STARWEST 2017 Focus - Security Testing | TechWell

STARWEST 2017 - Security Testing

Monday, October 2

Lee Copeland
TechWell Corp.
MA

Get Started with Risk-Based Testing

Add to calendar
Monday, October 2, 2017 - 8:30am to 4:30pm

Whether you are new to testing or looking for a better way to organize your test practices, understanding risk is essential to successful testing. Lee Copeland describes a general risk-based framework—applicable to any development lifecycle model—to help you make critical testing decisions earlier and with more confidence. Learn how to focus your testing effort, what elements to test, and how to organize test designs and documentation. Review the fundamentals of risk identification, analysis, and the role that testing plays in risk mitigation. Develop an inventory of test objectives to...

Michael_Bolton
DevelopSense
MB

Critical Thinking for Software Testers

Add to calendar
Monday, October 2, 2017 - 8:30am to 4:30pm

Critical thinking is the kind of thinking that specifically looks for problems and mistakes. Regular people don't do a lot of it. However, if you want to be a great tester, you need to be a great critical thinker. Critically-thinking testers save projects from dangerous assumptions and ultimately from disasters. The good news is that critical thinking is not just innate intelligence or a talent—it's a learnable and improvable skill you can master. Michael Bolton shares the specific techniques and heuristics of critical thinking and presents realistic testing puzzles that help you practice...

Hans_Buwalda
LogiGear
MD

Better Test Design for Great Test Automation

Add to calendar
Monday, October 2, 2017 - 8:30am to 12:00pm

When we discover—often late in an automation effort—that the automated tests are cumbersome and costly to maintain, we often view this as a technical problem for the automator to solve. However, an often-overlooked cause is the role that testers who designed these tests play in making automation scalable and maintainable. In this interactive tutorial for both testers and automation engineers, Hans Buwalda explores how better test designs not only will result in much improved test automation but also can make the difference between automation success and failure. See why successful...

Jon_Hagar
Grand Software Testing
ME

Test Attacks to Break Mobile and Embedded Software

Preview
Add to calendar
Monday, October 2, 2017 - 8:30am to 12:00pm

In the tradition of James Whittaker’s book series, How to Break Software, Jon Hagar applies the testing “attack” concept to mobile and embedded software systems. First, Jon defines the environments of mobile and embedded software. He then examines the issues of software product failures caused by defects found in these types of software. Next, Jon shares a set of attacks against mobile and embedded software based on common modes of failure that teams can direct against their software. Like different kinds of software design patterns, attacks are test design patterns that must be...

Maaret Pyhäjärvi
F-Secure Oyj
MG

Exploratory Testing: Explore with Intent

New
Add to calendar
Monday, October 2, 2017 - 8:30am to 12:00pm

The skill to self-manage our testing work and our learning—making learning and reflection a habit—is what differentiates skilled exploratory testing from simply putting random testing activities together. Maaret Pyhäjärvi says that exploratory testing treats test design, test execution, and learning as parallel, mutually supportive activities—with the goal of discovering things that we don’t know we don’t know. Exploratory testing frames our thinking about the system and engulfs the idea of creating artifacts to support testing. Join Maaret to experience exploratory testing hands-on and...

Isabel Evans
Independent Consultant
MK

Influence Diagrams: A New Way to Understand Testing

Preview
Add to calendar
Monday, October 2, 2017 - 1:00pm to 4:30pm

Influence diagrams provide a simple-to-create and easy-to-understand approach to address the complexities of real-life problems. As testers, we may want to find more bugs, but this may have an unintended consequence for developers. Developers now have more defects to debug, which affects their capacity to deliver new functionality. Isabel Evans has found that influence diagrams provide a means of understanding and managing the complexities of key interactions among testers, developers, and business stakeholders. In the past few years, Isabel has used influence diagrams as a tool to...

