additional enhancements.
We discuss the role software plays in information security and compare and contrast how many of the unique attributes of open source can present particular security challenges as opposed to proprietary/commercial software. We will examine the role open source has played in several high profile security incidents, drawing lessons learned from those incidents. We will also review the standards of “reasonableness” established by widely adopted security standards published by NIST and others and discuss the application of those standards to open source.
Mobile apps are the main source of security concerns in every software solution nowadays. But it doesn't have to be like that: In this session we will explore best practices, tips and tricks from OWASP MASVS that will take your app to a next level! Just remember: You don't need to be an expert to make an app secure.
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarWhiteSource
In our latest webinar, we learned about our latest product updates here at WhiteSource. We unveiled our new, revolutionary technology as well as highlighting other cool releases and enhancements.
Boost Test Coverage with Automated Visual TestingJosiah Renaudin
Joe Colantonio shares how combining your existing automated tests with scalable automated visual testing can help you dramatically increase coverage, reduce maintenance, and substantially boost test robustness, efficiency, and ROI. Joe includes real-life use cases—automating cross-browser UI validation, adding full UI regression coverage to existing automated tests, handling dynamic content in visual tests, and more—to help you release faster and better, automatically avoiding functional and visual regressions. Joe covers the basics of automated visual testing and includes a demo of adding visual regression and cross-browser layout testing to existing automated tests using Applitools’ Eyes. Learn tips and best practices on how to scale your automated tests and successfully perform large-scale, automated visual testing ROI analysis of visual testing based on a real-life project. This presentation is especially valuable for teams practicing agile and continuous deployment with frequent builds and releases.
Better Together: Group Exploratory TestingTechWell
Jeff Abshoff faced a most difficult challenge in 2015. His team size tripled, with testers of varying skill levels spread across six sites worldwide. The product was moving to a more frequent release cycle, was of poor quality, and had multiple key stakeholders. Features were incomplete, defects were not discovered until late in the cycle, and downstream stability and feature integration problems were common. Join Jeff as he shares his experience with Group Exploratory Testing, and discusses the positive impact this approach has had on his team and the ANSYS product. Jeff gives practical details on the tools used (web collaboration and a virtual lab approach) and the people involved (developers, product managers, writers, and testers). Jeff explains the many benefits that Group Exploratory Testing offers—improved collaboration, cross-team training, earlier and faster feedback, and better product quality.
Open Source Insight: You Can’t Beat Hackers and the Pentagon Moves into Open...Black Duck by Synopsys
We take a deep dive into security researchers Charlie Miller and Chris Valasek’s keynote at last week’s FLIGHT 2017 conference. What is “Hidden Cobra” and is it targeting US aerospace, telecommunications and finance industries? Both banks and the Pentagon are making big moves into open source. And why it’s smart to assume that every application is an on-premise application.
The best of November’s application security and open security news (so far) follows in this week’s edition of Open Source Insight.
A Data-Driven Approach for Mobile Testing and AutomationTechWell
In the world of mobile app testing, data is your friend. So harness your data to your advantage to create an automation and testing strategy. Satyajit Malagu acknowledges that multiple devices, platforms, languages, crashes, bugs, and app stores make the scope of mobile app testing humongous. When you add in inherent human biases and team dynamics, the problems you face and prioritization challenges can be overwhelming. The data collected from analytics, bug trends, monitoring tools, test results, and other sources can help illuminate a clearer path. Join Satyajit as he provides an overview of the tools available to ensure a quality iOS/Android app. Discover a systematic way to determine which tool is suitable for which phase and context of each mobile project. Leave with a rubric on how you can direct your testing and automation efforts based on your collected data.
The presentation on Security Testing for Healthcare applications was done during #ATAGTR2017, one of the largest global testing conference. All copyright belongs to the author.
Author and presenter : Gurupad Managoli
Black Duck and Tech Contracts Academy discussed the implications of open source software in tech contracts. The topic of open source has been at the forefront of the technology industry for many years, but as the use of open source in commercial applications explodes, so do concerns about addressing license and ownership issues in contract negotiations.
David Tollen is the founder of Tech Contracts Academy (www.TechContracts.com) and of Sycamore Legal P.C., in San Francisco. He’s the author of The Tech Contracts Handbook: Cloud Computing Agreements, Software Licenses, and Other IT Contracts for Lawyers and Businesspeople. He will dive into these topics from the perspective of both buyers and sellers and aims to educate on Intellectual Property (IP) protection and other terms and how they should work during contract negotiations.
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Mobodexter
BlackHat USA 2015 got recently concluded and we head a bunch of news around how BlackHat brought to light various security vulnerabilities in day-to-day life like ZigBee protocol, Device for stealing keyless cars & ATM card skimmers. However the presenters, who are also ethical hackers, also gave a bunch of tools to help software community to detect & prevent security holes in the hardware & software while the product is ready for release. We have reviewed all the presentations from the conference and give you here a list of Top 10 tools/utilities that helps in security vulnerability detection & prevention.
This presentation, given at Embedded World 2016, discusses a multi-stage strategy for ensuring that all the elements of the solution stack work correctly and the IoT solutions you deliver will meet quality requirements.
Application Asset Management with ThreadFixDenim Group
Too many organizations have an incomplete picture of their application portfolios. Because you are unable to protect attack surfaces that you don’t know about, this leaves them vulnerable. In this webinar, we will cover the capabilities that ThreadFix has to allows security teams to manage their application asset portfolios. We will also take a deeper dive into several tools such as nmap and OWASP Amass that can help security analysts better enumerate all of the applications in their organization’s portfolio.
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck by Synopsys
Keeping applications secure, whether you're developing for internal use or for your customers, isn't easy. Today, applications are a mix of open source and custom code. Identifying and resolving security vulnerabilities in both requires the right tools and know-how. Black Duck and IBM are working together to help you keep your applications secure.
