World's Largest Software Testing Marketplace

Software Testing Journal

Subscribe to Software Testing Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Software Testing Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

It's that time of the year again where millions of football fanatics (and non-fanatics) will be gathered around their TV watching the biggest match of the season, Denver Broncos vs. Seattle Seahawks. Last year the big game reached over 108 million Americans, the third most watched television event in U.S. history. But what many people probably don't know is that the biggest football game of the season also crashed a ton of websites. That's right, websites. When interested customers went online to claim a promotion or to simply check out a product after the ad they were often welcomed by, "Website down for maintenance." Really? You spend $4 million on a 30 second ad but you can't get your website working? Customers weren't too happy about this and gladly expressed their frustration via social media. In an article posted by IT-World, some reasons why the followin... (more)

Gartner Hype Cycle 2012 – Emerging Technologies

Here is a summary of the Gartner Hype Cycle for “Emerging Technologies” for 2012 – what is stated explicitly, what can be inferred. This Hype Cycle is suppose provide insight into emerging technologies that have broad, cross-industry relevance, and are transformational and high impact in potential. Most crowded hype cycle on emerging technologies in last 10 years 48 technologies are listed in this year’s hype cycle which is the highest in last ten years. Last year they had 42 – year 2008 was the lowest (27) – year 2005 was the previous highest (44). What does this imply? May be Gartner is right when it says: We are at an interesting moment — a time when the scenarios we’ve been talking about for a long time are almost becoming reality. Which macro trends are stated explicitly in the report? Any Channel, Any Device, Anywhere — Bring Your Own Everything Smarter Thing... (more)

Hip? Or Hype? Load and Performance Testing from the Cloud

Assuming you haven't spent the last couple of years living under a rock, you're bound to have been bombarded with all sorts of propaganda about "The Cloud." "The Cloud," according to the marketing types, is the greatest thing since the invention of bread, surely able to solve all of our needs, whether technology-related or not. While the hype for the cloud might be frequently and frustratingly overstated and confusingly applied in odd places (can someone please explain to me the Microsoft Cloud commercial where the woman goes "to the cloud!!" so she can generate a family photo? What does this have to do with the cloud? Isn't this just Photoshop?), I'd like to discuss one place where the cloud adds a great deal of value: Load and Performance testing. In this article, I'm going to talk about the benefits of using the cloud as part of your load and performance testing... (more)

Testers Are from Mars, Developers Are from Venus

Developing with Performance Testing in Mind A tester friend of mine recently came to me with a complaint that I think is fairly common in the testing community. He said, "Every time there is a new release of the software for us to test, we have to rework our testing scripts." I've heard this complaint throughout my career, not only in performance testing but in functional testing with automation tools as well. This state of affairs arises from three fairly straightforward observations: Change is inevitable. Everything changes, and in no industry is this more apparent than software development. It makes no sense for testers to ask developers to stop changing the code, but it does make sense to encourage wise changes. Developers and testers don't always communicate well. The proverbial wall between developers and testers is still quite formidable. When developers throw... (more)

Cloud Shifts the Burden of Security to Development

The following is an excerpt from an article that Parasoft recently authored for CrossTalk, an approved Department of Defense journal... Abstract The move to the cloud brings a number of new security challenges, but the application remains your last line of defense. Engineers are extremely well poised to perform tasks critical for securing the application-provided that certain key obstacles are overcome. Introduction This paper explores three ways to help development bear the burden of security that the cloud places on them: Use penetration testing results to help engineers determine how to effectively "harden" the most vulnerable parts of the application. Apply the emerging practice of "service virtualization" to provide engineers the test environment access needed to exercise realistic security scenarios from the development environment. Implement policy-driven dev... (more)

Does Cloud Shift the Burden of Security to Development?

