SlideShare a Scribd company logo

Defeating the Headless Horsemen of Faulty Apps

Parasoft
Parasoft

The Legend of Software Hollow: Defeating the Headless Horseman of Faulty Applications Software defects are like the headless vengeful spirit of yore terrifying customers and laying waste to all that cross its path. How do you rein in quality issues that affect the safety, security, and reliability of your applications? You can take the Brom Van Brunt approach and attempt to test quality into the application using brute force. But without applying process-based policies, it’s only a matter of time before faulty software rears its ugly . . . uh . . . neck? The Ichabod Crane-like alternative is a much more effective way to banish software defects forever. In this special Halloween webinar, we’ll discuss how an automated application of software quality activities can help you survive releases as the Headless Horseman of software quality issues attempts to ride through your application.

Software
1 of 26
Download to read offline
Parasoft Copyright © 2016 1Tweet @Parasoft #SoftwareHollow 2016-10-31The Legend Of Software Hollow Defeating the Headless Horsemen of Faulty Applications
Parasoft Copyright © 2016 2Tweet @Parasoft #SoftwareHollow 2 Open and hide your control panel Join audio: • Choose “Mic & Speakers” to use VoIP • Choose “Telephone” and dial using the information provided Submit questions and comments via the Questions panel Note: Today’s presentation is being recorded and will be provided within 48 hours. Your Participation GoToWebinar Housekeeping
Parasoft Copyright © 2016 3Tweet @Parasoft #SoftwareHollow 3 Your Presenter Arthur “Code Curmudgeon” Hicken has been involved in automating various practices at Parasoft for over 20 years. He has worked on projects including database, the Software development lifecycle, cybersecurity, web publishing and monitoring, and integration with legacy systems. Arthur has worked with IT departments in companies such as Cisco, Vanguard, And Motorola to help improve their software development practices. The Code Curmudgeon’s goal is to scare you into improving your application quality and security.
Parasoft Copyright © 2016 4Tweet @Parasoft #SoftwareHollow 4 Win a Parasoft Shirt  Show us your costume  Tweet @Parasoft #SoftwareHollow  Mail costume picture to webinar@parasoft.com  Winner will be chosen and random Tweet: @Parasoft #SoftwareHollow
Parasoft Copyright © 2016 5Tweet @Parasoft #SoftwareHollow 5 Agenda Halloween Fun Dangers lurking Lessons learned from others
Parasoft Copyright © 2016 6Tweet @Parasoft #SoftwareHollow 6 Story Overview
Parasoft Copyright © 2016 7Tweet @Parasoft #SoftwareHollow 7
Parasoft Copyright © 2016 8Tweet @Parasoft #SoftwareHollow 8 Headless Horseman and Software Relentlessly attack Security Performance •Negative attack •Too much success Quality •if it can break, he’ll break it Bad user experience •Do they give up and run away?
Parasoft Copyright © 2016 9Tweet @Parasoft #SoftwareHollow 9 Poll #1 • What is your biggest software scare? • Missing deadlines • Software failing after release • Competition • Being hacked
Parasoft Copyright © 2016 10Tweet @Parasoft #SoftwareHollow 10
Parasoft Copyright © 2016 11Tweet @Parasoft #SoftwareHollow 11 Villagers  Fearful  Belief in legends rather than facts  Not well prepared  (Money instead of action?)  Avoid the problem or addressing it
