API Security Testing – How to Hack an API and Get Away with It (Part 3 of 3)

HackYourAPI9

  The first two installments in this series have set us well on our path to API security/intrusion nirvana; we first got to grips with current API technology basics, moved on to API Attack surface detection and then looked at a series of common and potent … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 2 of 3)

467236477

  In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This second post covers the anatomy of some of the most common API security hacks. In our last post, we … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 1 of 3)

Hack Your Own API

In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This first post will highlight 3 key aspects you will need to understand when hacking an API: API technologies, … [Read more...]

The Importance of Writing Testable Code

488646693

We recently sat down with the testing team at Infinio in Cambridge, MA to learn how they have implemented their test automation strategy. The cool thing about their strategy is that the whole development team (developers and testers) work together to create testable code … [Read more...]

Best Practices of Context-Driven Testing

best-practices-context-driven-testing

First of all, before anyone’s head explodes, let me explain what I mean by “Best Practices.” I know that, particularly in the realm of context-driven testing, this term is looked upon as a major misnomer that is only spewed by the ignorant and uneducated. But I don’t think … [Read more...]

Testers Should Enable Projects and Empower Developers

dawn-haynes-enable-projects-empower-developers

In this video, Dawn Haynes, Principal Trainer and Consultant at PerfTestPlus, Inc., explains why it is crucial for testers to give both positive and negative feedback constructively and gives advice for testing teams  who are trying to avoid being "project boat … [Read more...]

Hiring Successful Testers

keith-klain-hiring-successful-testers

In this video, Keith Klain, COO at Doran Jones, explains the mindset he looks for when he interviews potential candidates for his testing team. See also: Software Testing is a People Problem Let It Go (Software Edition)  Hunt for Information, Not … [Read more...]

Uncovering Programming Talent through Gamification

developer-gamification

Sometimes the only way to find the right person for a job is to lay down the gauntlet and make each candidate prove his or her worth. This has clearly become the thinking at many of today’s leading tech companies when it comes to distinguishing contenders from pretenders in … [Read more...]

Who Should Review My Code?

who-to-invite-to-code-review

Choosing who to include in a review of your code is an important part of the development process. In larger organizations, you may have code review teams consisting of a manager, a security expert, a few more senior developers and a few younger developers. Less formal teams … [Read more...]

How to Disagree without Being Disagreeable

disagree-without-being-disagreeable

In our jobs as programmers, sometimes you have disagreements with other people about how something should be done. How you handle those disagreements affects your work life, how much you enjoy your job, and your career prospects. Whether it's disputing time estimates with … [Read more...]