London software testing news UK

Microsoft is testing its “Live Mesh” cloud computing technology

Posted in Software testing by testing in London on April 29, 2008

From Computer Weekly

The technology allows users to quickly access pictures, documents, video and other data stored across multiple machines in different locations.

Live Mesh uses the internet as a data hub, synchronising files across computers, phones and other devices.

Around 10,000 US testers will initially use the technology on Windows-based computers, but the beta testing will be extended to Apple PCs, mobile phones and other devices in the coming months, said Microsoft.

As well as allowing consumers to easily access and share information, Live Mesh could also be used by firms to easily distribute information to authorised users registered to the system.

The beta is expected to be extended to users outside the US before the end of the year.

Resources software testing

Testing an outsource of software development is secure

Posted in Software testing by testing in London on April 28, 2008

From IT DIrector

According to Ounce Labs, the following are some best practices that organisations should follow when outsourcing software code development:

  • Define upfront what is meant by security, including the security environment in which the application is to be used and what other resources could be exposed by a security vulnerability, and include the definition in the contract put in place
  • Validate the security mechanisms to be used upfront and set requirements for their use
  • Ensure that the third party is using software coding best practices and that they are documented and validated
  • Demand proof of the level of training, skills and security awareness among the third party’s development staff
  • Ensure that expectations are laid out in the service-level agreement, including milestones and deliverables
  • Define acceptance criteria for the security of applications delivered
  • Provide a list of the most critical flaws that are deemed unacceptable
  • Mandate measures for certifying that code is secure, including the use of automated testing tools
  • Define steps required in the audit process and ensure that all code is audited and certified before payment is made
  • Ensure that the right to audit code and perform security checks is written into the contract
  • Define processes for remediation by the third party and ensure that responsibility for bearing the costs of remediation or legal liability, even after the application has been delivered, are written into the contract
  • Specify in the contract that security checks and monitoring will be continued throughout the lifecycle of that application and lay out the third party’s responsibility for fixing flaws found at a later date.

Outsourced software testing quality assurance

Skype test mobile version

Posted in Software testing by testing in London on April 27, 2008

From Telecom paper

Skype has released a beta version of Skype for your mobile, a mobile thin client that works on about 50 of the Java-enabled mobile phones from Motorola, Nokia, Samsung and Sony Ericsson. The beta version of Skype for your mobile is available with a feature set that includes chat, group chat, presence and receiving calls from Skype users and through SkypeIn. Additional features, which include the making of Skype-to-Skype and SkypeOut calls from the mobile handsets, are initially supported in seven markets, which include Brazil (Rio de Janeiro), Denmark, Estonia, Finland, Poland, Sweden, and the United Kingdom. This public testing phase is expected to last several months, after which a public version of the application will be made available to mobile phone owners.

Testing solutions for the telecom sector

A service for testing customer experience

Posted in Software testing by testing in London on April 26, 2008

From Sourcewire

Epitiro, the leader in comparative broadband benchmarking, today announces ISP-I™ Reportal, a new website testing enhancement to the company’s portfolio of broadband benchmarking solutions. Businesses that depend on their websites for effective communication and e-commerce will now be able to fully understand the true on-line customer experience and address performance issues.

ISP-I™ Reportal is the first website testing solution to be located on multiple consumer broadband (DSL, Cable, Wireless, WiFi) networks thus enabling a true and accurate analysis of a website’s performance from the end user perspective. ISP-I™ Reportal conducts testing via the leading ISPs worldwide and uses popular browsers, including Internet Explorer and Firefox, to measure response times, security levels, page flows and other transactions that affect the customer experience. The comprehensive analysis is performed using Epitiro’s extensive deployment of edge-based agents.

“In order to get a consumer view, it is essential that customer experience testing is performed at real end-user locations and not some technically or logistically convenient mid-point sited within the carrier network or data center.” said JP Curley, Technical Director, Epitiro. “ On-line experience is dependent on both the website design as well as variables beyond the control of a business such as an ISP’s traffic management policies, the browser a customer uses, and of course, the customer’s location. With ISP-I™ Reportal, businesses will now have visibility of their customer’s on-line experience and be able to make immediate improvements.”