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
How to design secure software products for IoT, embedded application, smart metering, smart lighting, medical application with the help of Common Criteria
This talk will review a number of application assessment techniques and discuss the types of security vulnerabilities they are best suited to identify as well as how the different approaches can be used in combination to produce more thorough and insightful results. Code review will be compared to penetration testing and the capabilities of automated tools will be compared to manual techniques. In addition, the role of threat modeling and architecture analysis will be examined. The goal is to illuminate assessment techniques that go beyond commodity point-and-click approaches to web application or code scanning.
From the OWASP Northern Virginia meeting August 6, 2009.
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSalil Kumar Subramony
Veracode provides the world’s leading Application Risk Management Platform. Veracode's patented and proven cloud-based capabilities allow customers to govern and mitigate software security risk across a single application or an enterprise portfolio with unmatched simplicity. Veracode was founded with one simple mission in mind: to make it simple and cost-effective for organizations to accurately identify and manage application security risk.
Network intrusion. Information theft. Outside reprogramming of systems. These examples are just a few of the several reasons why software security is becoming increasingly more important to all industries. No system is immune, so it’s more important than ever to understand why secure code matters and how to create safer applications.
With this presentation you'll learn how to:
-Protect your systems from risk
-Comply with security standards
-Ensure the entire codebase is bulletproof
Whether you're a huge enterprise or a small start-up, you can't escape global digitalization. As digital technologies like machine-2-machine communication, device-2-device telematics, connected cars, and the Internet of Things become more integral in today’s world, more threats will appear as hackers use new ways to exploit weaknesses in your organization and products.
During SoftServe’s free security webinar, Nazar Tymoshyk will explore the reasons why recent victims of digital attacks couldn’t withstand a threat to their security and share how you can build secure and compliant software with the help of security experts. A real-life case study will demonstrate how SoftServe assessed and mitigated security threats for a top organization.
Managing Penetration Testing Programs and Vulnerability Time to Live with Thr...Denim Group
This webinar takes a dive into the biggest features and benefits in the latest ThreadFix release and the evolving feature set. We will focus on ThreadFix’s new capabilities, including - managing internal penetration testing teams with ThreadFix, tracking vulnerability time to live policies, as well as a host of additional enhancements.
We discuss the role software plays in information security and compare and contrast how many of the unique attributes of open source can present particular security challenges as opposed to proprietary/commercial software. We will examine the role open source has played in several high profile security incidents, drawing lessons learned from those incidents. We will also review the standards of “reasonableness” established by widely adopted security standards published by NIST and others and discuss the application of those standards to open source.
Mobile apps are the main source of security concerns in every software solution nowadays. But it doesn't have to be like that: In this session we will explore best practices, tips and tricks from OWASP MASVS that will take your app to a next level! Just remember: You don't need to be an expert to make an app secure.
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarWhiteSource
In our latest webinar, we learned about our latest product updates here at WhiteSource. We unveiled our new, revolutionary technology as well as highlighting other cool releases and enhancements.
Boost Test Coverage with Automated Visual TestingJosiah Renaudin
Joe Colantonio shares how combining your existing automated tests with scalable automated visual testing can help you dramatically increase coverage, reduce maintenance, and substantially boost test robustness, efficiency, and ROI. Joe includes real-life use cases—automating cross-browser UI validation, adding full UI regression coverage to existing automated tests, handling dynamic content in visual tests, and more—to help you release faster and better, automatically avoiding functional and visual regressions. Joe covers the basics of automated visual testing and includes a demo of adding visual regression and cross-browser layout testing to existing automated tests using Applitools’ Eyes. Learn tips and best practices on how to scale your automated tests and successfully perform large-scale, automated visual testing ROI analysis of visual testing based on a real-life project. This presentation is especially valuable for teams practicing agile and continuous deployment with frequent builds and releases.
Better Together: Group Exploratory TestingTechWell
Jeff Abshoff faced a most difficult challenge in 2015. His team size tripled, with testers of varying skill levels spread across six sites worldwide. The product was moving to a more frequent release cycle, was of poor quality, and had multiple key stakeholders. Features were incomplete, defects were not discovered until late in the cycle, and downstream stability and feature integration problems were common. Join Jeff as he shares his experience with Group Exploratory Testing, and discusses the positive impact this approach has had on his team and the ANSYS product. Jeff gives practical details on the tools used (web collaboration and a virtual lab approach) and the people involved (developers, product managers, writers, and testers). Jeff explains the many benefits that Group Exploratory Testing offers—improved collaboration, cross-team training, earlier and faster feedback, and better product quality.
A Tester’s Experience with User Experience MappingJosiah Renaudin
Let's take an off-the-beaten-path approach to quality—testing based on actual user experiences. Being aware of surroundings and emotions while using intuition and instincts are attributes of great testing. With the right tools and approaches, we can learn to tap into users’ experiences to understand and exploit their underlying emotions. Marjana Shammi explains the basics of experience mapping and describes how testers can use that information to generate great test ideas. Experience mapping is an activity that examines the journey of how the user experiences an application. This map contains the user’s interactions with the application, depicted through a journey with highs and lows. By identifying the risks, retrieving information from an experience mapping session, and determining important areas to focus on in future test coverage, testers can generate test ideas and focus on the user’s concerns. Testing can be more in-depth and explorative, providing valuable insights for product development. Using this approach will bring another dimension of the test basis to improve test coverage.
Patterns—proven, repeatable solutions to common situations that occur again and again—are commonly used in development and to a lesser extent in testing. In addition to patterns, various anti-patterns have been discovered. These are common responses to recurring problems that, while promising, are actually counterproductive. Hans Buwalda describes a set of such anti-patterns that he commonly sees in automated test design and that he feels inhibit scalability and maintainability. Hans discusses anti-patterns including Enter Enter Click Click, Interaction Heavy, Lifeless, Lame, Clueless and a number of others. Knowing these anti-patterns will help you spot potential bottlenecks that could make your own tests unnecessarily difficult to automate. Hans presents thirteen distinct patterns that you can look for in your tests. Feel free to bring in your own anti-patterns and situations you have experienced that you feel are counterproductive toward achieving manageable and maintainable automation.