Tariq_King
Ultimate Software
ML

Unit Testing: What Every Tester Should Know

Add to calendar
Monday, October 2, 2017 - 1:00pm to 4:30pm

Do you want to take your testing skills to the next level? Are you trying to stay relevant on an agile team where testing is shifting to the left on the project timeline? Do you want to help your organization reap the full benefits of testing earlier? Then join Tariq King to explore the fundamentals of unit testing so you can find bugs as soon as they happen and do more thorough, targeted testing during software development. This introductory session is for everyone—of all programming skill levels. Learn how to apply program-based techniques such as testing by looking, automated unit...

Tuesday, October 3

Michael_Bolton
DevelopSense
TA

A Rapid Introduction to Rapid Software Testing

Add to calendar
Tuesday, October 3, 2017 - 8:30am to 4:30pm

You're under tight time pressure with barely enough information to proceed with testing. How do you test quickly and inexpensively—yet still produce informative, credible, and accountable results? Rapid Software Testing, adopted by context-driven testers worldwide, offers a field-proven answer to this all-too-common dilemma. In this one-day sampler of the approach, Michael Bolton introduces you to the skills and practice of Rapid Software Testing through stories, discussions, and “minds-on” exercises that simulate important aspects of real testing problems. The rapid approach isn't just...

Lee Copeland
TechWell Corp.
TC

Fundamentals of Software Test Design

Add to calendar
Tuesday, October 3, 2017 - 8:30am to 12:00pm

As testers, we know that we can define many more test cases than we will ever have time to design, execute, and report. The key problem in testing is choosing a small, “smart” subset—from the almost infinite number of tests available—that will find a large percentage of the defects. Join Lee Copeland to discover how to design test cases using formal black-box techniques, including equivalence class testing, boundary value testing, decision tables, and state-transition diagrams. Explore examples of each of these techniques in action. Don’t just pick test cases randomly. Learn to selectively...

TD

The Impact of IoT on Testing: What’s in Store

Add to calendar
Tuesday, October 3, 2017 - 8:30am to 12:00pm

No longer just a futuristic concept, the Internet of Things (IoT) has a strong presence in our world even today. If your business is not prepared for it, you’re already behind. With the proliferation of connected “things”—devices, appliances, cars, and even clothes—Jennifer Bonine says that the stage is set. IoT apps are here to stay. Testing, product management, and development teams must address developing and testing in this paradigm. Testers, accustomed to traditional platforms, are now asked to test on more complex devices and more advanced platforms. Testers must keep up with the...

Dorothy Graham
Software Test Consultant
TF

Technical Test Automation Challenges: Patterns and Solutions

Preview Sold Out!
Add to calendar
Tuesday, October 3, 2017 - 8:30am to 12:00pm

Many organizations find that test automation does not work as well as they thought it would. In many cases, these failures are due to generic technical reasons, which can be fixed with relative ease. Solutions that have worked well for others are patterns; these test automation patterns are common to automation efforts at any level with whatever tools you are using. Dot Graham focuses on often-neglected technical issues—i.e., non-management issues—and the patterns that help solve them. These are not development or code patterns—this is a code-free tutorial. Using a set of patterns...

Jeffery Payne
Coveros, Inc.
TG

Security Testing for Testing Professionals

Add to calendar
Tuesday, October 3, 2017 - 8:30am to 12:00pm

Today’s software applications are often security critical, making security testing essential in a software quality program. Unfortunately, most testers have not been taught how to effectively test the security of the software applications they validate. Join Jeffery Payne as he shares what you need to know to integrate effective security testing into your everyday software testing activities. Learn how software vulnerabilities are introduced into code and exploited by hackers. Discover how to define and validate security requirements. Explore effective test techniques for assuring that...