Pen testing regulatory body launched in London

Posted in security testing by testing in London on April 25, 2008

From Heise Online

The Council of Registered Ethical Security Testers (CREST) was formally launched at the Infosecurity Europe expo in London. Born of the recognition that there was no assurance framework for security services providers in the private sector analogous to the government CLAS scheme, CREST was initiated in early 2007 to provide a “kite mark” for security testers serving commerce and industry.

Consultation with security testing professionals revealed that there were at that time no defined standards or formal tests of competence. Around 30 specialist companies therefore pooled resources to develop a framework of standards and examinations that would serve as a common criterion of competence for both companies and individuals. Processes were then developed to support the framework. The initiative is well supported in government circles. The examinations have been accepted as comparable with CLAS lead auditor qualifications – to the extent that a pass in the CREST exam qualifies the recipient, as if under CLAS, to work on government projects.

The consortium went live in early 2008 as a not-for-profit organisation offering technical examinations for individuals and an assurance framework for companies to apply to validating their staff on commercial and ethical criteria. Two tracks of examinations for individuals are currently offered: infrastructure testing and application testing with an emphasis on web applications. The examinations are in three parts: a black box practical, a multiple choice theory paper drawn from a large pool and a discursive answer theory paper. The latter, although currently unusual in technical examinations, was included specifically to validate the communication skills of candidates, as this is seen as a critical component of the consultancy role.

IBM to test new computer for large data centres

Posted in Software testing by testing in London on April 24, 2008

From Reuters

IBM plans to unveil a new type of computer for big data hubs operated by so-called Web 2.0 companies, the Wall Street Journal reported on Wednesday.

IBM’s iDataPlex line is due for sale next month and is meant for companies that buy vertical racks with dozens of servers based on Intel microprocessors, the report said.

The line is aimed at fewer than 1,000 customers worldwide, according to the Journal report.

Early testers of the unit include Yahoo Inc and Tencent QQ, a Chinese company. IBM has deployed about 300 units for testing, and the vice president for its enterprise systems group, Jim Gargan, told the Journal he expected large sales.

Software development testing

Quality Assurance speeds up project delivery

Posted in Software testing by testing in London on April 23, 2008

From ITWeb

In addition, testing, independent of a broader quality assurance strategy, is not enough to ensure that a deliverable will be aligned with actual requirements and that the applications released into the operational environment will be made to an acceptable performance standard and level of reliability.


Because a quality assurance methodology includes identifying the development tools – such as fault logging, source code repository, document repository, and automated testing – to use.

It defines the standards to be adhered to – including coding, naming conventions in the database, and report layout.

It defines the software development process – including the controlling of change.

It stipulates the application release process – and should cover software builds, database changes, environment changes, and document updates.

Naturally, it will define the testing methodology, covering everything from test definition and planning to testing techniques

And, it should contain a full set of documentation templates for each step in the process – from a fault or bug report and a test strategy to document templates for requirements, minutes and plans.

Testing and Quality Assurance Services

Empirix QAZone Celebrates One-Year Anniversary

Posted in Acceptance testing by testing in London on April 22, 2008

From PR Web

Empirix® has announced a number of significant milestones in celebration of the one year anniversary of QAZone, a unique online community dedicated to fostering communication and collaboration among QA and IT professionals, which was launched in April 2007. Since that time, the site has welcomed nearly 425,000 unique visitors and more than 1,300 of these visitors have become active QAZone members. Plus, more than 500 documents have been uploaded and 2,000 messages have been exchanged in QAZone Forums. Today, QAZone is linked with all major QA sites and communities–including Microsoft Test Center, SQAForums, Agile/Yahoo testing communities, and QA-centric blogs–as well as with QA-centric organizations such as WOPR, SQNE, ASQ, and PSQT.