Parasoft Copyright © 2016 12Tweet @Parasoft #SoftwareHollow 12 Villagers release plan  Write the code  Poke at it and see if it works  It’s ready because “Developers feel it”  Celebrate
Parasoft Copyright © 2016 13Tweet @Parasoft #SoftwareHollow 13
Parasoft Copyright © 2016 14Tweet @Parasoft #SoftwareHollow 14 Katrina Van Tassel Beauty / proud of appearance • UI over quality Rich / Fortune • No attention to bottom line Whimsical • Sometimes does the right things • Inconsistent Pampered • Throw the code over the fence
Parasoft Copyright © 2016 15Tweet @Parasoft #SoftwareHollow 15 Who is Katrina?  Overly agile (flirting with too many things, – never promised)  Ultimately unsure – without vision  Short-term success but nothing long term
Parasoft Copyright © 2016 16Tweet @Parasoft #SoftwareHollow 16
Parasoft Copyright © 2016 17Tweet @Parasoft #SoftwareHollow 17 Brom Bones (Abraham Van Brunt) Willing to battle •Bugs in the field Physically fit over brains •Pen test over static analysis Practical joker – full of mischief •Easter eggs leading to potential exploits Lied about exploits vs Horseman •No metrics for readiness Doesn’t believe in ghosts •Which doesn’t help him in the end •You may think security doesn’t matter, but it does.
Parasoft Copyright © 2016 18Tweet @Parasoft #SoftwareHollow 18 Who is Brom? Agile to a fault Constant re-work Do what’s interesting or fun Avoid boredom Ultimately missing real success
Parasoft Copyright © 2016 19Tweet @Parasoft #SoftwareHollow 19 Poll #2 • Which of the following do you do all the time: • Static analysis • Peer review • Unit test • Performance test • Penetration test
Parasoft Copyright © 2016 20Tweet @Parasoft #SoftwareHollow 20
Parasoft Copyright © 2016 21Tweet @Parasoft #SoftwareHollow 21 Ichabod Crane Schoolmaster • Ongoing education Not physically fit • No brute techniques Brainy • Work smarter Steady • Do the tedious tasks like static analysis Eager to help • Peer review and pair programming Ladies man • Wanted users to have good experience Do the right thing rather then be brave
Parasoft Copyright © 2016 22Tweet @Parasoft #SoftwareHollow 22 What Ichabod does ALL THE TIME Static analysis Unit test Peer review Functional test Load test Security – static and penetration Coverage Metrics
Parasoft Copyright © 2016 23Tweet @Parasoft #SoftwareHollow 23 Honorable Mention – Johnny Depp Detective Never gives up Seeking the root cause rather than simple fixes
Parasoft Copyright © 2016 24Tweet @Parasoft #SoftwareHollow 24 In the End  Brom and Katrina forced to merge to save money  Ichabod moved on to a more successful company and was a large success and became a household name
Parasoft Copyright © 2016 25Tweet @Parasoft #SoftwareHollow 25 Conclusions Delivering software can be scary! • And dangerous! Ad hoc approach fails in the end Basic quality practices succeed • Thorough measured testing • Static analysis • Metrics • Peer review Prepared for security, compliance, safety
Parasoft Copyright © 2016 26Tweet @Parasoft #SoftwareHollow 26  Blog: http://alm.parasoft.com  Web: http://www.parasoft.com/jsp/resources  Facebook: https://facebook.com/parasoftcorporation  Twitter: @Parasoft @CodeCurmudgeon  LinkedIn: http://www.linkedin.com/company/parasoft  Google+ Community: Continuous Testing Nov 7-9 – QCon San Francisco Nov 16 – Testing Microservices Nov 16-17 – Better Software East

