SlideShare a Scribd company logo

The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications

Parasoft
Parasoft

The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications Software defects are like the headless vengeful spirit of yore terrifying customers and laying waste to all that cross its path. How do you rein in quality issues that affect the safety, security, and reliability of your applications? You can take the Brom Van Brunt approach and attempt to test quality into the application using brute force. But without applying process-based policies, it’s only a matter of time before faulty software rears its ugly . . . uh . . . neck? The Ichabod Crane-like alternative is a much more effective way to banish software defects forever. In this special Halloween webinar, we’ll discuss how an automated application of software quality activities can help you survive releases as the Headless Horseman of software quality issues attempts to ride through your application.

1 of 26
Download to read offline
Parasoft Copyright © 2016 1Tweet @Parasoft #SoftwareHollow 2016-10-31The Legend Of Software Hollow Defeating the Headless Horsemen of Faulty Applications
Parasoft Copyright © 2016 2Tweet @Parasoft #SoftwareHollow 2 Open and hide your control panel Join audio: • Choose “Mic & Speakers” to use VoIP • Choose “Telephone” and dial using the information provided Submit questions and comments via the Questions panel Note: Today’s presentation is being recorded and will be provided within 48 hours. Your Participation GoToWebinar Housekeeping
Parasoft Copyright © 2016 3Tweet @Parasoft #SoftwareHollow 3 Your Presenter Arthur “Code Curmudgeon” Hicken has been involved in automating various practices at Parasoft for over 20 years. He has worked on projects including database, the Software development lifecycle, cybersecurity, web publishing and monitoring, and integration with legacy systems. Arthur has worked with IT departments in companies such as Cisco, Vanguard, And Motorola to help improve their software development practices. The Code Curmudgeon’s goal is to scare you into improving your application quality and security.
Parasoft Copyright © 2016 4Tweet @Parasoft #SoftwareHollow 4 Win a Parasoft Shirt  Show us your costume  Tweet @Parasoft #SoftwareHollow  Mail costume picture to webinar@parasoft.com  Winner will be chosen and random Tweet: @Parasoft #SoftwareHollow
Parasoft Copyright © 2016 5Tweet @Parasoft #SoftwareHollow 5 Agenda Halloween Fun Dangers lurking Lessons learned from others
Parasoft Copyright © 2016 6Tweet @Parasoft #SoftwareHollow 6 Story Overview
Parasoft Copyright © 2016 7Tweet @Parasoft #SoftwareHollow 7
Parasoft Copyright © 2016 8Tweet @Parasoft #SoftwareHollow 8 Headless Horseman and Software Relentlessly attack Security Performance •Negative attack •Too much success Quality •if it can break, he’ll break it Bad user experience •Do they give up and run away?
Parasoft Copyright © 2016 9Tweet @Parasoft #SoftwareHollow 9 Poll #1 • What is your biggest software scare? • Missing deadlines • Software failing after release • Competition • Being hacked
Parasoft Copyright © 2016 10Tweet @Parasoft #SoftwareHollow 10
Parasoft Copyright © 2016 11Tweet @Parasoft #SoftwareHollow 11 Villagers  Fearful  Belief in legends rather than facts  Not well prepared  (Money instead of action?)  Avoid the problem or addressing it
Parasoft Copyright © 2016 12Tweet @Parasoft #SoftwareHollow 12 Villagers release plan  Write the code  Poke at it and see if it works  It’s ready because “Developers feel it”  Celebrate
Parasoft Copyright © 2016 13Tweet @Parasoft #SoftwareHollow 13
Parasoft Copyright © 2016 14Tweet @Parasoft #SoftwareHollow 14 Katrina Van Tassel Beauty / proud of appearance • UI over quality Rich / Fortune • No attention to bottom line Whimsical • Sometimes does the right things • Inconsistent Pampered • Throw the code over the fence
Parasoft Copyright © 2016 15Tweet @Parasoft #SoftwareHollow 15 Who is Katrina?  Overly agile (flirting with too many things, – never promised)  Ultimately unsure – without vision  Short-term success but nothing long term
Parasoft Copyright © 2016 16Tweet @Parasoft #SoftwareHollow 16
Parasoft Copyright © 2016 17Tweet @Parasoft #SoftwareHollow 17 Brom Bones (Abraham Van Brunt) Willing to battle •Bugs in the field Physically fit over brains •Pen test over static analysis Practical joker – full of mischief •Easter eggs leading to potential exploits Lied about exploits vs Horseman •No metrics for readiness Doesn’t believe in ghosts •Which doesn’t help him in the end •You may think security doesn’t matter, but it does.
Parasoft Copyright © 2016 18Tweet @Parasoft #SoftwareHollow 18 Who is Brom? Agile to a fault Constant re-work Do what’s interesting or fun Avoid boredom Ultimately missing real success
Parasoft Copyright © 2016 19Tweet @Parasoft #SoftwareHollow 19 Poll #2 • Which of the following do you do all the time: • Static analysis • Peer review • Unit test • Performance test • Penetration test
Parasoft Copyright © 2016 20Tweet @Parasoft #SoftwareHollow 20
Parasoft Copyright © 2016 21Tweet @Parasoft #SoftwareHollow 21 Ichabod Crane Schoolmaster • Ongoing education Not physically fit • No brute techniques Brainy • Work smarter Steady • Do the tedious tasks like static analysis Eager to help • Peer review and pair programming Ladies man • Wanted users to have good experience Do the right thing rather then be brave
Parasoft Copyright © 2016 22Tweet @Parasoft #SoftwareHollow 22 What Ichabod does ALL THE TIME Static analysis Unit test Peer review Functional test Load test Security – static and penetration Coverage Metrics
Parasoft Copyright © 2016 23Tweet @Parasoft #SoftwareHollow 23 Honorable Mention – Johnny Depp Detective Never gives up Seeking the root cause rather than simple fixes
Parasoft Copyright © 2016 24Tweet @Parasoft #SoftwareHollow 24 In the End  Brom and Katrina forced to merge to save money  Ichabod moved on to a more successful company and was a large success and became a household name
Parasoft Copyright © 2016 25Tweet @Parasoft #SoftwareHollow 25 Conclusions Delivering software can be scary! • And dangerous! Ad hoc approach fails in the end Basic quality practices succeed • Thorough measured testing • Static analysis • Metrics • Peer review Prepared for security, compliance, safety
Parasoft Copyright © 2016 26Tweet @Parasoft #SoftwareHollow 26  Blog: http://alm.parasoft.com  Web: http://www.parasoft.com/jsp/resources  Facebook: https://facebook.com/parasoftcorporation  Twitter: @Parasoft @CodeCurmudgeon  LinkedIn: http://www.linkedin.com/company/parasoft  Google+ Community: Continuous Testing Nov 7-9 – QCon San Francisco Nov 16 – Testing Microservices Nov 16-17 – Better Software East