QA Community Turns to Empirix for Resource Center, Collaboration and Career Development
Since its inception, QAZone has had a significant impact on Empirix and the QA community and offers a number of programs and resources utilized on a regular basis by its growing and active members:

  • Resource Center houses more than 500 whitepapers, articles, and interviews with industry experts and visionaries, including James Bach of Satisfice Inc.; Rex Black, president of the International Software Testing Qualifications Board and the American Software Testing Qualifications Board; Paul Gerrard from; Anuradha Biswas, associate vice president of Independent Validation Services at Infosys Technologies; Scott Barber, author of Performance Testing Guidance for Web Applications; and Bob Galen, president and principal consultant of RGCG.
  • Testing as a Professional Career is dedicated to supporting members’ efforts to enhance their careers. Using information in this section, members can refresh their QA basics, learn how to communicate the value of testing, or find out how to improve processes and avoid common pitfalls.
  • Empirix’s e-TEST suite Advantage Certification Program was developed in response to requests from QAZone members. Designed specifically for QA professionals, consultants, and software testers, the e-TEST suite Advantage Certification Program enables participants to strengthen their professional credentials while ensuring they have a solid understanding of the e-TEST suite.

Quality assurance testing

Free security testing tools

Posted in testing tool by testing in London on April 21, 2008

From Search Security

You can and should do some basic security testing from your Windows handheld devices, such as smart phones and PDAs. There are free testing tools available but these won’t necessarily work on every version/model of Windows handhelds. You’ll have to read the fine print to see if your platform is supported. But if it is and you have a wireless network connection on your device with a supported wireless adapter, you should be good to go.

Here are some tools to check out:

  • NbtstatCE — a tool for enumerating NetBIOS name tables on remote Windows systems
  • Netcat 4 wince — a tool for port scanning and establishing outbound and inbound TCP/UDP connections on a Windows system
  • vxUtil — an all-in-one tool for gathering Windows DNS information, port scanning, ping and traceroute, whois lookups and more
  • MiniStumbler — the handheld version of the popular NetStumbler wardriving tool
  • WiFoFum — an alternative to MiniStumbler with GPS support as well (compatible with Windows Mobile 6)
  • GSFinder+ (and theoretically any search tool on a networked handheld) — a tool for connecting to Windows network drives and searching for sensitive unstructured information that’s not stored securely. I’m a big fan of using text search tools as a security and compliance tool as I outlined in my tip, The problem with unstructured information. It’s often overlooked, but unstructured, unprotected information stored in files across the network is a big security problem. Now you can perform this critical task from the palm of your hand.

Software testing resources

Results of a testing survey

Posted in Software testing by testing in London on April 20, 2008

From Infoworld

IDT, a company that specialises in Automated Software Testing recently conducted a one year software testing survey which concluded that among other statistics, some 50 – 75 percent of the software development lifecycle is spent on testing related efforts. With recent enhancements to Rhapsody TestConductor™, an integrated model-based testing solution, C developers can now detect and eliminate software defects earlier in the development cycle when they are less costly to fix. Rhapsody TestConductor facilitates unit and integration testing by automating many manual test procedures and decreasing the time needed for testing. It executes tests in single or batch mode, determines the success of the test, and creates a report, enabling developers to collaborate more easily and bring products to market more rapidly. Rhapsody TestConductor is based on the Unified Modeling Language™ (UML®) Testing Profile, enabling tests to be easily linked to design requirements captured in Rhapsody or in Requirements Management products such as market leading Telelogic DOORS®.

“Model Driven Development techniques help engineers become more efficient with the potentially time-consuming tasks of test creation and execution, as well as document creation,” said Greg Sikes, Executive Vice President, Modeling Solutions, Telelogic, An IBM Company. “With Rhapsody, engineers immediately gain a better understanding of their software and systems architecture and functionality, while operating in a more open and flexible environment with improved team communication.”

Next Page »