The following is an excerpt from an article that Parasoft recently authored for CrossTalk, an approved Department of Defense journal... Abstract The move to the cloud brings a number of new security challenges, but the application remains your last line of defense. Engineers are extremely well poised to perform tasks critical for securing the application—provided that certain key obstacles are overcome. Introduction This paper explores three ways to help development bear the burden of security that the cloud places on them: Use penetration testing results to help engineers determine how to effectively “harden” the most vulnerable parts of the application. Apply the emerging practice of “service virtualization” to provide engineers the test environment access needed to exercise realistic security scenarios from the development environment. Implement policy-driven de... (more)

Skytap and uTest Announce Webinar on Crowdsourcing and Cloud Computing

SEATTLE, WA -- (Marketwire) -- 02/03/09 -- Skytap, Inc., the leading provider of cloud-based virtual lab solutions, and uTest, the world's largest marketplace for software testing services, today announced a Webinar on how crowdsourcing and cloud-based technologies can help companies launch higher quality applications, while reducing time to market and controlling costs. The Webinar, "Better Apps with Crowdsourcing & The Cloud," will be held on Wednesday, February 11, at 11AM PT / 2PM ET. Across the software industry, companies are trying to do more with less. For C-level execs and their tech teams, this means dealing with flat or shrinking budgets, while still trying to get new versions to market quickly and maintaining application quality. Companies are now turning to online communities and cloud-based infrastructure to get the job done while reducing capital an... (more)

CTOedge: Better Collaboration Tools Than Google

Google Wave on Ulitzer Google has certainly been busy building a lot of different software tools that can be used for collaboration, including Google Docs, Google Voice, Google Sites (formerly Jotspot) and Google Calendar. But there are a number of specialized tools that are more useful than these Google services for particular circumstances. These can be big productivity boosts for enterprises. You can read the entire post in this week’s story for a new IT site called CTOedge here. ... (more)

Software Quality Best Practices: Healthy Software

Consider the following scenario-typical in many application development organizations. A major new release of an application has just gone into production. Although the development and QA teams endured many late nights of coding and testing, and consumed large quantities of delivered pizza, the project missed its ship date. Still, customers are happy with the product and are giving positive feedback. By many definitions, the team has produced a quality product. Then, a new, large business opportunity requires the rapid implementation of a significant new feature in the product. The tired and over-worked development team struggles with how, or even if, it can meet the new requirement. They are concerned that the new feature will break the existing product and predict a lengthy development cycle. Schedule overruns, tired staff, and difficulty in changing or adding f... (more)

Performing a Penetration Test on a Customer’s Network

When performing a penetration test on a customer’s network by simulating an attack and trying to find a way inside many forget there is an easier way. Many networks have well established security protection through firewalls, Intrusion Detections/ Protections Systems that will alert to your presents. Performing a vulnerability scan using tools such as NeXpose, Nessus, nmap, etc will alert many systems. By performing some research on the target and learn what the company does you can narrow your attack. By using some social engineering you can email your payload to an inspecting victim at the company that will allow you to establish a foothold thereby allowing you to further exploit their network. This can be accomplished by using the Metasploit binary payloads with Shikata-ga_nai encoding scheme. Metasploit Antivirus Bypass When making plans to email or deliver your ... (more)

Test-Driven iOS Development Book Review

This is a great book for both someone who wants to learn Test Driven Development (TDD), anyone that wants to learn how to do unit testing in Xcode, and anyone who wants to improve their designs using TDD. The author begins the book with a nice overview of the benefits of testing and how to use TDD to achieve those benefits. He then moves right into how to write unit tests and covers the tools available for unit testing. He covers OCUnit test (integrated with Xcode) in detail and introduces Google Toolkit for Mac, GHUnit, CATCH, and OCMock. He then introduces continuous integration with coverage of Hudson / Jenkins and CruiseControl. After introducing the tools, the author spends the next six chapters building an application using TDD. He starts with a specification and ends with a working application. I have listed the chapters below. Their titles explain what they cove... (more)