Become an Influential Tester: Learn How to Be HeardTechWell
As a tester, are you frustrated that no one listens to you? Are you finding bugs and having them ignored? Are you worried that the development process and product quality aren’t as good as they should be? Jane Fraser shares ways to help you be heard―ways to position yourself as a leader within your organization, ways to increase your influence, and ways to report bugs to get them fixed. In this interactive session, Jane leads you to a better understanding of how to be heard in your organization. Learn how to tailor your defect reports depending on who makes the decisions and their area of focus—customer, budget, or design. These details help you determine how to position your defect for action. Through real life examples, Jane shows you how to become a more influential tester.
Build a Quality Engineering and Automation FrameworkJosiah Renaudin
How would you like to be in this position? Development sends the final release candidate for multiple systems with a user base of one million just a day before the production release, and you are expected to sign off on the overall software quality. Rahul Shah is responsible for providing QA sign-off for a dozen applications every week and is accountable for reporting the overall quality of functional, regression, automation, cross-browser, mobile, and performance testing all of WorldVentures’ applications produced by multiple agile scrum teams. Join Rahul as he presents their software quality engineering automation approach and framework which comprise these vital elements: processes, tools, methods, knowledge management, metrics, reviews, skills development, defect management, data management, and automation. These quality engineering capabilities enable WorldVentures to have a seamless automation integration with their cloud environment and allow Rahul to sleep well—most nights. Learn about their quality engineering automation framework and how you can implement it in your organization.
Analyze, Diagnose, and Prevent Test FlakinessJosiah Renaudin
Test code development is generally approached with more lenient standards and less scrutiny than production code. As a result, rather than providing valuable feedback on software quality, this can lead to tests that produce inconsistent results and false outcomes. Team productivity is affected since executing, debugging, and fixing unreliable tests results in a substantial waste of time. Join Dionny Santiago as he describes how to transition from flaky, unreliable tests to stable test suites that provide consistent and accurate feedback on quality. He shares his experiences on how to avoid high test complexity, non-determinism, and explicit delays to improve the stability of automated testing. Understand the benefits of adhering to the test pyramid, and discover best practices and tools to support full stack automated testing. Dionny demonstrates a UI isolation technique that helps reduce reliance on complex end-to-end test scenarios. Finally, learn how to collect and analyze data—such as failure patterns, assertion counts, cyclomatic complexity, and execution time—to effectively identify flaky tests before they become a problem in your organization.
IoT and Embedded Testing: A Roku Case StudyTechWell
With big hitters like Time Warner and HBO selectively testing Roku releases, testing these little boxes of joy is becoming more of a necessity in the IoT tester’s playbook. Join Rick Faulise as he shares the secrets of testing on a Roku device including how to get into the Roku interface and make it respond to your commands, how to select a broadcast environment for testing, and how to measure streaming performance. Take your IoT testing to the next level by understanding what special types of testing are unique to the Roku and other important considerations to keep in mind as you journey through the Brightscript SDK and Developer program, Telnet command prompts, and jailbreaking/hacking the Roku OS. Rick presents examples of testing on Roku devices and discusses how to decide what to test and in what order to test it. Take away two handouts: 1] how to jailbreak your Roku device, and 2] a comparison and contrast of testing on a Roku box, a Chromecast device, and an Amazon Fire TV stick.
Addressing the Challenges of Mobile Test AutomationTechWell
As technology continues to disrupt every industry, mobile applications are increasingly becoming a primary way to interact with customers. Mobile application test automation tools and frameworks are far from being as mature as web test automation tools. The mobile test automation space is much more complex than web because of the number of devices that follow different standards. Simulators and emulators partially address this mobile diversity, however, to feel confident releasing an application to market, a deep understanding of what libraries, tools, and frameworks are available and how to best apply them is required. Join Pradeep as he presents information on how to tackle mobile test automation using tools such as appium and calabash, what to consider between Android and Iphone, how to select the right testing framework, the pro’s and con’s of open source vs. commercial mobile testing tools and the considerations for image based identification vs. object based identification approaches.
With the drive for continuous integration and delivery, the implications and approaches for designing more testable software are receiving substantial discussion and debate. What does testability really mean in practice? How do you take the idea of testability—how easy it is to test software—and put it into action through the different dimensions of designing and testing a real-world product? Nir Szilagyi recognizes that the challenges of difficult-to-test software can transform a testing cycle from a small automation and exploratory effort to a long struggle of test preparation, execution, and debugging. He says testability starts with software design, goes through implementation, and encompasses building modular software, abstraction, simplicity, clear data interface, separation of business logic into self-sustained entities, and more. On the technical side of testability, Nir explores ways quality engineers and leaders can influence testability from early development through deployment. From his experiences Nir shares real-life testability examples which touch on the human process of building software including the relationship between testers and developers.
Combine Test Automation Code with Product Code: The Good, the Bad, and the Le...Josiah Renaudin
At STAREAST 2015, Chris Loder spoke about the automation framework that he and his team built at Halogen Software. At the time, they had just moved the test automation code into the development code base so that everyone in R&D was able to use it. One year later, Chris returns to recount the good, the bad, and the lessons learned from the whole experience. He explains why the decision to move the automation code base into the development code base was made and how it was done. Chris goes into detail about what is working well—the new found collaboration between automation and product development; what isn’t working so well—the overhead of managing all these new cooks in the kitchen. And finally, he shares some important lessons learned from the endeavor. Your automation framework is an important tool, so come hear what Chris has to say to see if this is a path that might work for you and your organization.
Innovations in Mobile Testing: Expanding Your Test PlanJosiah Renaudin
As organizations implement their mobile strategy, testing teams must support new technologies—while still maintaining existing systems. Melissa Tondi describes the major trends and innovations in mobile technology, usage patterns, tools, and test equipment that you should consider when transitioning existing test teams or starting new ones. Based on information from more than two years of research with a lab-based consultant team, Melissa focuses on areas that balance efficiency and productivity, including use of a Device Matrix technique to select devices to test against, and when to use emulators and simulators rather than physical devices. She offers solutions to ensure you have a comprehensive mobile test strategy and focuses on challenges—including understanding mobile-specific integration testing and which automation tools to use—that have inundated traditional test teams. Melissa describes how to build a well-organized device lab, incorporating testing scenarios—such as gesture and interruption testing—that are unique to mobile.