Recommended

Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service VirtualizationParasoft
 
AppsSec In a DevOps World
AppsSec In a DevOps WorldAppsSec In a DevOps World
AppsSec In a DevOps WorldParasoft
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software ComplianceParasoft
 
No Devops Without Continuous Testing
No Devops Without Continuous TestingNo Devops Without Continuous Testing
No Devops Without Continuous TestingParasoft
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousParasoft
 
Deploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsDeploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsParasoft
 
Accelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestAccelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestParasoft
 

Recommended

Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service VirtualizationParasoft
 
AppsSec In a DevOps World
AppsSec In a DevOps WorldAppsSec In a DevOps World
AppsSec In a DevOps WorldParasoft
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software ComplianceParasoft
 
No Devops Without Continuous Testing
No Devops Without Continuous TestingNo Devops Without Continuous Testing
No Devops Without Continuous TestingParasoft
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousParasoft
 
Deploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsDeploy + Destroy Complete Test Environments
Deploy + Destroy Complete Test EnvironmentsParasoft
 
Accelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestAccelerate Agile Development with Service Virtualization - Czech Test
Accelerate Agile Development with Service Virtualization - Czech TestParasoft
 
Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsParasoft
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Rogue Wave Software
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Klocwork
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousArthur Hicken
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsArthur Hicken
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesSonatype
 
Continuous testing
Continuous testing Continuous testing
Continuous testing Dr Ganesh Iyer
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Parasoft
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Sonatype
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017Suman Sourav
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsSmartBear
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security Rogue Wave Software
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareParasoft
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentTechWell
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingInfostretch
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...Kevin Fealey
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceRapidValue
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkTechWell
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile DevelopmentCheckmarx
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareQualiQuali
 
Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards Parasoft
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseLancope, Inc.
 

More Related Content

What's hot

Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsParasoft
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Rogue Wave Software
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Klocwork
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousArthur Hicken
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsArthur Hicken
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesSonatype
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Parasoft
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Sonatype
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017Suman Sourav
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsSmartBear
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security Rogue Wave Software
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareParasoft
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentTechWell
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingInfostretch
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...Kevin Fealey
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceRapidValue
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkTechWell
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile DevelopmentCheckmarx
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareQualiQuali
 

What's hot (20)

Evolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOpsEvolving from Automated to Continous Testing for Agile and DevOps
Evolving from Automated to Continous Testing for Agile and DevOps
 
Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization Shifting the conversation from active interception to proactive neutralization
Shifting the conversation from active interception to proactive neutralization
 
Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009Introducing: Klocwork Insight Pro | November 2009
Introducing: Klocwork Insight Pro | November 2009
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
 
EuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through StandardsEuroSPI 2016 - Software Safety and Security Through Standards
EuroSPI 2016 - Software Safety and Security Through Standards
 
A "Firewall" for Bad Binaries
A "Firewall" for Bad BinariesA "Firewall" for Bad Binaries
A "Firewall" for Bad Binaries
 
Continuous testing
Continuous testing Continuous testing
Continuous testing
 
Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?Are Your Continuous Tests Too Fragile for Agile?
Are Your Continuous Tests Too Fragile for Agile?
 
Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain Findings Revealed: 2015 State of the Software Supply Chain
Findings Revealed: 2015 State of the Software Supply Chain
 
DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017DevSecOps-OWASP Indonesia Day 2017
DevSecOps-OWASP Indonesia Day 2017
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
 
How to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty SoftwareHow to Avoid Continuously Delivering Faulty Software
How to Avoid Continuously Delivering Faulty Software
 
IoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really DifferentIoT Software Testing Challenges: The IoT World Is Really Different
IoT Software Testing Challenges: The IoT World Is Really Different
 
Continuous Integration for Mobile App Testing
Continuous Integration for Mobile App TestingContinuous Integration for Mobile App Testing
Continuous Integration for Mobile App Testing
 
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...What Good is this Tool? A Guide to Choosing the Right Application Security Te...
What Good is this Tool? A Guide to Choosing the Right Application Security Te...
 
An Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open SourceAn Essential Guide to Effective Test Automation Leveraging Open Source
An Essential Guide to Effective Test Automation Leveraging Open Source
 
What Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You ThinkWhat Do Defects Really Cost? Much More Than You Think
What Do Defects Really Cost? Much More Than You Think
 
10 Steps To Secure Agile Development
10 Steps To Secure Agile Development10 Steps To Secure Agile Development
10 Steps To Secure Agile Development
 
Continuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshareContinuous testing webinar 041017 slideshare
Continuous testing webinar 041017 slideshare
 

Similar to Defeating the Headless Horsemen of Faulty Apps

Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards Parasoft
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseLancope, Inc.
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceRogue Wave Software
 
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersGrowth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersChicago Lean Startup
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingJosiah Renaudin
 