Recommended

Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
Parasoft
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service Virtualization
Parasoft
 
AppsSec In a DevOps World
AppsSec In a DevOps WorldAppsSec In a DevOps World
AppsSec In a DevOps World
Parasoft
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software Compliance
Parasoft
 
No Devops Without Continuous Testing
No Devops Without Continuous TestingNo Devops Without Continuous Testing
No Devops Without Continuous Testing
Parasoft
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to Continuous
Parasoft
 
Deploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsDeploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test Environments
Parasoft
 
Accelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestAccelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech Test
Parasoft
 

Recommended

Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
Parasoft
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service Virtualization
Parasoft
 
AppsSec In a DevOps World
AppsSec In a DevOps WorldAppsSec In a DevOps World
AppsSec In a DevOps World
Parasoft
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software Compliance
Parasoft
 
No Devops Without Continuous Testing
No Devops Without Continuous TestingNo Devops Without Continuous Testing
No Devops Without Continuous Testing
Parasoft
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to Continuous
Parasoft
 
Deploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsDeploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test Environments
Parasoft
 
Accelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestAccelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech Test
Parasoft
 
Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOps
Parasoft
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
Rogue Wave Software
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
Klocwork
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
Arthur Hicken
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through Standards
Arthur Hicken
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad Binaries
Sonatype
 
Continuous testing
Continuous testing Continuous testing
Continuous testing
Dr Ganesh Iyer
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?
Parasoft
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain
Sonatype
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017
Suman Sourav
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
SmartBear
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
Rogue Wave Software
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty Software
Parasoft
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really Different
TechWell
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App Testing
Infostretch
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
Kevin Fealey
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open Source
RapidValue
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You Think
TechWell
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile Development
Checkmarx
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshare
QualiQuali
 
Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards
Parasoft
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
Lancope, Inc.
 

