security

Articles

Mobile Challenges for Project Management: The Human Factors

Continuing the conversation on building software for mobile devices, we look beyond the devices to the human concerns and challenges of managing a mobile-app development team, including ergonomics, health, and scheduling.

Practical Security Testing For Web Applications

It seems like every week the press has yet another story about security breaches or stolen data at some of the world’s largest companies or government agencies. Sometimes the responsibility for ensuring thorough security resides with an IT security group, and other times it gets outsourced altogether. The responsibility seldom falls to testing teams. However, this is changing. Having trained and experienced testers hunt for security bugs will make web applications safer from hackers and will further protect consumers, corporate assets, and brands.. Scott Aziz offers some practical techniques that will help you get started.

Harden Your Web Applications with Practical Security Testing

Even though software security is vital, security testing principles and practices take time for functional testers to master. The good news is that getting started doesn't have to cost a fortune as there are effective freeware tools out there. Scott Aziz offers practical techniques that will help you get started.

The Case for Ethics in Testing

Analyzing a software project's ethical ramifications is as much a part of testing as analyzing a program for likely failures. As a tester and a philosopher, Rick Scott asks you to consider what ethical responsibilities testers have and to reflect on what a tester's code of ethics might look like.

Better Software Magazine

Oh, When Will They Ever Learn?

After reading the book The Day the Phones Stopped, which was published in 1991, Lee began wondering why the poor software quality and complaints about development and testing documented in this book are the same complaints we hear today.

Risk-based Testing in Action

Risk-based testing allows project teams to focus their limited test efforts on the areas of the product that really matter, based on the likelihood of bugs in those areas and the impact of bugs should they exist. By using risk priority to sequence test cases and allocate test effort, test teams can also increase their chances of finding bugs in priority order and allow for risk-based test triage if necessary.

A Classic Example

Many systems architects have a technology—centric view of service-oriented architecture. This article emphasizes the need to understand the business side of SOA before tackling the technology and illustrates this need with a look back in time.

What Lies Beneath

Just when you think your application is free of defects, you find security vulnerabilities lurking beneath the surface. Penetration testing can help you get them before they get you. Ryan English discusses vulnerabilities and offers five steps to organizations looking to start a Web application security initiative.

Who do You Trust?

The defensive programmer may sometimes feel a touch of paranoia in his work, but it’s all part of the job. Writing code today that is robust and defensive will help protect against the potential errors of the unforeseeable future.

A Look at GreenBlue Inspector by Ecyware

Why should hackers have all the good tools? Marnie Hutcheson takes a look at Ecyware's GreenBlue Inspector, an inexpensive tool that automates gray box vulnerability testing for simple data types, buffer overflow, SQL injection, and cross-site scripting in forms, cookies, and client requests.

A Critical Line of Defense

Tackle software vulnerabilities at the root—in the applications themselves.

Interviews

Security Testing in an Agile World: An Interview with Jeff Payne

Jeffrey Payne sat down with Noel Wurst to discuss a range of topics, including advice for teams that are attempting agile for the first time, the importance of clear communication between teams, and the ways that security testing has changed alongside modern technology.

Data Protection is Everyone's Job: An Interview with Michael Jay Freer

Michael Jay Freer sat down with us ahead of his Better Software Conference 2012 presentation titled "Information Obfuscation: Protecting Corporate Data" Michael discusses the need for many companies to make a greater effort at masking data, and how that task requires everyone to be on board.

TechWell Stories

To Estimate or Not to Estimate—That Is the Question

Removing Waste in Software Projects

Create a Vendor Contract While Keeping Agile

How Agile Teams Use DevOps for Deployment

Build a List of Things—But Don't Call It Agile

Recommended Web Seminars

May 23 Key Principles to Mobile Performance Testing

May 29 How to Integrate Performance Testing into Agile and Hybrid Environments

Jun 11 Test Infrastructure Changes as Easy as Pressing Play

Jun 18 Adopting Agile and Moving into the Future

On Demand 7 Habits of Highly Effective Agile Teams

Featured Resources

» Skytap Automation Pack for Microsoft VS Team Foundation Server | Skytap

» An Innovative Approach to Integration Testing | IBM Rational

» Improve Quality and Decrease Time to Market with Requirements Management | PTC

» Cloud-Enabled Software Development and Testing | Skytap

» Performance Testing in the Cloud | J9 Technologies

Visit Our Other Communities

The home for software testing and QA professionals—practical advice on test automation, test management, test techniques, and more.

Where configuration management and development professionals go for answers on SCM, ALM, change management, DevOps, tools and more.

Agile Connection is one of the growing communities of the TechWell network.

Featuring fresh, insightful stories, TechWell.com is the place to go for what is happening in software development and delivery. Join the conversation now!

Featured Content

Why the BA Is Essential to Agile Development: An Interview with Steve Adolph

Video

Steve Adolph explains why the BA's role on an agile project cannot be overvalued, due to their immense communication and collaboration skills. Steve describes the best BA's as "boundary spanners" who know the importance of keeping everyone sitting together, and most importantly—talking.