The CI/CD pipeline has been adopted by many companies to streamline their software development in the last few years. After all, modern workflows exist to make everyone’s lives easier and companies more efficient. In a...Keep reading
Dynamic application security testing (DAST) is a set of testing methods that software developers use to search for security vulnerabilities in applications by simulating malicious behaviors to identify weaknesses that could be exploited. In black...Keep reading
The Test Automation Pyramid, created by Mike Cohn and popularized by Martin Fowler, has changed the way we think of software testing. It is a guide to what types and how many of each type...Keep reading
How are you addressing the challenges of API security? Recent security breaches have occurred that take advantage of APIs to steal customer data. APIs are widely used in enterprise applications. Because of that, you need...Keep reading
Static application security testing (SAST) is a way to perform automated testing and analysis of a program’s source code without executing it to catch security vulnerabilities early on in the software development cycle. Also referred...Keep reading
Many software development and verification engineers don’t truly understand why obtaining structural coverage is important. Many just do it because it’s mandated by their industry’s functional standard, and don’t take it seriously. Safety-critical systems like...Keep reading
Everybody talks about DevOps these days, and I think the principles behind it are fairly well understood. What Does Continuous Testing for DevOps Mean? The general consensus is that DevOps is “infrastructure as code” —...Keep reading
In a previous post, I offered some tips and tricks for testing Salesforce applications with Selenium. Salesforce provides a flexible development environment that allows developers to define their business logic and UI elements in an...Keep reading
On January 26, 2021, Qualys published a blog describing their findings on the heap overflow vulnerability in sudo, CVE-2021-3156, which they named “Baron Samedit”. Sudo is a central tool in many different Linux/Unix distributions that...Keep reading
Artificial intelligence has come a long way. Maybe you’ve seen the recent video of choreographed dancing robots? It’s amazing how agile and articulated these robots have become to do these fun movements with such accuracy...Keep reading
Microservices strive to break down traditional monolithic applications into small, scalable, individually deployable services. Some microservice architectures operate in a reactive environment where services can communicate asynchronously without blocking a reply. These types of microservice-based...Keep reading
Static analysis, or static application security testing (SAST), tools are a powerful way to discover defects in your codebase at the earliest stage of the development process. However, the tools used to perform that testing...Keep reading