More Related Content

What's hot

Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOps
Parasoft
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
Rogue Wave Software
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
Klocwork
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
Arthur Hicken
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through Standards
Arthur Hicken
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad Binaries
Sonatype
 
Continuous testing
Continuous testing Continuous testing
Continuous testing
Dr Ganesh Iyer
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?
Parasoft
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain
Sonatype
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017
Suman Sourav
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
SmartBear
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
Rogue Wave Software
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty Software
Parasoft
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really Different
TechWell
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App Testing
Infostretch
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
Kevin Fealey
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open Source
RapidValue
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You Think
TechWell
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile Development
Checkmarx
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshare
QualiQuali
 

What's hot (20)

Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOps
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through Standards
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad Binaries
 
Continuous testing
Continuous testing Continuous testing
Continuous testing
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty Software
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really Different
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App Testing
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open Source
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You Think
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile Development
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshare
 

Similar to The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications

Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards
Parasoft
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
Lancope, Inc.
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open source
Rogue Wave Software
 
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersGrowth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersChicago Lean Startup
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint Testing
Josiah Renaudin
 
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastкомплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
Diana Frolova
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
Rogue Wave Software
 
Real World Static Analysis Boot Camp
Real World Static Analysis Boot CampReal World Static Analysis Boot Camp
Real World Static Analysis Boot Camp
Erika Barron
 
Testing in the Dark
Testing in the DarkTesting in the Dark
Testing in the Dark
TechWell
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Moti Sagey מוטי שגיא
 
DevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratchDevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratch
Pete Cheslock
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
ForgeRock
 
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
DevOps.com
 
Cybercrime and the developer 2021 style
Cybercrime and the developer 2021 styleCybercrime and the developer 2021 style
Cybercrime and the developer 2021 style
Steve Poole
 
Transform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOpsTransform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOps
Gaurav Sharma
 
How to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product LifecycleHow to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product Lifecycle
IntelCollab.com
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
Amit Serper
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Perforce
 
The Human Side of DevSecOps
The Human Side of DevSecOpsThe Human Side of DevSecOps
The Human Side of DevSecOps
Jules Pierre-Louis
 
A Definition of Done for DevSecOps
A Definition of Done for DevSecOpsA Definition of Done for DevSecOps
A Definition of Done for DevSecOps
Gene Gotimer
 

Similar to The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications (20)

Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open source
 
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersGrowth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint Testing
 
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastкомплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
 
Real World Static Analysis Boot Camp
Real World Static Analysis Boot CampReal World Static Analysis Boot Camp
Real World Static Analysis Boot Camp
 
Testing in the Dark
Testing in the DarkTesting in the Dark
Testing in the Dark
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
 
DevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratchDevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratch
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
 
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
 
Cybercrime and the developer 2021 style
Cybercrime and the developer 2021 styleCybercrime and the developer 2021 style
Cybercrime and the developer 2021 style
 
Transform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOpsTransform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOps
 
How to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product LifecycleHow to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product Lifecycle
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
 
The Human Side of DevSecOps
The Human Side of DevSecOpsThe Human Side of DevSecOps
The Human Side of DevSecOps
 
A Definition of Done for DevSecOps
A Definition of Done for DevSecOpsA Definition of Done for DevSecOps
A Definition of Done for DevSecOps
 

More from Parasoft

Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
Parasoft
 
MedicAlert API Testing Case Study
MedicAlert API Testing Case StudyMedicAlert API Testing Case Study
MedicAlert API Testing Case Study
Parasoft
 
End-to-end Testing for IoT Integrity
End-to-end Testing for IoT IntegrityEnd-to-end Testing for IoT Integrity
End-to-end Testing for IoT Integrity
Parasoft
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure Software
Parasoft
 
BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!
Parasoft
 
Software Development Metrics You Can Count On
Software Development Metrics You Can Count On Software Development Metrics You Can Count On
Software Development Metrics You Can Count On
Parasoft
 