Mindmaps: Agile and Lightweight Documentation for TestingTechWell
Quality starts with requirements. In small to mid-size companies, it is not uncommon for the communication chain to be broken. Florin Ursu shares ways to avoid miscommunication through a streamlined process in which requirements are communicated to both developers and testers simultaneously; then developers write code while testers document what will be tested. Florin explores what mindmaps are; what they can be used for, both in general and applied to software development; and then dives deeper into how mindmaps can be used for testing. He describes how his teams use mindmaps to brainstorm, organize testing scenarios, prioritize work, review test scenarios, present results to stakeholders highlighting what was tested and—just as importantly—what was not tested, issues found, and risks. Using example mindmaps, Florin highlights important details captured in day to day work, including tips regarding format, communication style, and how to “sell” the idea of mindmaps to your stakeholders.
How to Build a Fully Open Source Test Automation FrameworkTechWell
Automated testing can be difficult, slow to implement, involve expensive and non-compatible software, and require a high level of technical expertise to use. Join Matt Joste as he presents Ryerson University's Automation Framework, put together using best-in-class open source software. The framework allows software developers, product owners, and testers without a technical background to write and run automated scripts. This modular framework addresses both functional and nonfunctional automated tests—performance, security, and accessibility—and is both agile and expandable. Matt explains the benefits and constraints of using an integrated set of open source tools such as JMeter (for performance), Robot Framework and Selenium (for functional testing), ZAP (for security), Appium (for mobile) and Pally (for accessibility)—all connected to Jenkins (for continuous testing). Matt discusses his team’s journey and key learnings in defining the framework and provides some ideas for using tests in production for proactive monitoring and alerting.
Acceptance- and Behavior-Driven Development with Cucumber: Three Case StudiesJosiah Renaudin
Acceptance test-driven development (ATDD), behavior-driven development (BDD), and Cucumber promise many benefits related to your user story acceptance tests. They promise tighter collaboration between the product owner and the team. They promise the ability for the product owner and other stakeholders to write their own executable acceptance tests. They even promise an increase in the value produced by the efforts of your team as they focus on building the “right” products. But promises are not always tied to reality. Join experienced agile coach Mary Thorn as she explores three case studies of implementing ATDD and BDD with Cucumber in real world environments. Mary explores each study in detail, showing how she introduced ATDD/BDD tooling and practices, how far she was able to advance toward the promises of ATDD, her implementation strategies, and how she overcame resistance. If you're struggling with or hoping to introduce ATDD/BDD, this session will help you develop your own strategies and prepare you for the challenges.
Accessibility Standards and Testing Techniques: Be Inclusive or Be Left BehindTechWell
While Information and Communication Technology (ICT) accessibility for a wider spectrum of users—including the blind—and their interfaces is being required by law across more jurisdictions, testing for it remains limited, naïve, and too late. The consequences of staying ignorant include increased exposure to litigation, penalties, and loss of contracts and revenue. Join David Best, Sandy Feldman, and Rob Harvie to learn why accessibility is now becoming a valued, integral part of the design process and much different from usability of twenty years ago. Ensure compliance for your organization and clients by familiarizing yourself with the regional and international standards and their criteria, and find out what testing tools and inclusive design practices you can use. Take away an understanding of the three core guidelines for accessibility; components of authoring tools, web content, and user agent accessibility for mobile, web browsers, and media players—and understand their impact on assistive technologies.
Budgeting, Estimation, Planning, and #NoEstimates: They All Make Sense for Ag...Josiah Renaudin
Many levels of estimation are practiced in agile, including budgeting, high-level estimation, and task planning (detailed estimation). That might seem like an anathema to agile, but it is not. Mike Harris shares a case study that provides an approach that “checks the box” for standard corporate estimation requirements while staying true to the agile planning and estimation processes. Using the Agile Planning Onion popularized by Mike Cohn, this approach includes team and project level implementations of #NoEstimates concepts. Take away an approach that you can apply to testing for both small and large agile efforts. Most planning and estimating activities for agile testing focus on answering a few very basic questions: When will it be done? How much will it cost? What will actually get tested? Using agile development and testing techniques doesn’t abrogate the need to answer those questions, but it also does not mean testing has to revert to waterfall planning and management techniques.
Ensuring Maximum Quality in the Era of IoT and WearablesJosiah Renaudin
Until recently, the Internet of Things (IoT) was just an idea that techies talked about. Unlike innovations in the past, development and testing of the IoT is significantly more elaborate. After introducing the technology of wearables and IoT, Gauri Arondekar delves into the components and architectures that make it work. Focusing on tools and solutions that accelerate the testing processes, Gauri shares the success story of an end-to-end testing strategy for a leading provider of digital fitness solutions. Gauri describes how her team helped Peloton Cycle ensure an uninterrupted and seamless user experience. The Peloton bike, as part of an IoT ecosystem, required a new testing strategy to achieve the required quality. Automated tests became fundamental to the project, which also required a rapid, comprehensive study of technologies along with out-of-the-box test methodologies to simulate a user’s fitness session. In the course of the project, the team reduced testing cycles from one-to-two weeks to two-to-three days and developed comprehensive test automation for a native app on a custom tablet. Join Gauri as she describes the journey to deliver an IoT test strategy and the challenges they tackled along the way.
Driving Risks Out of Embedded Automotive SoftwareParasoft
Automobiles are becoming the ultimate mobile computer. Popular models have as many as 100 Electronic Control Units (ECUs), while high-end models push 200 ECUs. Those processors run hundreds of millions of lines of code written by the OEMs’ teams and external contractors—often for black-box assemblies. Modern cars also have increasingly sophisticated high-bandwidth internal networks and unprecedented external connectivity. Considering that no code is 100% error-free, these factors point to an unprecedented need to manage the risks of failure—including protecting life and property, avoiding costly recalls, and reducing the risk of ruinous lawsuits.
