AgileConnection | Agile Software Development Q&A and How-to Advice

Conference Presentations

	Beyond GUI: What You Need to Know about Database Testing Today's complex software systems access heterogeneous data from a variety of back-end databases. The intricate mix of client-server and Web-enabled database applications are extremely difficult to test productively. Testing at the data access layer is the point at which your application communicates with the database. Tests at this level are vital to improve not only your overall test strategy, but also your product's quality. Mary Sweeney explains what you need to know to test the SQL database engine, stored procedures, and data views. Find out how to design effective automated tests that exercise the complete database layer of your applications. You'll learn about the most common and vexing defects related to SQL databases and the best tools available to support your testing efforts.	Mary Sweeney, Exceed Training
	Security Testing Web Applications Often, the fast-paced development cycles of Web applications don't usually leave much room for testing. Thanks to the instant service pack phenomenon, we can update a Web application every day-so it's ok if things aren't perfect, right? That may be the case for functional bugs, but not security bugs. All an attacker needs is a very small window of opportunity to do damage. James Whittaker shows you how to identify these threats and demonstrates examples of attacks against them. From "SQL injection" to "cross-site scripting," and many more, you’ll leave with the knowledge of how a hacker views your online business and, as a tester, what you can do about it.	Dr. Mike Andrews, Florida Institute of Technology
	STARWEST 2003: How To Break Software Security We have all experienced the "thrill" of functional testing, going through requirements and then crafting test cases to ensure that the application behaves according to specifications. While this method has its place, it misses many classes of bugs, especially security bugs. For example, security bugs can manifest as extra functionality that may not violate requirements directly, but still expose catastrophic holes in software. Based on strategies that have successfully broken some of the world's most secure applications, Herbert Thompson presents the tools and techniques you need to find security problems before your application is released. Learn the security attacks and tools to uncover security vulnerabilities before hackers discover them for you.	Herbert Thompson, Security Innovation LLC
	STAREAST 2003: Rapid Web Testing in a High-Velocity Environment This paper discusses implementing METS (Minimal Essential Testing Strategy) for your test team. METS is a strategy to help get the essential testing for your project done within the time frame allowed. Step by step instructions for using this methodology are included.	Greg Paskal, Kinko's
	Security Testing by Steven Splaine For anyone involved in security testing, or for anyone who is just plain curious about this area of software testing, the following references will provide a good starting point for any effort that you might be asked to undertake. In this issue, Steven Splaine discusses this important aspect of software engineering.	Steven Splaine July 29, 2003
	Security Bugs Exposed The one thing that is crystal clear with respect to software security is that it isn't done well. Security bugs and design deficiencies that allow digital information to be stolen or tampered with are far too prevalent. As testing professionals, we have a big problem, and a big opportunity, on our hands. Learn ways to find security vulnerabilities in your system.	James Whittaker Herbert H. Thompson May 1, 2003
	Usability and Privacy While most bugs that make headline news are due to careless software implementations exploited by skilled hackers, the problems in KaZaA center around its user interface. This article details KaZaA's application flaws and then suggests ways to prevent such flaws.	Nathaniel Good March 5, 2003
	STARWEST 2002: How to Break Software Security This presentation addresses classifying, finding, and attacking software security vulnerabilities.	James Whittaker, Florida Institue of Technology and Herbert Thompson, System Integrity
	Testing Component-Based Software Today component engineering is gaining substantial interest in the software engineering community. Jerry Gao provides insight and observations on component testability and proposes a new model to represent and measure the maturity levels of a component testing process. In this presentation, you will identify, classify, and discuss new issues in testing component-based software.	Jerry Gao, San Jose State University
	Software Inspection: Taking a Step Forward to Completion A software inspection is a well-known method in the industry today to improve the quality of software that we produce. Examine the problems that Intel Corporation faced with implementing this process and how they overcame the issues to see some very good results--ultimately attaining closure with 96% of their inspections.	Neela Majumder, Intel Corporation

Pages

Recommended Web Seminars

May 16	Test Ahead of the Curve: Insights for Developing a Superior Test Coverage
May 23	How Generative AI Boosts Speed and Quality in Software Testing
On Demand	Building Confidence in Your Automation
On Demand	Leveraging Open Source Tools for DevSecOps
On Demand	Five Reasons Why Agile Isn't Working

Featured Resources

Introduction to Containers eGuide | TechWell

Scrum Master Essentials eGuide | TechWell

The Total Economic Impact of Keysight Eggplant Test Automation Software | Keysight

Test Automation eGuide | TechWell

Build vs. Buy: The Hidden Costs of In-House Software Test Automation | Keysight

Visit Our Other Communities

Where configuration management and development professionals go for answers on SCM, ALM, change management, DevOps, tools and more.

The home for software testing and QA professionals—practical advice on test automation, test management, test techniques, and more.

AgileConnection is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.