#conference

EngX Community Day 2022 starting soon:

https://www.linkedin.com/events/engxcommunityday20226985509719029252096

Register and watch here:
https://wearecommunity.io/events/engx-community-day-2022

#video #live

https://youtu.be/iBbi1E6oN38

#Twitter #password

#testing

Updated #ISTQB Glossary v3.7:
https://glossary.istqb.org/en/search/

- So, can you switch your logs to just go to stdout instead of file?
- Yeah, sure. So, orchestrator will pick them up?
- Right.
- And redirect them where?
- File.

How the Zero Trust model improves the #security posture of #k8s infrastructure and prevents security incidents from damaging organization.

Find out:

* The key concepts and principles of the Zero Trust security model
* How Zero Trust improves the security posture
* The technical requirements for Zero Trust in Kubernetes
* How to apply Zero Trust best practices in Kubernetes environment

#security

Q: I am looking for some benchmarking/overview/comparison for SAST Tools to help to the customer with the selection. Maybe somebody has something like that? It must not be fancy. Even your personal opinion is appreciated here.

Right now I am preferring to have 2x tools witched in the pipeline one after the other:
* SonarQube/SonarCloud
* Snyk

Thanks a lot for every hint in advance!

A1: Personally I prefer SonarQube for it's easiness of use and configuration and plethora of plugins.
But SNYK would add you also DAST capabilities - so, maybe it should be your tool of a choice, as it effectively replaces 2 tools

A2: As a good starting point I'll recommend to read the following pages:

1. https://owasp.org/www-project-benchmark/

2. https://owasp.org/www-community/Source_Code_Analysis_Tools

3. https://www.nist.gov/itl/ssd/software-quality-group/samate/static-analysis-tool-exposition-sate

4. https://www.gartner.com/reviews/market/application-security-testing

Happy Computer Security Day!

#ChatGPT vs. #StackOverflow

#programming #history

Trends for 2023 in #testing and #DevOps

Briefly: mobiles, APIs, accessibility, programming skills and observability.

https://saucelabs.com/blog/devops-automated-testing-trends-2023

#security #password #LastPass

Ah shit, here we go again:

https://techcrunch.com/2022/12/22/lastpass-customer-password-vaults-stolen/

#SRE Report 2023

The report contains special contributions from Adrian Cockcroft and Steve McGhee and highlights findings from a global community of reliability practitioners, including SREs, managers, architects, and executives

Key findings include:

* Organizations who operate with a “just culture” are 500% more likely to be Elite performing organisations

* Elite-performing organizations are 260% more likely to substantially focus on Customer Experience reliability versus Low-performing organisations

* Organizations (59%) say that maintaining innovation velocity occasionally or often impacts employee productivity or morale – 14% unsure

* Organizations (59%) say tool sprawl is a non-existent or minor problem – challenges other research which simply equates tool sprawl to, ‘how many tools are in the stack’

#video

This #Playwright #testing tutorial covers everything you need to get you up and running with the Microsoft Playwright framework with #TypeScript.

0:00:24 What is Playwright?
0:08:04 How to write a basic script with Playwright using functions & selectors?
0:33:18 Playwright’s futuristic features
1:00:15 How to interact with inputs and buttons?
1:27:00 Alerts and dropdowns in Playwright
2:07:16 Frames and Window handling in Playwright
2:43:32 How to handle date picker/calendar in Playwright?
3:13:48 Uploading and downloading files in Playwright
3:34:23 Page Object Model in Playwright
4:21:57 Playwright fixtures
4:55:02 Cross-browser testing in Playwright and execution on the LambdaTest platform

https://youtu.be/wawbt1cATsk