Accelerating Mobile Testing
Accelerating Mobile TestingAccelerating Mobile Testing
Accelerating Mobile Testing
Parasoft
 
C/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C ComplianceC/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C Compliance
Parasoft
 
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API TestingExtreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
Parasoft
 
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative EffectivenessA Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
Parasoft
 

More from Parasoft (10)

Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
 
MedicAlert API Testing Case Study
MedicAlert API Testing Case StudyMedicAlert API Testing Case Study
MedicAlert API Testing Case Study
 
End-to-end Testing for IoT Integrity
End-to-end Testing for IoT IntegrityEnd-to-end Testing for IoT Integrity
End-to-end Testing for IoT Integrity
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure Software
 
BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!
 
Software Development Metrics You Can Count On
Software Development Metrics You Can Count On Software Development Metrics You Can Count On
Software Development Metrics You Can Count On
 
Accelerating Mobile Testing
Accelerating Mobile TestingAccelerating Mobile Testing
Accelerating Mobile Testing
 
C/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C ComplianceC/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C Compliance
 
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API TestingExtreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
 
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative EffectivenessA Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
 

Recently uploaded

Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
Google
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
lorraineandreiamcidl
 
Game Development with Unity3D (Game Development lecture 3)
Game Development with Unity3D (Game Development lecture 3)Game Development with Unity3D (Game Development lecture 3)
Game Development with Unity3D (Game Development lecture 3)
abdulrafaychaudhry
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
Google
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
ShamsuddeenMuhammadA
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 

Recently uploaded (20)

Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
 
Game Development with Unity3D (Game Development lecture 3)
Game Development with Unity3D (Game Development lecture 3)Game Development with Unity3D (Game Development lecture 3)
Game Development with Unity3D (Game Development lecture 3)
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptxText-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
Text-Summarization-of-Breaking-News-Using-Fine-tuning-BART-Model.pptx
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 