Everyone is drawn to the cool new ways to connect devices to the Internet and make life easier—and a little more futuristic. But, do you know that IoT has been around since the past century? Theresa Lanowitz is one of the early advocates of what is now IoT and is thrilled that the pace of acceptance is accelerating—rapidly. This level of acceptance and understanding of IoT was not always the case. Theresa shares the early ideas, vision, and concepts of the Sun Jini project, the pre-cursor to IoT, and offers advice for developers and testers on how to succeed with IoT. Whether you are part of the industrial, consumer, or enterprise IoT, you face challenges of how to ensure your software is fast enough, safe enough, and secure enough to deliver the desired outcome. Uncover the artifacts from 1999 and discover why 2017 is the year that IoT becomes more science than fiction.
Better Software East 2016: Evolving Automated to ContinuousParasoft
Evolving from Automated to Continuous Testing
Testing issues can be a significant barrier to taking full advantage of agile approaches to software development and the emerging DevOps movement. To leverage these development and delivery strategies to their fullest, you need to evolve beyond automated testing to continuous testing.
Arthur Hicken discusses the testing and development processes and technology that enable continuous testing. He shares insights on how to close the gap between business expectations and development activities by encapsulating clearly defining development policies for software releases.
Arthur describes how to prevent defects in code and prioritize defect remediation before a release candidate goes live. Explore ways to realistic test environments and simulations—critical features of the dev/test infrastructure—that enable continuous testing.
Learn how to create a feedback loop that exposes defect patterns while highlighting opportunities to improve application design. Take back a comprehensive to do list for processes and infrastructure that must be in place for your organization to implement continuous testing and accelerate the SDLC.
Unrestrained access to a trustworthy and realistic test environment—including the application under test (AUT) and all of its dependent components—is essential for achieving "quality@speed" with Agile, DevOps, and Continuous Delivery.
Service Virtualization is an emerging technology that provides DevTest teams access to a complete test environment by simulating the dependent components that are beyond your control, still evolving, or too complex to configure in a test lab.
Join us for a live webinar on Service Virtualization and how it impacts software testing Access, Behavior, Cost, and Speed.
Learn the basics of Service Virtualization, including how it can help your organization:
Provide access to a complete test environment including all critical dependent system components
Alter the behavior of those dependent components in ways that would be impossible with a staged test environment—enabling you to test earlier, faster, and more completely
Isolate different layers of the application for debugging and performance testing
Microservices have recently attracted a lot of attention for being the architecture of choice for companies like Uber, Netflix, Spotify, and Amazon. Undoubtedly, this architectural approach has distinct impacts across the SDLC. Many of the core benefits associated with the adoption of microservices actually introduce significant quality challenges. For example:
An increased number of dependencies
Parallel development roadblocks
Impacts to the traditional methods of testing
More potential points of failure
Integrating Cloud-based performance test in VSTS with SOASTA CloudTestJennifer Finney
Being ready for peak traffic requires testing at scale, and there is no better place to do that than from the cloud. With the Azure cloud's worldwide network of data centers, and CloudTest from SOASTA, you can generate realistic load against your site to ensure that it can handle expected traffic, and beyond, and perform well. Learn how to move your performance testing to CloudTest and test at scale in the Azure cloud with the virtual machine from the Azure Marketplace.
Optimizing Security Velocity in Your DevSecOps Pipeline at ScaleDenim Group
Businesses are driving development teams to build, test and deliver app innovations faster and faster, while attackers continue to grow in sophistication and complexity. To protect the business, dev and security teams are deploying multiple app/network/OSS security testing tools, internal & 3rd party manual assessments, and other processes which in turn drives an exponential spike in volume of issues to analyze, correlate, triage, route and repair. Facing this data deluge, DevSecOps teams are turning to automation of mobile app security testing and orchestration of vulnerability management for speed and scale. Join Brian Reed, Chief Mobility Officer of NowSecure and Dan Cornell, Co-Founder and CTO of Denim Group in this best practices session to learn how to drive efficiencies in team and pipeline performance at scale.
Serena Webcast: Accelerating Application Delivery with Continuous TestingSerena Software
Continuous delivery significantly improves the quality of software and compresses the development lifecycle to meet the demands of today’s business. Traditionally organizations have developed and delivered software in a linear fashion. Rather than integrating code at the end of a project or even a sprint, continuous delivery allows for code to be tested and integrated throughout the project, reducing complexity and risk. We will discuss how continuous testing can ensure quality throughout the application lifecycle from development, testing, release and actual user experiences. In this webinar you will learn:
1. How to create a continuous load and performance testing framework
2. How to trigger testing every time code changes are delivered
3. How to implement automated functional testing of mobile apps
4. How to use leverage cloud computing for load testing and performance testing
This presentation provides an overview of the Rapise automated testing tool from Inflectra. It provides an background on why you need to use automated testing as part of your development process and the features and differentiators that make Rapise your best choice for testing web, mobile, desktop, mainframe and api applications.
Navigating Your Product's Growth with Embedded Analytics Progress
Presenter: Guarav Verma
Learn from real life applications for embedded product analytics from Telerik. In today’s data driven world, how can you leverage analytics to know your audience, improve their experience, focus on your loyal users to drive more revenue, and optimize your engineering effort to accelerate your business results? Know what the future of Telerik Analytics is like and be a part of it.
The burgeoning use of mobile devices has created enormous opportunities for organizations to leverage mobile to increase sales, advertise products, and collaborate with internal and external resources. However, with increasing usage, the need to perform testing on these devices is increasing significantly. This is not an easy task considering the number of devices, device operating systems, and operating system versions. To manage the number of variations, organizations rely on mobile testing tools to support their testing efforts. David Dang shares his experiences analyzing numerous mobile testing tool platforms for a prominent shopping network. Learn how identifying the "right" mobile testing tool depends on multiple factors such as supported devices, level of testing, resources, and required integration with other tools. Take back to share with your team a review of common tools on the market and the pros and cons of each.
Fast Data, Fast Delivery: How Smart Analysis Accelerates App TestingPerfecto by Perforce
Teams generate huge amounts of test reporting data daily. Unfortunately, most open source frameworks do not come with reporting, making the analysis mostly manual and tedious.
