|
|
Preventing Security Breaches at the Source Security is a complex and often overwhelming issue. You cannot rely solely on trying to prevent hackers from entering your systems. Instead, you must ensure that the system safeguards itself if a hacker does break in. Three of the most common internal software weaknesses hackers exploit are dangerously constructed SQL, buffer overflows, and runtime exceptions that are not properly handled. Although testing existing code for these defects can help, it is not fool proof. You also need to make a concerted effort to prevent security vulnerabilities from being introduced as the team is writing code. Through the application of practices, such as static analysis, dynamic analysis, unit testing, and runtime error detection, you can jumpstart your security efforts and keep the hackers at bay.
- The most common internal software weaknesses that hackers exploit
|
Sergei Sokolov, ParaSoft Corporation
|
|
|
Design Testability and Service Level Measurements into Software Design and architecture decisions made early in the project have a profound influence on the testability of an application. Although testing is a necessary and integral part of application development, architecture and design considerations rarely include the impacts of development design decisions on testability. In addition, build vs. buy, third party controls, open source vs. proprietary, and other similar questions can affect greatly the ability of an organization to carry out automated functional and performance testing-both positively and negatively. If the software or service is delivered to a separate set of end-users who then need to perform testing activities, the problems compound. Join Jay Weiser to find out about the important design and architecture decisions that will ensure more efficient and effective testability of your applications.
|
Jay Weiser, WorkSoft
|
|
|
Toward a Totally Automatic Test Scripts Generation The component testing phase remains mostly a human activity. In particular, the conception of test cases, which can be a very tedious task, is usually completely manual. Although existing tools alleviate the task of the tester and increase his or her productivity, very few actually help in the generation of input test data. Discover a new generation of tools that can automatically generate test cases parameterized with various test objectives (functional, structural, and both). Learn how these tools use advanced technologies in software analysis as abstract interpretation.
|
Dominique Guilbaud, ATTOL Testware
|
|
|
Problems with Vendorscripts: Why You Should Avoid Proprietary Languages Most test tools come bundled with vendor-specific scripting languages that I call vendorscripts. They are hard to learn, weakly implemented, and most importantly, they discourage collaboration between testers and developers. Testers deserve full-featured, standardized languages for their test development. Here’s why.
|
Bret Pettichord, Pettichord Consulting
|