The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications

  • 1. Parasoft Copyright © 2016 1Tweet @Parasoft #SoftwareHollow 2016-10-31The Legend Of Software Hollow Defeating the Headless Horsemen of Faulty Applications
  • 2. Parasoft Copyright © 2016 2Tweet @Parasoft #SoftwareHollow 2 Open and hide your control panel Join audio: • Choose “Mic & Speakers” to use VoIP • Choose “Telephone” and dial using the information provided Submit questions and comments via the Questions panel Note: Today’s presentation is being recorded and will be provided within 48 hours. Your Participation GoToWebinar Housekeeping
  • 3. Parasoft Copyright © 2016 3Tweet @Parasoft #SoftwareHollow 3 Your Presenter Arthur “Code Curmudgeon” Hicken has been involved in automating various practices at Parasoft for over 20 years. He has worked on projects including database, the Software development lifecycle, cybersecurity, web publishing and monitoring, and integration with legacy systems. Arthur has worked with IT departments in companies such as Cisco, Vanguard, And Motorola to help improve their software development practices. The Code Curmudgeon’s goal is to scare you into improving your application quality and security.
  • 4. Parasoft Copyright © 2016 4Tweet @Parasoft #SoftwareHollow 4 Win a Parasoft Shirt  Show us your costume  Tweet @Parasoft #SoftwareHollow  Mail costume picture to webinar@parasoft.com  Winner will be chosen and random Tweet: @Parasoft #SoftwareHollow
  • 5. Parasoft Copyright © 2016 5Tweet @Parasoft #SoftwareHollow 5 Agenda Halloween Fun Dangers lurking Lessons learned from others
  • 6. Parasoft Copyright © 2016 6Tweet @Parasoft #SoftwareHollow 6 Story Overview
  • 7. Parasoft Copyright © 2016 7Tweet @Parasoft #SoftwareHollow 7
  • 8. Parasoft Copyright © 2016 8Tweet @Parasoft #SoftwareHollow 8 Headless Horseman and Software Relentlessly attack Security Performance •Negative attack •Too much success Quality •if it can break, he’ll break it Bad user experience •Do they give up and run away?
  • 9. Parasoft Copyright © 2016 9Tweet @Parasoft #SoftwareHollow 9 Poll #1 • What is your biggest software scare? • Missing deadlines • Software failing after release • Competition • Being hacked
  • 10. Parasoft Copyright © 2016 10Tweet @Parasoft #SoftwareHollow 10
  • 11. Parasoft Copyright © 2016 11Tweet @Parasoft #SoftwareHollow 11 Villagers  Fearful  Belief in legends rather than facts  Not well prepared  (Money instead of action?)  Avoid the problem or addressing it
  • 12. Parasoft Copyright © 2016 12Tweet @Parasoft #SoftwareHollow 12 Villagers release plan  Write the code  Poke at it and see if it works  It’s ready because “Developers feel it”  Celebrate
  • 13. Parasoft Copyright © 2016 13Tweet @Parasoft #SoftwareHollow 13
  • 14. Parasoft Copyright © 2016 14Tweet @Parasoft #SoftwareHollow 14 Katrina Van Tassel Beauty / proud of appearance • UI over quality Rich / Fortune • No attention to bottom line Whimsical • Sometimes does the right things • Inconsistent Pampered • Throw the code over the fence
  • 15. Parasoft Copyright © 2016 15Tweet @Parasoft #SoftwareHollow 15 Who is Katrina?  Overly agile (flirting with too many things, – never promised)  Ultimately unsure – without vision  Short-term success but nothing long term
  • 16. Parasoft Copyright © 2016 16Tweet @Parasoft #SoftwareHollow 16
  • 17. Parasoft Copyright © 2016 17Tweet @Parasoft #SoftwareHollow 17 Brom Bones (Abraham Van Brunt) Willing to battle •Bugs in the field Physically fit over brains •Pen test over static analysis Practical joker – full of mischief •Easter eggs leading to potential exploits Lied about exploits vs Horseman •No metrics for readiness Doesn’t believe in ghosts •Which doesn’t help him in the end •You may think security doesn’t matter, but it does.
  • 18. Parasoft Copyright © 2016 18Tweet @Parasoft #SoftwareHollow 18 Who is Brom? Agile to a fault Constant re-work Do what’s interesting or fun Avoid boredom Ultimately missing real success
  • 19. Parasoft Copyright © 2016 19Tweet @Parasoft #SoftwareHollow 19 Poll #2 • Which of the following do you do all the time: • Static analysis • Peer review • Unit test • Performance test • Penetration test
  • 20. Parasoft Copyright © 2016 20Tweet @Parasoft #SoftwareHollow 20
  • 21. Parasoft Copyright © 2016 21Tweet @Parasoft #SoftwareHollow 21 Ichabod Crane Schoolmaster • Ongoing education Not physically fit • No brute techniques Brainy • Work smarter Steady • Do the tedious tasks like static analysis Eager to help • Peer review and pair programming Ladies man • Wanted users to have good experience Do the right thing rather then be brave
  • 22. Parasoft Copyright © 2016 22Tweet @Parasoft #SoftwareHollow 22 What Ichabod does ALL THE TIME Static analysis Unit test Peer review Functional test Load test Security – static and penetration Coverage Metrics
  • 23. Parasoft Copyright © 2016 23Tweet @Parasoft #SoftwareHollow 23 Honorable Mention – Johnny Depp Detective Never gives up Seeking the root cause rather than simple fixes
  • 24. Parasoft Copyright © 2016 24Tweet @Parasoft #SoftwareHollow 24 In the End  Brom and Katrina forced to merge to save money  Ichabod moved on to a more successful company and was a large success and became a household name
  • 25. Parasoft Copyright © 2016 25Tweet @Parasoft #SoftwareHollow 25 Conclusions Delivering software can be scary! • And dangerous! Ad hoc approach fails in the end Basic quality practices succeed • Thorough measured testing • Static analysis • Metrics • Peer review Prepared for security, compliance, safety
  • 26. Parasoft Copyright © 2016 26Tweet @Parasoft #SoftwareHollow 26  Blog: http://alm.parasoft.com  Web: http://www.parasoft.com/jsp/resources  Facebook: https://facebook.com/parasoftcorporation  Twitter: @Parasoft @CodeCurmudgeon  LinkedIn: http://www.linkedin.com/company/parasoft  Google+ Community: Continuous Testing Nov 7-9 – QCon San Francisco Nov 16 – Testing Microservices Nov 16-17 – Better Software East