The Insapience of Anti-Automationism – Context Driven Testing

Wow! That is a mouthful, but well worth reading in this great and stirring article on Context Driven Testing by Cem Kaner   http://context-driven-testing.com/?p=69

This is an outstanding article on the DISTINCTIONS and False Dichotomies that need to be clarified and observed when planning and writing test cases: manual vs automated,  checking vs testing …. or ‘sapient’ (is this a new test term or is it an attempt to marketize a concept?)

“…According to the ?new doctrine?, only manual testing can be sapient. Automated tests are done by machines and machines are not sapient. Therefore, automated testing cannot be sapient. Therefore, if a tester is enthusiastic about sapient testing (whatever that is), automated testing probably won’t be of much interest to them.”

Hmmmm……

It also Invites ond, as Ron Jeffries puts it in the comments:   “…to look at the question from different angles, and the message that I get is that there is no bright line anywhere to be seen. That matches my deepest intuitions and gives me a kind of comfort.”

 

Advertisements
Sneaky Gollum

Security in 2015 – What measures will be implemented to improve it?

by ,  Sr. Quality Strategy and Delivery Advisor

Is Security in your environment covered?

  • Do you have a full rundown/analysis of the gaps you may have in your system?
  • Have you created a checklist of all:

    • touchpoints
    • protocols
    • profiles
    • methods of transmission
    • firewalls
    • frequency of sweeps
    • frequency of security monitoring status reports?
    • Do you have a network ops monitoring application?

imageThis is not the year to be avoiding the security risks afoot … not only from your own employees, random local hacker, but serious international hacking as pro-active attacks on your system. 2014 demonstrated an increase in security leaks – or might i say exposure of weak security by upstream hackers with malicious intent. Expect more of it. Breaches have been happening every year for some time. We are no longer surprised by them. It is another overload of input that we as consumers can do little to prevent.

Prevention of security leaks are up to those responsible for maintaining our private accounts and data. That they have allowed weaknesses that are gaps, and hackable, is irresponsible, unacceptable, and once leaked causes much damage financially, and personally.

What is a Threat Agent?

The term Threat Agent is used to indicate an individual or group that can manifest a threat. It is fundamental to identify who would want to exploit the assets of a company, and how they might use them against the company.  You can read more about it here:
https://www.owasp.org/index.php/Category:Threat_Agent

Here are some Highlights from Open Web Application Security Project “Attacks” references:
https://www.owasp.org/index.php/Category:Attack

Looking forward to seeing deeper security measures, and fewer assailable gaps by our financial institutions and retailers.

All comments invited.

Lack of Integrity and Moral Grounding causes breach in security for Morgan-Stanley and others

PCWorldNews-LOGO Morgan Stanley fires employee who leaked sensitive client data

By now, this is old news. by 2 days. And this is not the first or the last time…

BUT, the issue is: how to contain actions of rogue employees, who for one reason or another choose to leak data to create either fraud, embezzlement, or just outright malicious damage.

-or-

Change the hiring and training of those with deep security access.

Here is another case of actions taken by people who lack integrity or the moral certitude (to prevent them from such) that cause the rest of us to suffer either through monetary loss, or tighter security – both are reactionary, after the fact, and hard to recover…

IMG_3144Solutions? Creating higher level, invisible, security barriers around known system security? Improving morale? Creating behavioral awareness that is alert to potential disgruntled behavior? Or creating a higher standard of integrity for those with deep security access? Better background screening?

Return to integrity anyone?

Testing Is An Art And A Science

Leading a Test Project, for me is like conducting an orchestra! I love this metaphor as an overlay to the best practices of setting up, developing test phases, cycles, tests, executing the test environment and ultimately launching a product.

Sections of woodwinds, strings, horns, percussion, pianos, harps – can be likened to systems with many lines of functionality, processes and stages of preparation before the final Live Performance. Each system requires it’s own notation, dynamics and coordination with all the other systems to deliver the Theme.
System Integrations (Section Rehearsals) must be completed before the End To End (Full Rehearsal) can be fully performed, and Dress Rehearsals are the UAT when the last minute updates to the Score (Test Cases, and Process Flows) get penciled in.

It is the art of planning, coordination, testing the same components again and again until the kinks are worked out with developers, and seeing all the working parts come together as a final product that brings a deep sense of satisfaction to all the teams participating in the launch.

The art and science of Testing is very much like the Art and Science of composing and playing music. Having studied Composition and Theory in College, and years of professional performance, I never dreamed I would one day be conceiving Test Strategies and Test Plans, leading Technical Testing projects – some lasting several years. I believe learning to conceive and produce a musical piece from beginning to end – has allowed my approach in understanding and alignment of systems, dynamics, specific ranges of capabilities for each component – come together into a symphony of functional processes that deliver a final outcome desired by the Client.

Even IBM has done studies on the compatibilities between music and IT, and has noted that many formally trained musicians gravitate and succeed in the complex technical world of development and testing. I feel this approach, while creative, is also formed by the formal training and experiences in Quality Assurance and Testing best practices. In any event, Music and Quality Assurance are disciplines that require years of study, practice and dedication to fully mature into a well rounded and competent delivery process.

I wouldn’t have it any other way!