March 2016 in London, at the SIGIST March 2016 Conference, I performed the closing keynote with a talk entitled"Push your technical testing further - into technology and security"
The slides have been released to slideshare:
The blurb read:
As testers we learn how to functionally test systems. We learn to analyse requirements and test 'What' a system should do. We can take our functional testing further. We can test 'How' the system does what it does, by understanding the technology used to build the system. We will find defects and issues that we would otherwise miss. Some of the defects would normally be associated with security testing, but we will find them without learning the techniques used for security testing. This approach to testing is applicable to any Software Development methodology and doable by any tester. Alan will explain the specific steps he used to learn to test web applications and push his functional testing further. He will provide examples of tools he uses, and why he uses those tools.
Alan also describes the thought process used to find the tools so that you can identify tools for your technology stack. After this talk you will know how to increase the potential that your testing can identify deep system issues, and steps you can immediately take which will push your functional testing further.
Three key points:
- Interact with the system at a deep technological level to find more bugs. Many classified as security bugs and missed by security testing approaches.
- Tools are necessary to observe and manipulate the system, learn about some important web testing tools and how to find new tools for your technology stack.
- These skills are open to anyone prepared to put in the work to learn. Specific steps and approaches are provided as examples for learning to test web systems.
Thank you Lisa.
'methodology' doesn't matter. Process/social context might matter. Any tester can use @eviltester's techniques, need tech skills/knowledge— lisacrispin (@lisacrispin) March 15, 2016