#testing
Small article that explain how to choose the right balance between Dev and QA in a team:
https://www.prolifics-testing.com/news/optimal-tester-to-developer-ratios
Small article that explain how to choose the right balance between Dev and QA in a team:
https://www.prolifics-testing.com/news/optimal-tester-to-developer-ratios
Specialist Software Testing and Quality Engineering Consultancy | Prolifics Testing
Optimal Tester to Developer Ratios
The challenge on any software project is the need for quantifiable data on resources (how much, how many and how long) to be included in project plans in advance of the activities that utilise those resources. Estimation of testing staff numbers using ratios…
DevTestSecOps
#security #RCE
#log4j
- Overview by @LunaSecIO: https://www.lunasec.io/docs/blog/log4j-zero-day/
- Vulnerable Hashes by @mubix: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
- IP’s Exploiting by @GreyNoiseIO: https://gist.github.com/gnremy/c546c7911d5f876f263309d7161a7217
- Detection Rules by @cyb3rops: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
(from https://twitter.com/FrankMcG/status/1469375212160438275)
- Overview by @LunaSecIO: https://www.lunasec.io/docs/blog/log4j-zero-day/
- Vulnerable Hashes by @mubix: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
- IP’s Exploiting by @GreyNoiseIO: https://gist.github.com/gnremy/c546c7911d5f876f263309d7161a7217
- Detection Rules by @cyb3rops: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
(from https://twitter.com/FrankMcG/status/1469375212160438275)
DevTestSecOps
#log4j - Overview by @LunaSecIO: https://www.lunasec.io/docs/blog/log4j-zero-day/ - Vulnerable Hashes by @mubix: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes - IP’s Exploiting by @GreyNoiseIO: https://gist.github.com/gnremy/c546c7911d5f876f…
CyberScoop
CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices
Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library “is one of the most serious I’ve seen in my entire career, if not the most serious.”…
DevTestSecOps
#security #CISA about #log4j https://www.cyberscoop.com/log4j-cisa-easterly-most-serious/
Check Point Software
The Numbers Behind Log4j CVE-2021-44228 - Check Point Software
Get A detailed dive for the numbers Behind the Apache Log4j Vulnerability CVE-2021-44228 and how Check Point can help
DevTestSecOps
#log4j - Overview by @LunaSecIO: https://www.lunasec.io/docs/blog/log4j-zero-day/ - Vulnerable Hashes by @mubix: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes - IP’s Exploiting by @GreyNoiseIO: https://gist.github.com/gnremy/c546c7911d5f876f…
#log4j also affects #testing
#ReportPortal as example:
https://github.com/reportportal/reportportal/issues/1613
#ReportPortal as example:
https://github.com/reportportal/reportportal/issues/1613
GitHub
Log4J vulnerabilities: CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105 · Issue #1613 · reportportal/reportportal
Background The Apache Log4j utility is a commonly used component for logging requests. On December 9, 2021, a vulnerability was reported that could allow a system running Apache Log4j version 2.14....
DevTestSecOps pinned «#log4j - Overview by @LunaSecIO: https://www.lunasec.io/docs/blog/log4j-zero-day/ - Vulnerable Hashes by @mubix: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes - IP’s Exploiting by @GreyNoiseIO: https://gist.github.com/gnremy/c546c7911d5f876f…»
#video #live #testing #conference in Russian
Tech stream: https://youtu.be/fUGa3QmnQ3o
Manager stream:
https://youtu.be/r7tlvxlDJYM
Tech stream: https://youtu.be/fUGa3QmnQ3o
Manager stream:
https://youtu.be/r7tlvxlDJYM
YouTube
ProQuality Conference 2021 - Tech Stream
ProQuality Conference 2021 - Tech Stream
--------------------------------------------------------------------------------------------------------------
Timeline:
0:35 - Внедрение автоматизации мобильного тестирования с нуля на проекте
01:00:28 - Тестирование…
--------------------------------------------------------------------------------------------------------------
Timeline:
0:35 - Внедрение автоматизации мобильного тестирования с нуля на проекте
01:00:28 - Тестирование…
Forwarded from xkcd
'Thanks to the ForcedEntry exploit, your company's entire tech stack can now be hosted out of a PDF you texted to someone.'
For the new era - the new type of information's source!
Receive #CVE Trends from Twitter in one dashboard - https://cvetrends.com/
"CVE Trends gathers crowdsourced intel about CVEs from Twitter's filtered stream API and combines it with data from NIST's NVD and GitHub APIs."
Receive #CVE Trends from Twitter in one dashboard - https://cvetrends.com/
"CVE Trends gathers crowdsourced intel about CVEs from Twitter's filtered stream API and combines it with data from NIST's NVD and GitHub APIs."
CVE Trends
CVE Trends - crowdsourced CVE intel
Monitor trending CVEs in real-time; crowdsourced intel sourced from Twitter, NIST NVD, Reddit, and GitHub.
Many data breach disclosures raise more questions than they answer, but this takes it to a whole new level. 💾💾
https://t.co/GfVGafiEFW
https://t.co/GfVGafiEFW
The Mainichi
Tokyo police lose 2 floppy disks containing personal info on 38 public housing applicants
TOKYO -- The Metropolitan Police Department (MPD) has lost two floppy disks containing personal information on 38 people, the department announced on