Software Quality Experts to answer your questions | Page 15
  • What is needed to define software security requirements

    There are important distinctions between security requirements and security controls, as well as the expertise needed to define and satisfy each. In this expert response, Sue Burk offers a clear de...

  • Define security requirements and manage risk in SDLC

    Defining business security requirements is a collaborative effort, involving the participation of architects, business analysts and regulatory bodies. There is no black-and-white answer about achie...

  • What does "security testing" of my application mean?

    What does a manager mean by "security testing"? In this response, expert Pete Walen offers insights into the broad category of application security testing and also recommends asking for clarificat...

  • How is a burndown chart used in Agile development?

    Agile development teams are experimenting with various tools and processes to find what works best in their particular situation. In this expert response, Lisa Crispin explains what a burndown char...

  • Agile project management tools: Burndown charts

    High-functioning Agile teams realize the importance of the appropriate requirements tracking tools. Read this expert response from Lisa Crispin to learn alternatives to burndown charts such as stor...

  • When to classify security testing tools as ALM tools

    Application security testing tools can sometimes be considered part of the ALM tool set, and sometimes they fall under the category of the security management process. Read this expert response to ...

  • How to best security test your applications

    Security testing is an important factor in the application development process, and fortunately there are specialists who work to ensure that applications are as secure as possible. However, it can...

  • How to overcome the challenges with requirements

    Expert Sue Burk identifies the top challenges in accurately defining requirements as the challenge of involving the appropriate decision makers and subject matter experts in requirements developmen...

  • Understanding the dependencies between requirements

    Prioritizing user stories for each iteration in a Scrum environment can be challenging if the project owner does not understand the dependencies between requirements. In this expert response, Lisa ...

  • How user stories help to define software requirements

    User stories play an important role when defining requirements and they also contribute to living documentation during the software development process. In this expert response, Lisa Crispin offers...

  • Mapping software requirements to test cases

    Even though you must have at least one test case per requirement, it's possible not to have a one-to-one mapping between each requirement and test case. In this response, expert Sue Burk explains h...

  • Tracking changes to requirements in Agile development

    All development teams need to track requirements changes, but depending on the software development lifecycle and overall ALM process, the best approach to change tracking may not be the same acros...

  • How to select your ALM requirements management tool

    Choosing an appropriate ALM requirements management tool comes with many challenges. Sometimes defining requirements may be close to impossible. For situations when requirements can be defined, exp...

  • Recommended reading for mobile Web design and testing

    There are so many resources out there about the ever-changing world of Web design and mobile testing, but to choose the most salient and insightful books and sites can be tough. In this response, e...

  • Strategies for optimizing browser compatibility testing

    In this expert response, consultant Karen Johnson describes strategies she uses for browser compatibility testing. Experience and knowledge of common vulnerabilities and developers' preferences can...

  • Penetration testing and other security testing

    It can be hard to keep pace with the various types of security testing required in today's complex and often dangerous Web environment. In this response, expert John Overbaugh explains some of the ...

  • When and how to perform penetration testing

    Hackers are increasingly sophisticated in how they exploit weaknesses in network and Web application security. In this response, expert John Overbaugh explains the importance of penetration testing...

  • Security requirements for any Web application

    When verifying security on your Web application, there are some general considerations that everyone should check off the list. Expert John Overbaugh offers insight into application security standa...

  • Security testing early in the development lifecycle

    While it seems that testing in the production environment is the most crucial, there are also several important aspects of application security testing that should take in the early phases of devel...

  • How to gain acceptance of organizational change

    Any organizational change can meet with internal resistance. In this response, SSQ Site Editor Yvette Francino offers advice on how to win buy-in from those affected through honest communication an...