STAREAST 2019 - Security Testing
Wednesday, May 1
Automated Security Scanning for Your Delivery Pipeline
Agile development and DevOps depend on an automated pipeline to build, test, and deploy code quickly. Security is all too often viewed as a manual task that is too difficult to automate and is left for later—not a good decision! Matt Grasberger says that by leveraging automated security scans with open source scanners, you can reduce the risk of security vulnerabilities, get the most out of your pipeline, and increase software quality. Matt will thoroughly explain and demonstrate several ways to implement automated security scans. Discover how to quickly test endpoints against SQL...
Thursday, May 2
Security Partners or Security Police?
It’s often said that with great power comes great responsibility. As technology becomes more powerful, security becomes a great responsibility. You’ve read all the books, followed the latest updates on all the blogs and forums, or maybe you just have a gut feeling that there’s a potential for disaster. As software testers, is it our job to be the security police? If you don’t protect the public, who will? Then there is the business—who is going to protect them from themselves? You go into meetings ready to save the day only to be shot down or, even worse, ignored. What went wrong? Why were...
Full-Coverage Testing in Small-Business Environments
PreviewIn small-business environments, testing is often completed in hindsight—or overlooked entirely. Chad Jung, Curtis Severance, and Kaleb Weddle will discuss the struggles and successes of ensuring a quality product from the perspectives of a developer, lead software test engineer, and software engineer in test working together on a DevOps team. They will show how to use an automated build pipeline, how to bring it all together for your team, and how to leverage developers who know the in and outs of the code better than anyone. They will discuss the pressures of releasing faster and...