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastкомплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastDiana Frolova
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRogue Wave Software
 
Real World Static Analysis Boot Camp
Real World Static Analysis Boot CampReal World Static Analysis Boot Camp
Real World Static Analysis Boot CampErika Barron
 
Testing in the Dark
Testing in the DarkTesting in the Dark
Testing in the DarkTechWell
 
DevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratchDevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratchPete Cheslock
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...ForgeRock
 
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.DevOps.com
 
Cybercrime and the developer 2021 style
Cybercrime and the developer 2021 styleCybercrime and the developer 2021 style
Cybercrime and the developer 2021 styleSteve Poole
 
Transform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOpsTransform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOpsGaurav Sharma
 
How to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product LifecycleHow to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product LifecycleIntelCollab.com
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareAmit Serper
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Perforce
 
A Definition of Done for DevSecOps
A Definition of Done for DevSecOpsA Definition of Done for DevSecOps
A Definition of Done for DevSecOpsGene Gotimer
 

Similar to Defeating the Headless Horsemen of Faulty Apps (20)

Software Safety and Security Through Standards
Software Safety and Security Through Standards Software Safety and Security Through Standards
Software Safety and Security Through Standards
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
How enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open sourceHow enterprises learned to stop worrying and love open source
How enterprises learned to stop worrying and love open source
 
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow CustomersGrowth Hacking for Lean Startups: How to Get, Keep and Grow Customers
Growth Hacking for Lean Startups: How to Get, Keep and Grow Customers
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint Testing
 
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastкомплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
 
Real World Static Analysis Boot Camp
Real World Static Analysis Boot CampReal World Static Analysis Boot Camp
Real World Static Analysis Boot Camp
 
Testing in the Dark
Testing in the DarkTesting in the Dark
Testing in the Dark
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
 
DevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratchDevOpsDays - Pick any Three - Devops from scratch
DevOpsDays - Pick any Three - Devops from scratch
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
 
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.Your Code Isn’t Static. Your Processes Shouldn’t be Either.
Your Code Isn’t Static. Your Processes Shouldn’t be Either.
 
Cybercrime and the developer 2021 style
Cybercrime and the developer 2021 styleCybercrime and the developer 2021 style
Cybercrime and the developer 2021 style
 
Transform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOpsTransform Agile Development With Practical DevOps
Transform Agile Development With Practical DevOps
 
How to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product LifecycleHow to Maximize the Role of Insights Throughout the Product Lifecycle
How to Maximize the Role of Insights Throughout the Product Lifecycle
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
 
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
Keys to Continuous Delivery Success - Mark Warren, Product Director, Perforc...
 
The Human Side of DevSecOps
The Human Side of DevSecOpsThe Human Side of DevSecOps
The Human Side of DevSecOps
 
A Definition of Done for DevSecOps
A Definition of Done for DevSecOpsA Definition of Done for DevSecOps
A Definition of Done for DevSecOps
 

More from Parasoft

Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices ArchitectureParasoft
 
MedicAlert API Testing Case Study
MedicAlert API Testing Case StudyMedicAlert API Testing Case Study
MedicAlert API Testing Case StudyParasoft
 
End-to-end Testing for IoT Integrity
End-to-end Testing for IoT IntegrityEnd-to-end Testing for IoT Integrity
End-to-end Testing for IoT IntegrityParasoft
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareParasoft
 
BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!Parasoft
 
Software Development Metrics You Can Count On
Software Development Metrics You Can Count On Software Development Metrics You Can Count On
Software Development Metrics You Can Count On Parasoft
 
Accelerating Mobile Testing
Accelerating Mobile TestingAccelerating Mobile Testing
Accelerating Mobile TestingParasoft
 
C/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C ComplianceC/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C ComplianceParasoft
 
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API TestingExtreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API TestingParasoft
 
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative EffectivenessA Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative EffectivenessParasoft
 

More from Parasoft (10)

Testing a Microservices Architecture
Testing a Microservices ArchitectureTesting a Microservices Architecture
Testing a Microservices Architecture
 
MedicAlert API Testing Case Study
MedicAlert API Testing Case StudyMedicAlert API Testing Case Study
MedicAlert API Testing Case Study
 
End-to-end Testing for IoT Integrity
End-to-end Testing for IoT IntegrityEnd-to-end Testing for IoT Integrity
End-to-end Testing for IoT Integrity
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure Software
 
BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!BUSTED! How to Find Security Bugs Fast!
BUSTED! How to Find Security Bugs Fast!
 
