risk management

Conference Presentations

BSE Testing Risk Aware, Not Risk Averse
Slideshow

Most of us dread failures. But things go wrong. We can become paralyzed by the fear of being the creator of the next outage or critical bug. After a failure, we often hold a postmortem, but this rarely addresses how we can be more proactive in preventing catastrophes. Considering our...

Siva Katir
Agile DevOps Metrics to Assess Risk in DevOps
Slideshow

As software development becomes more value-focused, the need for a fluid production process emerges. That process is DevOps. However, when the number of release cycles rises, so does the risk of disruptive code entering the system and eroding the value that development creates. 

Bill Dickenson
STAREAST 2015: Risk-Based Testing for Agile Projects
Slideshow

Many projects implicitly use some kind of risk-based approach for prioritizing testing activities. However, critical testing decisions should be based on a product risk assessment process using key business drivers as its foundation. For agile projects, this assessment should be both...

Erik van Veenendaal, Improve IT Services BV
Reducing the Cost of Software Testing

The demand to deliver more software in less time is increasing. Give in to the pressure without thinking, and you end up facing burnout, stress, business risk, and, most likely, even more demands. Refuse, fight the good fight, and it is likely the business will replace you with someone else.

Matthew Heusser, Excelon Development
Intelligent Mistakes in Test Automation
Slideshow

A number of test automation ideas that at first glance seem very sensible actually contain pitfalls and problems that you should avoid. Dot Graham describes five of these “intelligent mistakes”—automated tests will find more bugs more quickly; spending a lot on a tool must guarantee great...

Dorothy Graham, Software Test Consultant
STARCANADA 2013 Keynote: Testing Lessons from Hockey (The World’s Greatest Sport)
Video

Over the years, Rob Sabourin has drawn important testing lessons from diverse sources including the great detectives, the Simpsons, Hollywood movies, comic book superheroes, and the hospital delivery room. Now Rob scores big with breakaway testing ideas from hockey, Canada’s national sport.

Rob Sabourin, AmiBug.com
Risk-based Testing: Not for the Fainthearted
Slideshow

If you’ve tried to make testing really count, you know that “risk” plays a fundamental part in deciding where to direct your testing efforts and how much testing is enough. Unfortunately, project managers often do not understand or fully appreciate the test team’s view of risk...

George Wilkinson, Grove Consultants
Information Obfuscation: Protecting Corporate Data
Slideshow

With corporate data breaches occurring at an ever-alarming rate, all levels of organizations are struggling with ways to protect corporate data assets. Rather than choosing one or two of the many options available, Michael Jay Freer believes that the best approach is a combination of tools and practices to address the specific threats. To get you started, Michael Jay introduces the myriad of information security tools companies are using today: firewalls, virus controls, access and authentication controls, separation of duties, multi-factor authentication, data masking, banning user-developed MS-Access databases, encrypting data (both in-flight and at-rest), encrypting emails and folders, disabling jump drives, limiting web access, and more. Then, he dives deeper into data masking and describes a powerful data-masking language.

Michael Jay Freer, Quality Business Intelligence
Danger! Danger! Your Mobile Applications Are Not Secure
Slideshow

A new breed of mobile devices with sophisticated processors and ample storage has given rise to sophisticated applications that move more and more data and business logic to devices. The result is significant and potentially dangerous security challenges, especially for location-aware mobile applications and those storing sensitive or valuable data on devices. To counter these risks, Johannes Ullrich introduces and demonstrates design strategies you can use to mitigate these risks and make applications safer and less vulnerable. Johannes illustrates design patterns to: co-validate data on both the client and server; authenticate transactions on the server; and store only authenticated and access-controlled data on the client. Learn to apply these solutions without losing access to powerful HTML5 JavaScript APIs such as those required for location-based mobile applications.

Johannes Ullrich, SANS Technology Institute
Managing Iterative Development: Avoiding Common Pitfalls

The Rational Unified Process (RUP) advocates an iterative or spiral approach to the software development lifecycle, as this approach has again and again proven to be superior to the waterfall approach in many respects. But do not believe for one second that the many benefits an iterative lifecycle provides come for free. Iterative development is not a magic wand that when waved solves all possible problems or difficulties in software development. Projects are not easier to set up, to plan, or to control just because they are iterative. The project manager will actually have a more challenging task, especially during his or her first iterative project, and most certainly during the early iterations of that project, when risks are high and early failure possible.

Per Kroll, Rational

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.