Dawn Haynes
PerfTestPlus, Inc.
TL

How to Break Software: Robustness Edition

Add to calendar
Tuesday, October 3, 2017 - 1:00pm to 4:30pm

Have you ever worked on a project where you felt testing was thorough and complete—all features were covered and all tests passed—yet in the first week in production the software had serious issues and problems? Join Dawn Haynes to learn how to inject robustness testing into your projects to uncover those issues before release. Robustness—an important and often overlooked area of testing—is the degree to which a system operates correctly in the presence of exceptional inputs or stressful environmental conditions. Dawn shows you how—by expanding basic tests and incorporating specific...

Jeffery Payne
Coveros, Inc.
TM

Integrating Automated Testing into DevOps

Add to calendar
Tuesday, October 3, 2017 - 1:00pm to 4:30pm

In many organizations, agile development processes are driving the pursuit of faster software releases, which has spawned a set of new practices called DevOps. DevOps stresses communications and integration between development and operations, including rapid deployment, continuous integration, and continuous delivery. Because DevOps practices require confidence that changes made to the code base will function as expected, automated testing is essential. Join Jeffery Payne as he discusses the unique challenges associated with integrating automated testing into continuous integration/...

Mike_Sowers
TechWell Corp.
TN

Plan, Architect, and Implement Test Automation within the Lifecycle

Preview
Add to calendar
Tuesday, October 3, 2017 - 1:00pm to 4:30pm

In test automation, we must often use several tools that have been developed or acquired over time with little consideration of an overall plan or architecture and no consideration for how to integrate the tools. As a result, productivity suffers and frustrations increase. Join Mike Sowers as he shares experiences from multiple organizations in creating an integrated test automation plan and developing a test automation architecture. Mike discusses both the good (engaging the technical architecture team) and the bad (too much isolation between test automators and test designers) on...

Tariq_King
Ultimate Software
TO

Beyond Unit Testing: More of What Testers Should Know

New
Add to calendar
Tuesday, October 3, 2017 - 1:00pm to 4:30pm

Are you a tester, developer, or quality engineer who participates in code reviews or unit testing activities? Can you write test scripts to cover all program statements but would like to learn more advanced code-based testing techniques? Join Tariq King as he goes beyond the basics of unit testing and shows you how to design tests that cover multiple data conditions, independent paths, and loops within code. Learn how to apply these techniques to different application tiers, ranging from the user interface to the data access layer. Discover strategies for integration testing based on...

Jason_Arbon
Appdiff, Inc.
TR

Building Your Mobile App Quality and Test Strategy

Preview
Add to calendar
Tuesday, October 3, 2017 - 1:00pm to 4:30pm

Let’s build a mobile app quality and testing strategy together. Whether you have a web, hybrid, or native app, building a quality and testing strategy means (1) knowing what data and tools you have available to make agile decisions, (2) understanding your customers and your competitors, and (3) testing your app under real-world conditions. Jason Arbon guides you through the latest techniques, data, and tools to ensure the awesomeness of your mobile app quality and testing strategy. Leave this interactive session with a strategy for your very own app—or one you pretend to own. The...

Wednesday, October 4

Jim_Weaver
Vanderbilt University Medical Center
W2

The Software Testing Pyramid: A Concrete Example

Preview
Add to calendar
Wednesday, October 4, 2017 - 11:30am to 12:30pm

Mike Cohn’s Test Pyramid describes a test automation strategy consisting of a wide base of unit tests, service-oriented acceptance tests for business logic, and a thin layer of tests exercising the user interface. Tests that provide the quickest feedback and fault precision serve as the testing foundation. So, how does this work in practice? How does a team achieve this level of test automation and maintain it over time? How can the team avoid redundancy in the various test layers? Jim Weaver demonstrates the different types of tests for a real feature—enforcing business rules for...

