|
|
The QA/Testing Perspective on Software Security Most everyone now realizes that we cannot solve security vulnerabilities with firewalls, virus scanners, and other tactics that build an electronic “moat” around systems. According to Julian Harty, security is not an operational issue, not a developer issue, and not a testing issue. It is a systems issue that you must focus on throughout the software’s life. From a QA/testing perspective, we need to look early in the development process for adequate security requirements. Then, we should assess the designs for vulnerabilities and participate in security code reviews. When specialized, security tests find bugs that get past our early prevention efforts, causal analysis helps prevent the recurring security defects. Dig into system security issues with Julian and learn about manual techniques, commercial software, and home-brew automation tools to help you find security vulnerabilities-before the bad guys do.
|
Julian Harty, Commercetest Limited
|
|
|
Asia as a Test Outsource Center Outsourcing testing software projects to countries in Asia is a trend that is here to stay. You have a growing number of choices for an outsourcing country in Asia-India, China, Taipei, Korea, and others. Although India currently dominates the scene and both Taipei and Korea have historically provided excellent quality, though at a higher cost, China is quickly moving to become the leader with even lower billing rates and a large number of experienced and educated engineers. In this session, Jacob Hsu offers an overview of the Asian outsource scene including the latest trends and data. Take away a checklist of best practices for successfully outsourcing product testing to Asia, including how to manage distributed testing teams, how to overcome language/cultural issues by country, and what types of testing should (and should not) be outsourced offshore.
|
Jacob Hsu, Symbio Group
|
|
|
Discovering the "Real" Software Requirements In this session Paul Desantis takes you through the important aspects of requirements discovery, including sampling documentation, research, observation, questionnaires, interviews, prototyping, and joint planning.
|
Paul Desantis, Hughes Network Systems
|
|
|
Web Application Performance Testing with the Open Source Hyades Project What if you could build and run multi-user performance tests with a free, open source tool? Then, this coming Monday, you could validate multi-user application performance before deploying your application to your users, automate performance tests without spending money, and add additional features and capabilities to the
performance test tool as desired. Join Jeff Robbins to learn about two open source tools, Eclipse and Hyades.
|
Jeff Robbins, IBM Rational Software Group
|
|
|
Keyword Testing at the Object Level It's time to put a new spin on the technique of keyword testing using a data-driven engine. Brian Qualters shows you how to effectively place your focus not on the action or process to be completed, but rather on the object type that's to be manipulated. This redirected focus lets you avoid the pitfalls and resource requirements encountered when you move to test another application. He gives a demonstration of how this modified approach can be integrated into the manual test case creation as a way to tremendously improve efficiency.
|
Brian Qualters, TurboTesting Concepts
|
|
|
Performance Testing E-Commerce Web Systems Performance testing of e-commerce Web systems is critical to the effectiveness of Web sites. Michael Hagen describes how Vanguard went through extensive load testing in preparation for the Y2K weekend. Discover how to develop performance requirements, set up a performance testing environment, and execute the actual testing. Gain invaluable insight into what makes a Web system--from browser to mainframe-perform or not perform.
|
Michael Hagen, The Vanguard Group
|
|
|
Automated Testing of Object-Oriented Components Using Intelligent Test Artifacts Everyone agrees on the value of testing software components early and often to find defects before they become costly and to ensure that changes do not have unexpected side effects. Unfortunately, many developers still do not follow this practice because of the perception that creating tests is too burdensome. In this presentation, learn a practical guide to streamlining component test creation by employing intelligent test artifacts. Discover how this technique will enable you to extract the most value from testing with the least amount of effort.
|
Michael Silverstein, SilverMark, Inc.
|
|
|
Internet Product Delivery: Creating Quality at the Speed of the Web Based on an operations perspective, Richard Martin shares his experiences with an e-commerce company in the areas of project planning, quality assurance, release management, and project delivery. Learn how the e-commerce market differs from other enterprise applications and which "best practices" make the most sense. Explore the most effective ways to manage change at Web speed.
|
Richard Martin, Calico Commerce
|
|
|
A Practical Approach to Early-Cycle QA Test Automation Everyone knows that a large body of automated unit tests for classes, subsystems, and frameworks adds to overall code quality. However, the "burden" of unit test automation is frequently placed squarely on the shoulders of developers because of the perception that only a developer can write a unit test. Since QA personnel typically test from the user interface-and usually have to wait until later in the development cycle for the availability of that interface-they're often left to scramble at the end of the cycle to get their testing done. Michael Silverstein reveals a model for early-cycle collaboration between developers and testers where testers augment the developers' unit testing activities without adding additional process overhead.
|
Michael Silverstein, SilverMark, Inc.
|
|
|
Get Real! Creating Realistic, Actionable Project Schedules The preparation of a realistic, practical project schedule is an essential management function for obtaining stakeholder commitment, setting expectations, and communicating within the team and organization what is achievable. Doing this preparation well is another challenge-one that must be conquered. Rex Black helps participants see the bigger project scheduling picture by focusing on issues such as constituent tasks, the underlying dependencies between them, and the risks attached to the completion of those tasks.
|
Rex Black, Rex Black Consulting Services, Inc.
|