That’s where a test reporting platform can help you. To find bugs faster, you need something that can filter out noise and false negatives. That way, you can focus on the real issues for a quick MTTR. An efficient test reporting platform helps you find and fix bugs quickly and release higher-quality apps faster.
Join this webinar, led by Perfecto Chief Evangelist Eran Kinsbruner and VP of Product Management Tzvika Shahaf, to:
- Understand how efficient analysis helps you test faster.
- Learn what to look for in an effective reporting platform.
- See a live demo of test failure analysis and debugging.
This presentation provides an overview of the SpiraTest requirements, test case, and defect tracking system from Inflectra. Learn how to use SpiraTest to manage your tests, requirements, defects, bugs, and issues in one integrated system with end to end traceability .
BugRaptor’s always remains up to date with latest technologies and ongoing trends in Software testing. Nowadays, software testing and methods has been going through various phases of growth, innovation, and disruption due to advancements in technologies. To consolidate all the innovations and remains up to date, BugRaptor’s showcase some software testing trends in the PPT.
One of the common challenges in the digital space is improving the speed of releases without compromising the of quality of your app. The root of the problem is the market - customer expectations are on the rise, the app market is crowded, and app development is difficult. The solution is test automation.
Watch Perfecto and Infostretch demonstrate Quantum, an established open-source test framework, to run robust, repeatable, and continuous test scenarios.
In this technical webinar, the audience will learn how to use the test framework to
-Create robust and maintainable test automation scripts
-Extend open-source with advanced automation capabilities
-Execute cross-platform mobile and web tests in parallel
-Plug the newly created tests easily to the CI (Continuous Integration) workflow
-Drive fast developer feedback with an advanced reporting library
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
Similar to IoT Integrity: A Guide to Robust Endpoint Testing (20)
Some believe that DevOps is only applicable to Internet-based companies with a desire to disrupt existing businesses. On the contrary, DevOps practices can dramatically reduce many everyday IT problems—defects, incidents, waste, bottlenecks, downtime, and infrastructure fragility. Sherry Chang dives into these problem areas and outlines the DevOps tools, practices, culture, and other artifacts necessary to eradicate them. She shares practical tips and hard-learned lessons from Intel IT to arm you with the knowledge and tools you need for DevOps adoption. You and your IT operations partners can help your organization gain competitive advantages by simultaneously increasing quality, efficiency, and innovation velocity. With the ever increasing adoption of DevOps, potential risks exist for the disruption of traditional companies and organizations with outdated practices. Join Sherry to learn how to be the disruptor—rather than the disrupted—and explore the baby steps you need to take to start your DevOps adoption journey today.
End-to-End Quality Approach: 14 Levels of TestingJosiah Renaudin
In 2015, the Standard & Poor’s Ratings IT team set out an ambitious objective—to tighten the process and controls around the quality of code deployed to production. Based on internal cost of quality assessments, and supporting agile and waterfall internal engineering processes, distinct testing levels were identified to help push quality left and root out the underlying causes of defects as early as possible. The ‘14 Levels of Testing’ were defined to collaboratively span organizational functions, establish quality expectations, and help track towards the goal of eliminating defects. Adrian Thibodeau and Chintan Pandya review their 14 Levels of Testing and focus specifically on sharing the processes and tools employed to help govern the delivery of quality. Adrian and Chintan discuss metrics and dashboards, defect lifecycle management, their home-grown QA Workflow Portal, testing vendor SLAs and contracts, and facilitating UAT best-practices.
Product Management: The Innovation Glue for the Lean EnterpriseJosiah Renaudin
At a time when organizations of all sizes both want and need innovation, exciting approaches including lean startup and agile development have risen to the forefront. Although there is no shortage of resources and expertise on these approaches, less guidance is available on the daunting challenge of introducing and increasing innovation in our organizations. Organizations of different sizes face different challenges in innovation which, if not dealt with, end up stifling the potential results. Mimi Hoang and George Schlitz share experiences from many years of successes and failures introducing and increasing innovation in diverse companies. Mimi and George explore the difference between the challenges that startups and big companies face increasing innovation and how product management can help overcome them. They share innovation killers, give top insights on how to be successful, and present participants with an assessment they can take back to their own workplaces.
Some consider measurement in agile development destructive—or at the very least useless. Larry Maccherone disagrees and offers eight tools to slay the dragons of agile measurement. The #1 Dragon slayer—Use measurement for feedback rather than as a lever. What's the difference? Feedback is used to improve your own behavior; a lever is employed to change someone else's behavior. The distinction is subtle but critical. If you think what gets measured gets done, you are already venturing into “thar be dragons” territory. But it's not too late. Larry shows how to create a culture where measurement is an insight amplification and feedback mechanism rather than a club to beat people up; where your teams seek out—rather than dread—the use of quantitative insight; and where metrics bring stakeholders and teams closer together, not drive them apart. Leave with a list of good practices to follow and examples from companies whose metrics regimens have already slain the dragons.
Blending Product Discovery and Product DeliveryJosiah Renaudin
More and more organizations are realizing that while they are getting more done, they are not necessarily getting more value. More code does not mean more product and more product does not mean more market share. According to David Hussman, we need to shift our focus toward a balanced investment in discovery and delivery without going back to gathering big requirements up front. To accomplish this, we need to embrace new discovery metaphors and practices. David draws on his years of experience working with product managers, heads of product, and product owners as he introduces ideas like mapping teams to product, product discovery cadence that feeds a product delivery cadence, how to learn outside the code, and when it is essential to learn in the code. If you are looking for a post-agile gem, drop in and be ready to move on, building on the past success of agile methods while looking toward a future where product learning is valued over process worship.
Determining Business Value in Agile DevelopmentJosiah Renaudin
Both agile and lean focus on delivering business value to the customers as rapidly as possible. On agile projects, story points are often used to estimate and track development effort for user stories. However, to concentrate on delivering value, we must be able to place a business value on these stories. Through lecture and interactive exercises, Ken Pugh explains how to estimate and track business value, presenting two methods for quickly estimating value for features and stories. He shows the relationships between business value and story points, and discusses how to chart business value for progress tracking. Ken demonstrates how to use that chart to determine when to terminate a project if another has a higher business value. He covers the estimation of business value for larger tasks, such as projects and epics. By the end, you’ll be able to use business value to focus both customers and developers on the most important requirements.