Kenneth_Merkel
CA Technologies
W8

Service Virtualization: What, Who, When, and How

Preview
Add to calendar
Wednesday, October 4, 2017 - 1:45pm to 2:45pm

Service virtualization provides many benefits for both development and test teams. For testers, service virtualization empowers them to work in parallel with their development counterparts and take control of their own schedules. They no longer have to wait for development to complete their work or to get access to a restricted system such as a mainframe or a third party API. Test teams can get the basic details from dev and/or use a sample request and response pair to create a virtual service themselves. With no need to wait on others to start testing, testing can start at...

W9

Transform Your Team from QA to Test Engineering

Preview
Add to calendar
Wednesday, October 4, 2017 - 1:45pm to 2:45pm

Are you being asked to shorten your testing timelines? Do you feel pressured to increase your test automation coverage but don’t have the time, staff, or budget? How do you as a leader upgrade your existing teams’ programming skills and technical abilities without bringing in external resources—and still meet your daily release deliverables? Join Jennifer Scandariato as she shares her journey in transforming the QA department at iCIMS into a Test Engineering Center of Excellence, where manual testers are now automation engineers who apply appropriate automation technologies to...

Talal_Ibdah
Baaz.com
W11

Automate Your API Testing Process

Preview
Add to calendar
Wednesday, October 4, 2017 - 1:45pm to 2:45pm

Creating automated tests for your team stories, integration, or regression test cycles within agile sprints is almost every tester’s top challenge. Usually it consumes many hours and requires a great deal of effort to achieve, especially in complex and large agile projects. Teams need to deliver software as quickly as they can while producing the best possible product quality. Talal Ibdah shows how you can achieve these goals and automate your API functional and performance tests; define test environments and configuration files; make chaining requests; continuously deliver your...

Hilary_Weaver-Robb
Quicken Loans
W14

Testing RESTful Web Services

Preview
Add to calendar
Wednesday, October 4, 2017 - 3:00pm to 4:00pm

A lot of folks doing testing (QAs, BAs, and Devs alike) are experienced with testing applications through the front end—a graphical user interface or a mobile app. However, Hilary Weaver-Robb says that with this type of testing we often miss the internal web services and APIs that power those applications. Integration or web service tests are right in the middle of the Testing Pyramid, so to ensure adequate coverage it’s vital for testers to know how to test at that level. Thankfully, to test web services we can apply many of the same principles we already know. Hilary focuses on...

Cher Fox
Fox Consulting
W15

Test Automation for Data-Centric Applications

Add to calendar
Wednesday, October 4, 2017 - 3:00pm to 4:00pm

Test automation, one of several key technical enablement practices, allows teams to be more successful in their agile journeys. Although there are many test practices and automation tools available for software development teams to leverage, few data-centric testing tools are targeted to data-related development and testing, leaving data warehousing and business intelligence teams thinking they can't possibly automate their tests. Cher Fox explores why test automation is important to agile data teams, discusses why they aren’t automating their tests today, and investigates the path to test...

Marianne_Hollier
HCL Technologies
W17

What Does Continuous Testing Really Mean?

Add to calendar
Wednesday, October 4, 2017 - 3:00pm to 4:00pm

You may have heard the term “continuous testing” and thought it was just the DevOps flavor of the month … or that it isn’t part of DevOps … or that it isn’t for cloud-based applications. Marianne Hollier says that continuous testing means adopting the right set of automated tests along with service virtualization, which allows the team to simulate missing dependencies and to start testing earlier and more frequently. She shares how the right combination of best practices and tools can help software development and testing teams adopt a continuous testing approach. Since you can’t test...

Thursday, October 5

Geoff_Meyer
Dell EMC
T1

Leverage Big Data and Analytics for Testing

Preview
Add to calendar
Thursday, October 5, 2017 - 9:45am to 10:45am

Sabermetrics turned the baseball world upside down by challenging decades-old measures of individual performance and their perceived linkage to team success. After cementing their legacy as the Lovable Losers for 108 years, the Chicago Cubs were able to leverage a data-driven approach to finally win a World Series. A high-school football coach, devoted to statistical analysis, has won three state championships—by never punting. Formula 1 racing teams collect staggering amounts of telemetry data from their race cars for the purpose of eking out seconds during the course of a race....

