Advanced Penetration Testing

Speaker : Amarendra Godbole

Aim of penetration testing (pen-testing) is to break into an application while closely approximating an attacker’s behavior. Typical approaches that rely heavily on the usage of security tools produce only tool-based results, and may limit the effectiveness.
In order to closely approximate an attacker’s tactics, more of a mental shift, knowledge about the application, and motivation are required. This paper tries to bridge that gap, and aims to discuss
advanced and sophisticated steps to make the pen-testing effort more effective, and optimize the skills of the pen-tester and the tools.
Starting with planning, recon, deciding the attack surface, tool selection, and final closure, advanced penetration testing will take your understanding about the application to a different level. Overall,
these steps will assist in reasonable assessment of the security posture of an application.
Agile Testing – Principles and Practices

Speaker : Anil Karade

Traditional test processes are not adaptive to extensive changes in software. Agile process emphasizes on ability to adapt to changing business needs, customer collaboration, integrated teams and frequent delivery of business values. Agile is an umbrella term that describes a variety of methods including XP and Scrum.
The talk will discuss pitfalls of the traditional testing process. Traditional testing process happens very late in the SDLC Where as Agile process focuses on test-first approach. The talk will explain benefits of going agile. Principles and practices of agile process will be discussed and agile methodologies Scrum and Extreme Programming will be discussed in detail. Purpose of Scrum, its effectiveness, timings and managing the scrum will be discussed. Some of the practices for XP like Pair Programming, Test Driven Development will be discussed. The Talk will also cover the QA role in agile world. The talk will cover the implementation issues while shifting from traditional to agile process. Talk will also include an interactive game for illustration of concepts.
Designing Software For Testability: A forgotten design pattern

Speaker :Rohit Nayak

In the semiconductor industry, Design For Testability (DFT) is an essential part of the architecture and design of components. Software designers on the other hand do not pay much (if any) attention to the testing needs of their code.

In this talk we review some core DFT principles like Built-In Self Test, Test Point Insertion, Fault Modeling and Fault Simulation and map them to software testing. Examples of using DFT to create testable software will be given. DFT fits in especially well with the increasing use of Test Automation and Agile Methodologies.

We hope this talk will empower test leads and engineers with knowledge they can use to get their developer counterparts to modify the application-under-test to significantly increase automation, enhance test coverage, run tests faster and reduce the costs of testing.

Performance and Automation Testing using Apache Jmeter for Agile Environment

Speaker : Sameer Naik , Prasad Nirantar

Jmeter, a powerful performance testing tool from the Apache Jakarta project, can be used to simulate a heavy load on a server, network or object .This helps to test the strength or to analyze overall performance of the system under different load conditions. It has a Full multithreading framework which allows concurrent sampling by many threads and simultaneous sampling of different functions by separate thread groups. It can test servers eg. Web Server – HTTP, HTTPS, Web Services – SOAP, JUnits, Database via JDBC. Jmeter based tests can be integrated into scheduled builds using build tool like Apache Ant . JMeter and Flex BlazeDS Application Performance Testing can be used in a scenario where the front end is developed using flex, the flex remote objects communicate in the flex AMF format. We can leverage JMeter for such scenario where an AMF message can ride over http and a web application can be tested for performance testing and load testing. Take away for the audience :-
Examples which illustrate how to use Jmeter in load testing and automation testing.

Smarter Sprint Cycles , Better deliverables

Speaker : Suma Shastry

Many a times, we see that a single team is responsible for development, QA and support for the product. It’s a challenging environment when multiple fix packs for older versions and a fresh new release goes in parallel and the team has recently adapted to agile practices. In this session, I would detail out a case study and highlight the challenges we faced in our early sprint cycles, how we learnt lessons and applied them to the next sprints and effectively improved upon our deliverables. The following concepts will be covered in this session 1.Being Agile – Effective Planning for the sprints (both Dev and QA) 2.Preparing for the deliverables – defining mile stones (For the sprint) 3.Better delivery – Effective scrums

Audience: Teams following or new to agile methods

Audience will be able to learn the techniques used to plan and deliver sprint items in better way. Challenges presented during the case study would serve as learning to the audience so that those mistakes can be avoided while applying these methods practically.

Test Automation in Flex

Speaker : Richa Sharma

Flex is a highly productive, free open source framework for building and maintaining expressive web applications that deploy consistently on all major browsers, desktops, and operating systems.
Test Automation involves automation design and execution of automated tests. The Flex test automation feature provides developers with the ability to create Flex applications that use the automation APIs. These APIs can be used to create automation agents or to ensure that applications are ready for testing.
This session would cover basics of Flex Test Automation. One of the many available tools to be touched upon in this session would be FlexMonkey – a testing framework for Flex applications that provides for the capture, replay and verification of Flex UI functionality.

Testing Techniques for Mobile Applications

Speaker : Indira Pai, Basant Chandran

With the fantastic growth of mobile computing platforms such as the iPhone, Blackberry,Symbian, J2ME, Windows Mobile and Android environments, there has been a dramatic increase in the value of mobile applications for most companies.
However, one of the biggest challenges that one faces when developing a mobile application is how to test it. Testing Mobile applications is a very intricate and arduous undertaking. There are an enormous number of factors to consider for mobile computing which simply aren’t present for desktop or web development, including hardware/software platforms, installation the application, network type, network strength, memory & battery consumption, external interfacing through WAP and HTTP etc. Additionally, testing the application in simulator, using various debugging tools are some further adventures which the tester undergoes during testing cycles.
With a blend of these challenges as the core of the address, we would be presenting our experience from our product development cycles.

Web Test Automation Framework with Open Source Tools powered by Google WebDriver

Speaker :Nikhil Bhandari, Kapil Bhalla

Amid Nails, Nuts and Bolts the hammer is not enough.
TeKila is an aggregation of several Open Source powers – Google Web Driver, HTML Unit, Java Robots, TestNG & many more … It offers a tool kit to test Web Application at different levels & in modes.

Attempting a task of writing test automation framework which does more than UI testing for rapidly growing web-based applications is a tough task. Many find it tormenting, some attempt it & only a few succeed. You have to apply lots creative ideas and innovative approaches for your test automation project rather than just selecting ONE tool which will do everything for you.

Often the search for a Silver Bullet tool for automating ends in a compromise. In the demanding times when everything is changing rapidly, speed and flexibility cannot be compromised.

In our attempt of combating Automation we came up with TeKila. TeKila is an aggregation of best of various Open Source Powers enabling us to do:
– UI testing on multiple browsers & OS
– Business Logic layer testing using APIs
– Profiling data
– UI Object Repository is kept independent so that later any other tool/framework can be effortlessly incorporated

Write Tests in End Users’ Lingo

Speaker : Nikhil Fernandes, Chirag Doshi

Many of the testers understand the importance of automated tests which can test the system end to end. There are plenty of tools like Selenium, Watir, White etc. which allow you to drive your web or desktop ui for these tests. The intention of these tests is to mimic the user’s interaction with the system and automatically validate that he could achieve his goals.

Considering this, wouldnt it make sense for tests to talk the same language that an end user understands. Although, When we look around today most of the functional tests talk the language that the browser understands, it goes click button A, enter value in textfield B etc.

In this session we will share various approaches which allow you to build tests which an end user can understand and maybe even participate in writing. We will look at the problems with the usual approach of end-to-end writing tests such as being too verbose and technical.

We will look at the multiple benefits of writing tests in the end user’s language and the different ways in which to achieve it.

Finally, we will look at the key takeaways.

**Speakers and sessions are listed on the site only after confirmation. However please note that the sessions, speakers and schedules are subject to change.
preload preload preload