Flexible, reusable, and restorable test data for both the unit and system level is an absolute necessity for testers working on Agile development projects. For teams following a more traditional development process, Agile approaches for handling test data can enhance testing efforts as well. Discussing Agile testing approaches, such the ObjectMother pattern, Peter Schuh explains how testers design tests and test frameworks to survive the ever-changing data structures found in Agile projects. Learn how an Agile process allows testers to get much more mileage out of test data sets during and after the initial development project. Leave with a set of practices and techniques to apply directly to Agile development projects or modify for their current development environment.

• The many dimensions of application test data
• Produce and maintain better tests and test data with Agile approaches

Most everyone now realizes that we cannot solve security vulnerabilities with firewalls, virus scanners, and other tactics that build an electronic “moat” around systems. According to Julian Harty, security is not an operational issue, not a developer issue, and not a testing issue. It is a systems issue that you must focus on throughout the software’s life. From a QA/testing perspective, we need to look early in the development process for adequate security requirements. Then, we should assess the designs for vulnerabilities and participate in security code reviews. When specialized, security tests find bugs that get past our early prevention efforts, causal analysis helps prevent the recurring security defects. Dig into system security issues with Julian and learn about manual techniques, commercial software, and home-brew automation tools to help you find security vulnerabilities-before the bad guys do.

"QA is the bottleneck” ... "Why does QA take so long?" ... "You need to test faster." Often, key project stakeholders either do not understand QA or have difficulty quantifying the effects that increasing or decreasing test time will have on the project. First American CREDCO found the solution was to turn QA into a full service organization, complete with a "Quality Rainbow" menu of options to be purchased. Want it quicker and willing to accept a higher risk? Then select from Column 1. Want low risk and willing to take the time to ensure the product is pristine? Then select from Column 5. Whether your test team is small or large, you can learn to "in-source" QA services, set time and efforts expectations up front, and measure the value of QA activities so that QA does not become a roadblock to project success.

• A method to specify and quantify the services provided by a QA group

So, your company makes money from its Web site. Who else might also be doing the same? While the Web is a profitable venture for many companies, it is often equally profitable for hackers and thieves. Due to unknown vulnerabilities of your Web application, hackers may end up with more profit from your Web site than you do. See examples of hacker techniques-SQL injection, format string attacks, session-based attacks-and a host of others. Find out why the current crop of Web testing tools is not sufficient to thwart hackers and will leave you with a false and dangerous sense of security. Learn the skills and techniques you must know to stay ahead of hackers and find security holes in your Web applications.

• Hidden Web application security vulnerabilities
• Testing skills and techniques to find security holes and prevent breaches
• Tools to help you with security testing Web sites