Smart Contracts

Updating Solidity code and Testing a Smart Contract

Books on the Blockchain

Publica Self Publishing

Goodbye Contracting

Hello brave new old world...

Ruby-Selenium Webdriver

In under 10 Minutes

%w or %W? Secrets revealed!

Delimited Input discussed in depth.

Monday, 26 March 2007

Secruity Testing

These last weeks I've been drawn into the study of Software Security Testing. By that i mean testing of security features, not the infrastructure.

As if building the web site and playing video games while trying to learn Python wasn't enough. It's been a busy few weeks while I'm 'in between jobs'.

It seems that the area of software security testing has yet to reach the level of maturity that Software Testing is beginning to enjoy. Not that software testing, even your basic black box functional testing, is as universally accepted as software development.

Soapboxing that software security should be seen as a separate area of delivery, that needs trained and experienced professionals to deliver on it sounds like the evangelical standpoint that was adopted for testing a few years ago.

Yet, reading around you discover there are some luminaries in the field that are pushing for this to change. The likes of Gary McGraw, that CTO of Cigital, stand out as Security testing's own Cem Kaner. Visiting his software security website over at and listening to the Silver Bullet Security Podcasts reinforces that.

A sister company of Cigital is Fortify and they've developed an interesting idea to approach the actual delivery of software security testing. Combine that with the need for building security into the product right at the design phase.

Over at the Cyreath website I've written a discussion document around software security testing, read it here: then come back to the blog and share your thoughts.

Mark Crowther - Head of SWT (South West Trains...)

Monday, 5 March 2007

Q-bit anyone?

If you're off to Q-Bit Test Expo on the 22nd March drop me a mail!

No Testhouse this year, I hear a rumour they're doing every other year. Vizuri will be there along witht their partners Q-Bit who they get training services from.

Chris Ambler, QA Director of EA and ex-Rugby player (judging by the ear) will be giving an expo of testing Video games. £10 says he tells us you can't really write Test Cases for games ;p If he get's his black ball out I'm going to storm the stage...

Please God make the presentations interesting this year, I fear for the testing n00bs and thier hopeful scriblings as they listen to product / company keyed presentations in the hope of true testing enlightenment.

Mail me (Mark Crowther) if you want enlightenment and confustication, don't listen to tool vendors!

OK, see you there!

Mark Crowther - Testing and QA Gnu