Michael Nauman
Autodesk
T7

Shift Left Testing: Going Beyond Agile

Add to calendar
Thursday, October 5, 2017 - 11:15am to 12:15pm

The concept of “shifting testing left” in the software development lifecycle is not new. Shifting testing from manual to automated and then upstream into engineering is a driving factor in DevOps and agile software development. However, Michael Nauman wonders why test automation, DevOps, and agile software development still frequently fail to deliver on their promises? Aligning and hardening your DevOps and test automation—along with streamlining your agile processes—is critical to your project. Michael shares how AutoCAD’s shifting testing left enabled improvements within their...

Melissa_Chawla
Guidewire
T14

A Three-Tier Load Testing Program Saved Our Bacon

Preview
Add to calendar
Thursday, October 5, 2017 - 1:30pm to 2:30pm

Ensuring a website will scale with excellent performance under peak levels of load is no easy task. Any number of problems can occur—from switch hardware failure to third party service outages, to a poor choice of algorithms or memory use in the code. Melissa Chawla describes Shutterfly's three-tiered approach to prevent site outages during peak load. First, check the development team's designs for scalability by holding performance design reviews for each project including identifying throughput requirements for all down-stream resources. Second, automate continuous load testing...

Amir Rozenberg
Perfecto Mobile
T16

Testing in the IoT Era

Preview
Add to calendar
Thursday, October 5, 2017 - 1:30pm to 2:30pm

The age of the Internet of Things (IoT) has come. IoT devices enable a new realm of services and applications—medical devices, fitness and fashion, appliances, industrial, etc. The market is expected to exceed $1.7 trillion by 2020 with more than 200 billion connected devices—and 90 percent of automobiles. Join Amir Rozenberg as he describes the ingredients to ensure quality IoT applications: IoT-enabled lab, test tools and methodologies, and compliance and test evidence. Test professionals need to expand their perspective to include IoT; new IoT dev testers need to adopt proven...

Jon_Fetrow
Olympus Corporation of the Americas
T18

Use Model-Based Testing to Navigate the Software Forest

Preview
Add to calendar
Thursday, October 5, 2017 - 1:30pm to 2:30pm

Even seemingly simple software systems can be a dense forest of intersecting logical pathways which may leave you wondering if your testing was robust enough. Traditional test cases are flawed since they only execute the pathways the tester considered at the time the test case was written, and they will execute the same way—every time and without variation. Jon Fetrow shows how, using model-based testing, you can create a map of your software forest and answer the question “Did you test enough?” Jon discusses the use of models to catch defects in the requirements and design phase...

Paola_Rossaro
Nouvola
T20

Performance Testing in a Containerized World

Preview
Add to calendar
Thursday, October 5, 2017 - 3:00pm to 4:00pm

Container-based and microservices architectures have become the ideal setting for faster development cycles and more robust applications. As companies shift to these technologies, an integral part of the solution is the development of a continuous performance testing pipeline. Adopting a containerized architecture presents a variety of challenges. There are concerns about introducing additional overhead into the application performance. At the same time, a new paradigm implies defining new testing strategies, new metrics, and new tools that can better adapt to these architectures....

Meher_Nori
Broadridge Financial Solutions
T22

Get Ready for Cloud Testing

Preview
Add to calendar
Thursday, October 5, 2017 - 3:00pm to 4:00pm

In the past few years, deployment of applications in the cloud has become an industry standard. Meher Nori believes that it is very important for QA/testing organizations to understand the impact the cloud may have on them and prepare accordingly. The impact primarily involves a change in the testing strategy, and two items become very important. (1) Security testing and elasticity/scalability testing—new types of tests which previously were not so important—need to be created and executed once an application is hosted in the cloud. (2) Some traditional tests—availability testing...