Two JDS consultants were invited by the Australian and New Zealand Testing Board to present topics at the ANZTB Test 2009 Conference in Sydney this month.
The presentations by Linden Darling and Stuart Moncrieff were well received by the conference delegates.
The presentation outlines are provided below…
Performance Testing Web 2.0 (Stuart Moncrieff)
Web 2.0 presents new technical challenges for performance testers. The rise of SOA and Web Services, and the increasing popularity of rich client-side technologies like Ajax means that the current generation of performance testing tools don’t give the entire picture. Learn what you, as a performance tester, can do to more effectively test Web 2.0 applications.
- Why protocol-level tools don’t give you everything you need, and some tools to fill in the gaps.
- Measuring client-side performance for rich web applications.
- Testing Flash-based web applications.
- Testing applications that use a Service Oriented Architecture.
- Load testing applications which have dependencies on external web services.
- Limiting the performance impact of exposing a web service for others to use (don’t get mashed by mashups).
With a combination of new tools and new techniques, performance testers can supplement their existing web-based performance testing abilities to embrace emerging Web 2.0 applications.
- Slides for Stuart’s presentation are available in the JDS Tech Tips section
Web Application Security Testing (Linden Darling)
With the onset of massively deployed automated attacks at the Web Application-level and a plethora of bad news wraps for organisations around the world suffering the data breach bite, the security of web applications has been increasingly under the spotlight in recent years. Testing for security vulnerabilities necessitates a different skill set and approach to, while historically being outside the scope of, QA Testing and Performance Testing. This paper aims to introduce the cause and symptoms of Web Application Vulnerabilities, highlight some of the pressing legal and legislative motives for Web Application Security Testing, and discuss some of the methods involved in planning for and conducting Web Application Security Testing.
- Overview of common Web Application Security Vulnerabilities
- Legal motivation for Web Application Security Testing
- Methods and Tools for Web Application Security Testing
- Embracing and Automating Web Application Security Testing
- Handling Vulnerability Results
This somewhat new and emerging stream of application testing offers opportunities to the testing community, testers will work better alongside and within this discipline having a solid understanding of its principles.