Software Development Metrics You Can Count On
Software Development Metrics You Can Count On Software Development Metrics You Can Count On
Software Development Metrics You Can Count On
 
Accelerating Mobile Testing
Accelerating Mobile TestingAccelerating Mobile Testing
Accelerating Mobile Testing
 
C/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C ComplianceC/C++test Qualification Kit for DO-178B/C Compliance
C/C++test Qualification Kit for DO-178B/C Compliance
 
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API TestingExtreme Automation Enables DirecTV to ”Shift Left” API Testing
Extreme Automation Enables DirecTV to ”Shift Left” API Testing
 
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative EffectivenessA Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
A Comparison of Three Bug-Finding Techniques and Their Relative Effectiveness
 

Recently uploaded

Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 

Recently uploaded (20)

Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 

Defeating the Headless Horsemen of Faulty Apps

  • 1. Parasoft Copyright © 2016 1Tweet @Parasoft #SoftwareHollow 2016-10-31The Legend Of Software Hollow Defeating the Headless Horsemen of Faulty Applications
  • 2. Parasoft Copyright © 2016 2Tweet @Parasoft #SoftwareHollow 2 Open and hide your control panel Join audio: • Choose “Mic & Speakers” to use VoIP • Choose “Telephone” and dial using the information provided Submit questions and comments via the Questions panel Note: Today’s presentation is being recorded and will be provided within 48 hours. Your Participation GoToWebinar Housekeeping
  • 3. Parasoft Copyright © 2016 3Tweet @Parasoft #SoftwareHollow 3 Your Presenter Arthur “Code Curmudgeon” Hicken has been involved in automating various practices at Parasoft for over 20 years. He has worked on projects including database, the Software development lifecycle, cybersecurity, web publishing and monitoring, and integration with legacy systems. Arthur has worked with IT departments in companies such as Cisco, Vanguard, And Motorola to help improve their software development practices. The Code Curmudgeon’s goal is to scare you into improving your application quality and security.
  • 4. Parasoft Copyright © 2016 4Tweet @Parasoft #SoftwareHollow 4 Win a Parasoft Shirt  Show us your costume  Tweet @Parasoft #SoftwareHollow  Mail costume picture to webinar@parasoft.com  Winner will be chosen and random Tweet: @Parasoft #SoftwareHollow
  • 5. Parasoft Copyright © 2016 5Tweet @Parasoft #SoftwareHollow 5 Agenda Halloween Fun Dangers lurking Lessons learned from others
  • 6. Parasoft Copyright © 2016 6Tweet @Parasoft #SoftwareHollow 6 Story Overview
  • 7. Parasoft Copyright © 2016 7Tweet @Parasoft #SoftwareHollow 7
  • 8. Parasoft Copyright © 2016 8Tweet @Parasoft #SoftwareHollow 8 Headless Horseman and Software Relentlessly attack Security Performance •Negative attack •Too much success Quality •if it can break, he’ll break it Bad user experience •Do they give up and run away?
  • 9. Parasoft Copyright © 2016 9Tweet @Parasoft #SoftwareHollow 9 Poll #1 • What is your biggest software scare? • Missing deadlines • Software failing after release • Competition • Being hacked
  • 10. Parasoft Copyright © 2016 10Tweet @Parasoft #SoftwareHollow 10
  • 11. Parasoft Copyright © 2016 11Tweet @Parasoft #SoftwareHollow 11 Villagers  Fearful  Belief in legends rather than facts  Not well prepared  (Money instead of action?)  Avoid the problem or addressing it
