October 2008

  • Ajax website security: Don't trust the client

    Ajax security concepts aren't new; they're just applied differently, says Web security expert Billy Hoffman. Prime concern: The client plays a bigger role, and you can't trust it.

  • ISO/IEC 17799: Code of Practice for Information Security Management

    ISO/IEC 17799: Code of Practice for Information Security Management is a generic set of best practices for the security of information systems. Considered the foremost security specification docume...

  • Overcoming SOA testing challenges

    This special report takes a look at the challenges of testing SOA applications, as well as blind spots to be aware of. It also provides tips on how to test SOA applications.

  • SOA applications bring testing challenges

    The complexity of SOA applications creates testing challenges. To address those challenges, experts recommend more collaboration across project teams, earlier involvement by testers and the use of ...

  • The consequences of overlooking SOA testing blind spots

    Overlooking SOA application testing blind spots can result in unintended consequences such as buggy, insecure applications. Experts explain what you should keep your eyes open for.

  • The future of software testing

    Should a business analyst invest time and money in software testing training or will testing jobs become scarce as more are moved offshore? Expert Mike Kelly offers his insight.

  • Be aware of SOA application security issues

    Making disparate systems work together via Web services and SOA can save money, time, and frustration. But if you aren't careful, the combination can leave you open to attack.

  • PCI compliance falls short of assuring website security

    PCI standards fall short of protecting you and your customers. Tighter standards are needed to assure website security, says Greg Reber

  • How to determine a software modeling technique

    Modeling can help you pull together the design of software. Expert Ken Willett explains this approach, as well as what to include in a software requirements specification.

  • Testing training: Disturbing behaviors of students

    Testing instructor Scott Barber is seeing some disturbing behavior from students in his training classes. They're often closed minded and rude. Scott explains what he's seeing and how situations ca...

  • Quality assurance testing vs. user acceptance testing

    There are differences between quality assurance (QA) testing and user acceptance testing (UAT), but the two test teams ought to collaborate and work together to discover issues.

  • Agile aims to bridge software requirements communications gap

    Agile software development bridges the software requirements communications gap by embracing flexibility and face-to-face communication rather than depending on documents to communicate, agile prac...

  • Elicit software requirements using a variety of techniques

    Software requirements elicitation can be challenging, but you can achieve success if you have strong personal skills and use a variety of techniques, says expert Ken Willett.

  • Performance testing: Ensure your SOA applications perform

    Performance testing service-oriented architecture (SOA) applications brings numerous challenges. Not only must you test individual services and test the services together, but you also need to cons...

  • Simulation software a cure for hospital's requirements validation ills

    The M.D. Anderson Cancer Center relies on iRise's simulation software to validate software requirements with its stakeholders. The visual models eliminate misunderstandings between users and the de...

  • Eliminating testing environment troubles

    If your testing environment uses data that complicates your testing process, you don't' have to suffer in silence. Talk with your DBA and make sure he understands your needs.

  • Browser security a concern for website development

    The number of Web browsers and the rise of sophisticated attacks against them, such as cross-site request forgery and clickjacking, complicate website development, security, and testing.

  • How to prevent HTTP response splitting

    HTTP response splitting is a serious Web attack that can wreak havoc on your Web applications. Security expert Ramesh Nagappan explains how this attack works and what professionals can do to preven...

  • Does certification really matter?

    If you want to move ahead in your career, certifications have to be on your radar. But you should learn the material rather than just focusing whatever it takes to pass the test.

  • Seven Steps to Mastering Business Analysis, Ch. 1

    Chapter 1 of Seven Steps to Mastering Business Analysis explains what business analysis is, its role in software development, the role of a business analyst, and the traits of good business analysts.