News
Last changed: 85.187.136.203
.

Open Source Security Testing Methodology Manual

You need to implement security testing strategy in your application and you do not know where to start from?

The Open Source Security Testing Methodology Manual will help you make the first steps in that area leading you to a complete solution.

The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases.

A new version will be available soon. Keep an eye on our feed.

Here to download the latest document.

>> 19-MAR-2007 <<

SPI Dynamics: On-Demand Webcast - "How Prevalent Are SQL Injection Vulnerabilities?"

During this on-demand webcast, you will learn:

-The risk posed by SQL injection

-How atackers leverage search engines to identify websites vulnerable to SQL injection

-How the Google API can be used to build an automated tool for identifying SQL injection

-Emperical evidence demonstrating the prevalence of SQL injection vulnerabilities on the Internet

-Secure programming techniques for protecting websites from SQL injection

Here to register and view.

>> 29-FEB-2007 <<

SPI Dynamics also give 15-day evaluation copy for all attendees.

TestComplete5 now supports testing of Windows Vista applications.

As they say on their website: "TestComplete offers systematic, automated, and structured testing, with superior support for .NET, Java, Visual C+, Visual Basic, WPF (XAML), Delphi, C+Builder and web applications. With TestComplete you can also test PowerBuilder, FoxPro, Access and other applications."

So if you've already written your first Vista application, you may automate its testing with Test Complete 5.

Trial download is availiable here.

>> 29-JAN-2007 <<

An Object-Oriented framework for IBM Rational Functional Tester

If you are using Rational Functional Tester for automating your tests, you can find this article very useful. It presents three-tier architecture for creating and managing the test cases. Common problems like continually growing object map are reduced by using such framework.

You can find it here.

>> 10-JAN-2007 <<

Interesting presentation by Ted Neward about Java and .NET Integration Strategies

You can see it here.

>> 05-DEC-2006 <<

Webinar "Key Metrics to ensure a quality process"

Here you can find information about key quality assurance metrics.

The webinar is organized as discussion and covers metrics like:

        -Code coverage percentages
        -Coding standards compliance
        -Defect counts by status
        -Releases defect levels
        -Reuse effectuveness
        -Unit test densityа
        -Software complexity

We hope that you can find the webinar useful. (there is no need to register or give any information)

>> 01-DEC-2006 <<

HP Closes Mercury Acquisition

HP today announced that it has completed its acquisition of Mercury Interactive Corp., the largest software acquisition in HP’s history. The offer was on an enterprise value of approximately $4.5 billion.

This happened a few years after companies with such magnitude made similar reunion - IBM and Rational Software.

What to expect next?

>> 22-NOV-2006 <<

World Usability Day

Today, November 14, 2006 is World Usability Day. World Usability Day 2006 promotes the value of usability engineering and user-centered design and the belief that every user has the responsibility to ask for things that work better. You can find more on the official site of the event

>> 14-NOV-2006 <<

TestDriven.NET version 2.0

TestDriven.NET version 2.0 which is compatible with all versions of the .NET Framework was released last week. TestDriven.NET is a unit testing plug-in for Visual Studio. It can be integrated in all versions of Microsoft Visual Studio .NET and supports multiple unit testing frameworks including NUnit, MBUnit and Visual Studio Team System.

>> 06-NOV-2006 <<

Testing AJAX applications.

Will the commonly used automated testing tools be able to test AJAX applications.

We played a little with Visual Studio 2005 Team System and Gmail and created Web test that saves an email message as a draft. The record/playback mechanisms won't be applicable for testing AJAX. The recorded scripts should be modified at least to wait() (or pause() or sleep(), or whatever command the tools uses) because of the asynchronous nature of the Ajax calls.

The guys at ThoughtWorks say that their tool Selenium will manage to test AJAX applications even on different browsers and on different platforms. You can read the article here

>> 01-NOV-2006 <<

ASP.NET AJAX beta released..

ASP.NET AJAX is a free framework for quickly creating a new generation of more efficient, more interactive and highly-personalized Web experiences that work across all the most popular browsers.

You can find more here

Btw why did Microsoft change ATLAS codename for this framework?

>> 30-OCT-2006 <<

A tool for GUI testing flash applications

Do you know that there is no any commercial tool for testing flash applications? The only one I found googleing the net was this interesting discussion in the google groups see here words that surprised me were: "THE BEST WAY TO TEST FLASH PRODUCT IS MANUALLY."

Why haven't anyone started writing such a tool? Is it so hard or it just won't return the investments?

Anyway, the tool that I found in the net was something called AutoTestFlash. You can find it here Sorry but we still cannot give you any feedback about how the tool behaves. Maybe someone will find it usefull.

>> 15-OCT-2006 <<