Tips

  • Testing in the cloud: Considering the risks

    In this tip, SSQ contributor Matt Heusser talks about the risks of cloud computing, giving the tester some strategies for questions that can be asked of cloud vendors and IT.

  • Embedded software: Testing for the most common defects

    By researching the types of bugs found in embedded software systems, Invision consultant Jon Hagar has created an embedded software error taxonomy of the most common defects in four different embed...

  • Testing for insecure file references

    Insecure file references are considered a significant security risk of Web applications. In this tip, security expert John Overbaugh explains this attack and gives instructions on how you can test ...

  • Just enough configuration management

    SSQ contributor Matt Heusser, describing techniques such as push-button build, continuous integration and push-button deploy, gives tips to help you decide just how much configuration management is...

  • Defining configuration management

    In this tip, Heusser explains that configuration management is a context-specific term, but that it ultimately means reducing the risk of failure due to change.

  • Are managers needed in Agile development?

    In Agile development, teams are self-directed. Are managers even needed or do they just get in the way?

  • Change notifications: Think big. Think social media.

    In this tip, SSQ contributor Kay Diller suggests the use of firewall-protected social media to inform your organization of changes.

  • Change management in an Agile environment

    Since the idea of Agile development is to enable and encourage product or application owners to change their minds, change management in an Agile context should be smooth and natural. Here are six ...

  • Internationalization and localization testing

    In this tip, SSQ contributor Matt Heusser explains how to test for internationalization and localization, including techniques, tools and quick attacks to weed out hard-to-find bugs.

  • The cloud: Does it fit into your business model?

    In this tip, SSQ contributor David W. Johnson discusses four factors that will help you determine whether investing in cloud computing is appropriate for your business.

  • Continuous integration in embedded software development

    This tip, the first of a two-part series, speaks to the role that continuous integration plays to help you create better releases and reduce the workload in embedded software development.

  • Continuous integration in embedded software development

    In this second part of a two-part series, consultant Howard Deiner talks about the benefits of CI, specifically when used for embedded software development.

  • To simulate, or emulate? That is the question

    Understanding the differences between simulator and emulator embedded software development tools is critical to effectively using them. This article dives into the issue and provides some suggestio...

  • Estimation approaches in Agile development

    In Agile environments, estimating is done using "story points." In this tip, SSQ contributor Chris McMahon describes how story points are used on Agile teams and how story size, velocity and iterat...

  • Agile development for embedded software

    In this tip, Agile consultant Howard Deiner describes how Agile software development can and should be done with the iteration cycles using emulators or virtualized hardware so that the benefits of...

  • Test automation: Three approaches to browser testing

    Test automation when working with Web browsers can present challenges, such as slowly-loading pages, checking for sorted data, and testing static data. In this tip, SSQ contributor Chris McMahon de...

  • Deadly sins of embedded software development & testing

    In "The Divine Comedy," Dante probably wasn't talking about embedded software development, yet developers may be guilty of committing the seven deadly sins. In this tip, consultant Howard Deiner lo...

  • STAREAST: Agile testing and defect tracking

    Defect tracking systems (DTS's) are often used in application lifecycle management (ALM) to keep track of the bugs found during software development. In this tip, Agile expert Lisa Crispin talks ab...

  • Application security that won't weaken performance

    Security is important, but what happens when adding code to address security affects performance or usability? In this tip, SSQ contributor Crystal Bedell gives three best practices experts recomme...

  • Overcoming challenges with cross-site scripting testing

    Cross-site scripting (XSS) is the most common security vulnerability in the Internet today. In this tip, security expert John Overbaugh will explain what XSS is and will show techniques to test for...