STAREAST 2019 - Security
Customize your STAREAST 2019 experience with sessions covering security for software developers and testers.
Monday, April 29
Blockchain Quality: Securing Trust in a Digital Age
NewBlockchain technology introduces decentralized, distributed, cryptographically linked digital structures that record information across many computers. Due to its highly secure structure, blockchain is growing at a rapid pace in the financial and automotive industries, and adoption is starting in other industries. We are also witnessing the rise of the smart contract, a set of immutable programmatic auto-enforcing rules that live on the blockchain. However, although there are many benefits, blockchain introduces a unique set of testing and quality concerns. For example, race conditions and...
Tuesday, April 30
Introduction to Selenium
Knowledge of Selenium, the industry-standard tool for testing web applications, is a much sought after skill in today’s world of test automation. If you want to learn Selenium, then this full-day tutorial provides a great start. Max Saperstone shows you how to build test automation using Selenium. But he doesn’t stop there. He uses his years of experience to show you how to build automation that is clean, robust, and easy to maintain. Max introduces other tools that work with Selenium to help manage the data used to drive your tests, evaluate JavaScript-heavy applications, manage your test...
Wednesday, May 1
Automated Security Scanning for Your Delivery Pipeline
Agile development and DevOps depend on an automated pipeline to build, test, and deploy code quickly. Security is all too often viewed as a manual task that is too difficult to automate and is left for later—not a good decision! Matt Grasberger says that by leveraging automated security scans with open source scanners, you can reduce the risk of security vulnerabilities, get the most out of your pipeline, and increase software quality. Matt will thoroughly explain and demonstrate several ways to implement automated security scans. Discover how to quickly test endpoints against SQL...
Excuse-Free Testing: An Open Source Tool for Simpler CI Integration
PreviewThe goal of continuous testing is to find defects earlier in the development lifecycle and release software faster to the market. This can be achieved by integrating open source functional and performance testing tools in the early stages of your software delivery lifecycle. Klaus Neuhold will explain how to integrate the open source test automation framework Taurus, and other tools such as JMeter and Selenium, as a CI step in Jenkins pipelines, so that these tools can be triggered as part of everyday code commits or builds. Taurus can run a large variety of tests and has reporting...
Thursday, May 2
The Era of Intelligent Testing
Existing QA solutions were built for a world where software changed infrequently. Highly adopted tools such as Selenium, Appium, and JUnit require a specialized skill set and too much maintenance, once you start factoring in the brittle nature of tests and the infrastructure required to run tests at scale. But there is still hope for QA in machine intelligence. Next-generation AI tools are here to help QA keep up with the agility of modern software delivery practices in two ways: by enabling manual testers who don't know how to code to automate, and by easily automating repetitive tasks so...
Security Partners or Security Police?
It’s often said that with great power comes great responsibility. As technology becomes more powerful, security becomes a great responsibility. You’ve read all the books, followed the latest updates on all the blogs and forums, or maybe you just have a gut feeling that there’s a potential for disaster. As software testers, is it our job to be the security police? If you don’t protect the public, who will? Then there is the business—who is going to protect them from themselves? You go into meetings ready to save the day only to be shot down or, even worse, ignored. What went wrong? Why were...
Lessons Learned Automating Cloud and Infrastructure Testing
As organizations embrace DevOps and IT value chain automation, we are seeing the explosive growth of infrastructure-as-code capabilities, fueled by cloud scripting technology. As infrastructure-as-code capabilities evolve, what role does testing play? Especially for continuous testing, when it comes to infrastructure provisioning and configuration? How does this approach integrate with other traditional forms of testing, such as unit, integration, and systems testing? Join Joseph Ours as he presents what he's learned about infrastructure-as-code and provides live demonstrations for...
Friday, May 3
Failing and Recovering
PreviewDo you ever feel you have lost confidence in your own abilities? Why does this happen? Isabel Evans spends a lot of time painting. Someone once commented, “Why are you doing this, when you are not very good at it?” And gradually she stopped drawing and painting, after being intimidated by a conventional vision of what good art should look like. At the same time, she experienced a parallel loss of confidence in her professional abilities. Attempting creative pursuits like drawing and painting is essential to cognitive, emotional, creative abilities and she began to understand the...