Three Things You MUST Know to Transform into an Agile EnterpriseJosiah Renaudin
The farther we go down the path of scaled agile transformation, the more we learn that adding process and complexity can only take us so far. At some point, size and complexity are going limit our ability to be truly agile, and we must move toward greater organizational simplicity. The challenge is that large organizations are often complex and usually anything but simple. Most agile transformations start by either ignoring the complexity inherent in the system or by wrapping complexity in planning constructs that may help in the short run but ultimately doom your business agility. Mike Cottmeyer discusses three things you need to know to successfully transform any-sized organization into an agile enterprise: (1) patterns for creating cross-functional teams at scale, what gets in the way, and how to get there; (2) why clear backlogs are hard to create and what you need do to create them; and (3) why creating work-tested software is key to actually getting the business benefits your organization is seeking.
The Internet of Things—what many are calling the Fourth Industrial Revolution—is shaping up to be a game-changing marvel as great as the Internet itself. With more than 10 billion connected devices and thousands more coming online by the minute, we are undoubtedly more connected than ever before. From your dishwasher to your toothbrush to your dog’s collar, electronic devices everywhere are connected. This phenomenon is drastically increasing demands on APIs, data, security, and software quality, pushing every industry sector to step up its game to stay relevant in the new era of connectedness. Although IoT will make our lives simpler as Things talk to other Things and anticipate our needs, mobile apps and devices—our primary communication conduit—will continue to increase in relevance and reliance. Steven Winter shares his insights about the challenges of IoT from his experience building a quality program to support the Starbucks Card Mobile and more than 3,000 mobile apps servicing 1,500 banks and 35 million users. Steven focuses on how automated mobile testing and continuous improvement for mobile apps have forged inroads for the IoT and why software quality will grow in importance as a market differentiator.
Software development is hard― keeping developers, testers, designers, product managers and other stakeholders in sync and working on the right things at the right time. Building the systems that customers care about and delivering high-quality code fast are challenges every development team faces. Just being agile isn’t enough; we need to actively think about how we can improve software development processes and techniques. Sven details Atlassian’s coding practices and team dynamics, which include: collaborating fast to develop ideas, helping QA with testing, avoiding meetings to get more work done, experimenting, tightening feedback loops to fail faster, shortening release cycles, and working together happily on different continents. He describes examples where Atlassian has failed, then tried a new concept and kicked ass. These practices make Atlassian developers among the most productive and satisfied in the industry. It's a great way to develop software, and Sven thinks it can work in your organization too.
Linda Rising, co-author of Fearless Change and the recently published More Fearless Change, has wondered for some time whether much of Agile's success has been the result of the placebo effect—that is, good things happened because we believed they would. The placebo effect is a startling reminder of the power our minds have over our perceived reality. Now cognitive scientists tell us that this is only a small part of what our minds can do. Research has identified what she likes to call “an agile mindset”—an attitude that equates failure and problems with opportunities for learning, a belief that we can all improve over time, and the view that our abilities are not fixed but evolve with effort. What's surprising about this research is the impact an agile mindset has on creativity and innovation, estimation, and collaboration—in and out of the workplace. Join Linda to discover what's known about the agile mindset and take away practical suggestions that can help you and your team become even more agile—and fearless.
DevOps and the Culture of High-Performing Software OrganizationsJosiah Renaudin
The DevOps movement emphasizes the importance of culture in creating high-performing teams. However, often perceived to be subjective and intractable, culture is often neglected in favor of more concrete drivers such as tools and processes. And this is a major failure mode in organizations attempting to achieve substantially improved performance through implementing agile and DevOps. Jez Humble takes a practical, data-driven approach to culture, illustrated with examples from large, successful enterprises. Learn how to measure culture and examine what a generative, high-performance culture looks like. Explore how to change organizational culture, and discover how high-performing organizations use the patterns and practices of continuous delivery and lean management to outcompete their peers. Jez concludes by presenting the principles behind successful organizational change―and how to make your changes stick.
Uncover Untold Stories in Your Data: A Deep Dive on Data ProfilingJosiah Renaudin
How well do you know your data? Organizations are discovering the value in their data—as evidence of what they have done and a clue to how they can improve the bottom line. With the increase in analytics, it is no secret that there are more eyes on the data. And analyzing data can give valuable insight into patterns that drive efficiencies or errors. It is important to use this information and make sure it is being used correctly. However, excavating the data is not always as simple as it seems. Catherine Cruz Agosto and Shauna Ayers are your guides as they define data profiling and its importance, delve into different strategies you can use, and discuss how to get the most out of your data. Come and learn useful tools and strategies you can take back to get to know and better use your data.
Don’t Be Another Statistic! Develop a Long-Term Test Automation StrategyJosiah Renaudin
Choosing the appropriate tool and building the right framework are typically thought of as the main challenges to successful test automation. However, even after careful tool selection and advanced automation framework construction, many find long-term success elusive. Lee Barnes discusses the key strategy components that must be in place to avoid becoming another test automation statistic. Learn the importance of—and techniques for—assessing your organization’s readiness for test automation in foundational areas of test objectives, organizational structure, process integration, environment, and resources/skills. Once you understand your state of readiness, you can begin to formulate a strategy for addressing gaps and lay the groundwork for long-term success. Lee presents a framework for developing a solid test automation strategy that addresses automation scope, required organizational and process changes, and an implementation roadmap. Take back a blueprint for implementing successful test automation in a way that uniquely fits your organization—so you can become a positive test automation statistic.
