Allowing minor defects to be included in releases impacts our customers’ perspective on software professionalism. We’ll never catch every weird, obscure bug, but there are some design elements where they tend to lurk. By focusing our testing efforts on these areas—or at least not neglecting them—we can catch more issues before our customers do.
The key for test data privacy is fulfilling testers’ needs for efficiency, speed, and the most accurate representations of data and application behavior in the production environment, while ensuring privacy and protecting testers from unintentional hazards. Here are some tips for getting started on a test data privacy project to comply with the EU’s coming General Data Protection Regulation.
Take a look at the critical systems in the world today and you’ll find software. From water, power, and utilities to nuclear plants, factories, and cars, pretty much everything has become integrated with digital devices and the internet. We need to do testing from a risk-based perspective and be accountable to the public by acknowledging what is tested and what is not.
Agile teams are supposed to take responsibility for how they work and how they learn. But what if you need to jump-start that learning? Agile transformation is about making this happen rather than waiting for it to happen. You need to get your team to learn the technical side of agile, and soon. Here are some effective approaches.
The ISO/IEC/IEEE 29119 has defined a set of requirements for testing software. As a member of the ISO working group, Jon Hagar wants you to know the basics and why testing teams should consider this recommendation.
In this FAQ column, Claire Lohr discusses the International Software Testing Qualifications Board's (ISTQB) syllabi for topics related to software testing and it's application and usage among those who perform some aspect of testing.
In this FAQ column, Arlen Bankston defines the roles of Scrum and kanban and describes how the two agile methodologies can be complementary, each ideal for different situations, or blended to achieve the desired outcome.
Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.
While Information and Communication Technology (ICT) accessibility for a wider spectrum of users—including the blind—and their interfaces is being required by law across more jurisdictions, testing for it remains limited, naïve, and too late. The consequences of staying ignorant include...
With corporate data breaches occurring at an ever-alarming rate, all levels of organizations are struggling with ways to protect corporate data assets. Rather than choosing one or two of the many options available, Michael Jay Freer believes that the best approach is a combination of tools and practices to address the specific threats. To get you started, Michael Jay introduces the myriad of information security tools companies are using today: firewalls, virus controls, access and authentication controls, separation of duties, multi-factor authentication, data masking, banning user-developed MS-Access databases, encrypting data (both in-flight and at-rest), encrypting emails and folders, disabling jump drives, limiting web access, and more. Then, he dives deeper into data masking and describes a powerful data-masking language.
Many software people look at creating great user experiences as a black art, something to guess at and hope for the best. It doesn't have to be that way! Jennifer Fraser explores the key ingredients for great user experience (UX) designs and shares the techniques she employs early-and often-during development. Find out how Jennifer fosters communications with users and devs, and works pro-actively to ensure true collaboration among UX designers and the rest of the team. Whether your team employs a formal agile methodology or not, Jennifer asserts that you need an iterative and incremental approach for creating great UX experiences. She shares her toolkit of communication techniques-blue-sky brainstorming sessions, structured conversation, and more-to use with different personality types and describes which types may approach decisions objectively versus empathetically.
Compared to traditional functional testing, security testing requires testers to develop the mindset of real attackers and pro-actively look for security vulnerabilities throughout the software development lifecycle. Using live demos, Frank Kim shows you how to think-and act-like a hacker. Rather than just talking about issues such as Cross Site Scripting (XSS), SQL Injection, and Cross Site Request Forgery (CSRF), Frank shows-live and in color-how hackers abuse potentially devastating defects by finding and exploiting vulnerabilities in a live web application. Find out how attackers approach the problem of gaining unauthorized access to systems. Discover the tools hackers have that you don't even know exist and how you can find critical security defects in your production apps. In this revealing session, you'll learn how to become a better tester and find serious security vulnerabilities in your systems before the bad guys do.