Explore older entries from the archive.
Compares automated and manual testing in the security context, arguing that while automation (scanners, static analysis) is vital for CI/CD, manual pentesting is crucial for finding complex flaws and addressing social engineering risks, emphasizing their complementary nature.
Read moreAn updated checklist for software tester skill development, emphasizing Programming, TestOps (CI/CD, networking, virtualization, cloud, IaC), Security/Pentesting, and Coaching/Persuasion as key areas for continuous improvement.
Read moreAdvocates for mentorship in software testing, outlining benefits for mentees (fast feedback, gap identification, overcoming blockers) and mentors (deeper understanding, promotion, market value). Lists ideal mentor traits and stresses continuous improvement.
Read moreIntroduces OWASP Dependency Check for Continuous Security, explaining its integration into Maven projects, running checks, interpreting reports, handling false positives via suppression files, and integrating into CI pipelines with build failure conditions.
Read moreApplies Continuous Improvement (Kaizen) to TestOps, advocating a Beginner's Mind and focusing on improving test strategy (pyramid), speed (parallelism), code quality (refactoring), automation (including infrastructure), leveraging cloud/OSS, and reading.
Read more