Testing Lessons from the Land of Make BelieveJosiah Renaudin
Rob Sabourin has discovered testing lessons in Sesame Street, the Simpsons, the Looney Tunes gang, the Great Detectives, Dr. Seuss, and many other unlikely places, but this year he journeys to the Land of Make Believe. Rob's grandchildren Jane and Suzy draw him into the Land of Make Believe. Every visit is a new adventure. By leaving reality for the realm of play, Rob has discovered many simple truths and clever strategies for solving stubborn technical, management, and people-related software testing problems. An imaginary tea party teaches role playing, simulation, re-focusing, and test leadership. Imaginary messes suggest powerful environment virtualization strategies. Are you robust enough to romp around the playground? Can you bake mud pies with variability, combinations, and permutations? Who can enter the land of make believe without the blessing of beautiful princesses whose whimsical authority demonstrates adapting to stakeholder value systems? Open the tickle chest to discover storyboards, affinity analysis, test design, scenarios, and attacks. Join Rob to wander into the wonderful Land of Make Believe. See if the imagination of Jane and Suzy inspires you with powerful testing ideas.
Finding Success with Test Process ImprovementJosiah Renaudin
When you go on a road trip and want to plan your journey, you need to know where you are, where you want to go, and why you want to go there. You need the same things when you want to improve your test process. It doesn’t matter whether you are agile, waterfall, or part of a Test Center of Excellence, you need to assess the current state of the process, your goal, and how to implement the improvements. Gitte Ottosen takes you through some of test process improvement frameworks—TMMI, TPI, and a low level lean approach—so you can compare the different frameworks and choose your own way. The assessment is only the foundation. It gives you an indication of your current position and can be input for a roadmap for reaching higher maturity. The most important key to success when implementing test process improvement is the people who are going to implement it. Without ownership and commitment, the process will never become an integrated part of the daily work within the teams and projects. Gitte introduces tools and practices for identifying your goal, creating your roadmap, making your journey happen—and ensuring ownership and commitment in the organization.
GitHub is the repository for the vast majority of today’s open-source software. And that is why many interviewers look at applicants’ public GitHub.com accounts to assess their interests, popularity, helpfulness, and consistency. To collaborate with developers, today’s testers need git and a GitHub account. Unfortunately, esoteric command lines often confuse those new to the tool. Join Wilson Mar as he provides advice on how to be immediately productive. He begins with a review of top projects testers need to know; the etiquette to starting projects and following people; pull requests; and raising issues. Wilson includes demonstrations on mastering git, with tricks to markup text that gets converted into web pages, adding graphics to markup, creating branches, and merging branches. Based on his work on several projects on GitHub, Wilson provides keys to understanding the logic of different deployment workflows and explains even the most confusing words and concepts.
Stay Ahead of the Mobile and Web Testing Maturity CurveJosiah Renaudin
Join Danny McKeown, Paychex’s lead test enterprise automation architect, to learn how to climb the testing maturity curve and increase predictability and reuse, all while accelerating repeatable and reliable testing. Learn how Paychex iteratively built a well-defined web and mobile app test automation architecture. By evolving the areas of strategy, environment pre-conditions, continuous integration, and understanding their IT users, Paychex executes a mature program automating test readiness, scheduling, execution, and report distribution. Hear their lessons about strategy, and how the Test Automation Pyramid helps structure their automation architecture. Discover their environment pre-conditions, and how they are able to minimize false negative results (derailment factors) due to non-automation issues. See how Paychex uses continuous integration to bring it all together in an integrated, scalable, and parallel execution. Danny discusses lessons learned about their IT Users and how defining user test automation abilities enables better expectations for the user and project team.
The Selenium Grid: Run Multiple Automated Tests in ParallelJosiah Renaudin
The Selenium Grid unleashes the full power of Selenium to run multiple automated tests in parallel across multiple platforms. Brian Long demonstrates the use of an open-source framework developed at Virginia Tech to get up and running with a Selenium Grid in about an hour. He begins by discussing the Selenium Grid configuration and then progresses to the installation of the framework. Starting with a clean Selenium installation, Brian uses Git to retrieve and install the open-source Selenium Grid framework, then Maven to build it using the Java JDK. Working from the instructions in the open-source Selenium-Grid-setup project, Brian configures a hub and a node on separate machines. After demonstrating the working grid by running a simple test on the remote nodes, Brian continues with how to use the Selenium IDE to generate tests and integrate them into the Grid by extending the open-source code. Note: There will be some programming!
Testing at Startup Companies: What, When, Where, and HowJosiah Renaudin
Startups are becoming increasingly prolific—technology startups even more so. CEOs are recognizing the need for quality. Their users are their growth, and if they can't retain users, their growth slows or stops. So quality matters. How do you convince the rest of the company that test brings value? How do you convince developers and product owners that spending time on quality is important, particularly if they have never worked with testers before? Should startups even have testers? Alice Till-Carty shares her experience finding a role for testing and QA within the ever changing and fast growing landscape of a fashion startup. Join Alice to explore the major challenges and hurdles that testers can face in startups—how to improve relations with developers, how to introduce process (even when “process” is a dirty word in your company), how to become more involved with the development process, and ways to improve communication as teams start to grow quickly.
Defect Metrics for Organization and Project HealthJosiah Renaudin
Are you looking for a simple, meaningful approach to gather and report defect metrics? Want to make your project defects more visible? Wondering how to report defects to management and show value? With an ever increasing demand to show the business value of your testing, David Bialek explores a simple step-by-step method for metric management of issues. This approach was developed and refined continuously to make software defects more visible as well as to analyze the findings to show the difference testing makes. Beginning with your bug list, learn root cause analysis, defect resolution, and how to plan and implement a meaningful metrics practice. Explore the successes and failures of the metrics process and see how to move from the concept of metrics to measurement becoming a valued part of your project and test planning activities. Appropriate metrics demonstrate the importance of your team’s efforts and provide a key indicator of project and organizational health. Join David in this metrics discussion and take back ideas to implement metrics for your team and management.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
2. Arthur Hicken
Parasoft
Arthur Hicken has been involved in automating various practices at Parasoft for
more than twenty years. He has worked on projects including database
development, the software development lifecycle, web publishing and monitoring,
and integration with legacy systems. Arthur has worked with IT departments in
companies including Cisco, Vanguard, and Motorola to help improve their
software development practices. He has developed and conducted numerous
technical training courses at Parasoft. An expert in his field, Arthur has been
quoted in Business 2.0, Internet Week, and CNET news.com regarding website
quality issues.