The Scrum Guide was updated recently to make values an explicit part of the framework: commitment, courage, focus, openness, and respect. When these values are embodied and lived by the team, the Scrum pillars of transparency, inspection, and adaptation come to life and build trust for everyone. Is your team practicing them?
One of the twelve principles behind the Agile Manifesto is “Simplicity—the art of maximizing the amount of work not done—is essential.” Why is this principle called an art, while the others aren’t? And why should we maximize the amount of work "not" done? This article analyzes the importance of simplicity in agile projects.
Agile teams are supposed to take responsibility for how they work and how they learn. But what if you need to jump-start that learning? Agile transformation is about making this happen rather than waiting for it to happen. You need to get your team to learn the technical side of agile, and soon. Here are some effective approaches.
The ISO/IEC/IEEE 29119 has defined a set of requirements for testing software. As a member of the ISO working group, Jon Hagar wants you to know the basics and why testing teams should consider this recommendation.
In this FAQ column, Claire Lohr discusses the International Software Testing Qualifications Board's (ISTQB) syllabi for topics related to software testing and it's application and usage among those who perform some aspect of testing.
In this FAQ column, Arlen Bankston defines the roles of Scrum and kanban and describes how the two agile methodologies can be complementary, each ideal for different situations, or blended to achieve the desired outcome.
Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.
While Information and Communication Technology (ICT) accessibility for a wider spectrum of users—including the blind—and their interfaces is being required by law across more jurisdictions, testing for it remains limited, naïve, and too late. The consequences of staying ignorant include...
With corporate data breaches occurring at an ever-alarming rate, all levels of organizations are struggling with ways to protect corporate data assets. Rather than choosing one or two of the many options available, Michael Jay Freer believes that the best approach is a combination of tools and practices to address the specific threats. To get you started, Michael Jay introduces the myriad of information security tools companies are using today: firewalls, virus controls, access and authentication controls, separation of duties, multi-factor authentication, data masking, banning user-developed MS-Access databases, encrypting data (both in-flight and at-rest), encrypting emails and folders, disabling jump drives, limiting web access, and more. Then, he dives deeper into data masking and describes a powerful data-masking language.
Many software people look at creating great user experiences as a black art, something to guess at and hope for the best. It doesn't have to be that way! Jennifer Fraser explores the key ingredients for great user experience (UX) designs and shares the techniques she employs early-and often-during development. Find out how Jennifer fosters communications with users and devs, and works pro-actively to ensure true collaboration among UX designers and the rest of the team. Whether your team employs a formal agile methodology or not, Jennifer asserts that you need an iterative and incremental approach for creating great UX experiences. She shares her toolkit of communication techniques-blue-sky brainstorming sessions, structured conversation, and more-to use with different personality types and describes which types may approach decisions objectively versus empathetically.
Compared to traditional functional testing, security testing requires testers to develop the mindset of real attackers and pro-actively look for security vulnerabilities throughout the software development lifecycle. Using live demos, Frank Kim shows you how to think-and act-like a hacker. Rather than just talking about issues such as Cross Site Scripting (XSS), SQL Injection, and Cross Site Request Forgery (CSRF), Frank shows-live and in color-how hackers abuse potentially devastating defects by finding and exploiting vulnerabilities in a live web application. Find out how attackers approach the problem of gaining unauthorized access to systems. Discover the tools hackers have that you don't even know exist and how you can find critical security defects in your production apps. In this revealing session, you'll learn how to become a better tester and find serious security vulnerabilities in your systems before the bad guys do.