  • 12. Parasoft Copyright © 2016 12Tweet @Parasoft #SoftwareHollow 12 Villagers release plan  Write the code  Poke at it and see if it works  It’s ready because “Developers feel it”  Celebrate
  • 13. Parasoft Copyright © 2016 13Tweet @Parasoft #SoftwareHollow 13
  • 14. Parasoft Copyright © 2016 14Tweet @Parasoft #SoftwareHollow 14 Katrina Van Tassel Beauty / proud of appearance • UI over quality Rich / Fortune • No attention to bottom line Whimsical • Sometimes does the right things • Inconsistent Pampered • Throw the code over the fence
  • 15. Parasoft Copyright © 2016 15Tweet @Parasoft #SoftwareHollow 15 Who is Katrina?  Overly agile (flirting with too many things, – never promised)  Ultimately unsure – without vision  Short-term success but nothing long term
  • 16. Parasoft Copyright © 2016 16Tweet @Parasoft #SoftwareHollow 16
  • 17. Parasoft Copyright © 2016 17Tweet @Parasoft #SoftwareHollow 17 Brom Bones (Abraham Van Brunt) Willing to battle •Bugs in the field Physically fit over brains •Pen test over static analysis Practical joker – full of mischief •Easter eggs leading to potential exploits Lied about exploits vs Horseman •No metrics for readiness Doesn’t believe in ghosts •Which doesn’t help him in the end •You may think security doesn’t matter, but it does.
  • 18. Parasoft Copyright © 2016 18Tweet @Parasoft #SoftwareHollow 18 Who is Brom? Agile to a fault Constant re-work Do what’s interesting or fun Avoid boredom Ultimately missing real success
  • 19. Parasoft Copyright © 2016 19Tweet @Parasoft #SoftwareHollow 19 Poll #2 • Which of the following do you do all the time: • Static analysis • Peer review • Unit test • Performance test • Penetration test
  • 20. Parasoft Copyright © 2016 20Tweet @Parasoft #SoftwareHollow 20
  • 21. Parasoft Copyright © 2016 21Tweet @Parasoft #SoftwareHollow 21 Ichabod Crane Schoolmaster • Ongoing education Not physically fit • No brute techniques Brainy • Work smarter Steady • Do the tedious tasks like static analysis Eager to help • Peer review and pair programming Ladies man • Wanted users to have good experience Do the right thing rather then be brave
  • 22. Parasoft Copyright © 2016 22Tweet @Parasoft #SoftwareHollow 22 What Ichabod does ALL THE TIME Static analysis Unit test Peer review Functional test Load test Security – static and penetration Coverage Metrics
  • 23. Parasoft Copyright © 2016 23Tweet @Parasoft #SoftwareHollow 23 Honorable Mention – Johnny Depp Detective Never gives up Seeking the root cause rather than simple fixes
  • 24. Parasoft Copyright © 2016 24Tweet @Parasoft #SoftwareHollow 24 In the End  Brom and Katrina forced to merge to save money  Ichabod moved on to a more successful company and was a large success and became a household name
  • 25. Parasoft Copyright © 2016 25Tweet @Parasoft #SoftwareHollow 25 Conclusions Delivering software can be scary! • And dangerous! Ad hoc approach fails in the end Basic quality practices succeed • Thorough measured testing • Static analysis • Metrics • Peer review Prepared for security, compliance, safety
  • 26. Parasoft Copyright © 2016 26Tweet @Parasoft #SoftwareHollow 26  Blog: http://alm.parasoft.com  Web: http://www.parasoft.com/jsp/resources  Facebook: https://facebook.com/parasoftcorporation  Twitter: @Parasoft @CodeCurmudgeon  LinkedIn: http://www.linkedin.com/company/parasoft  Google+ Community: Continuous Testing Nov 7-9 – QCon San Francisco Nov 16 – Testing Microservices Nov 16-17 – Better Software East