Testing Red Flags TGNS18

Published on:
TestGuild News Show Feature Image

About This Episode:

Hey, what do red flags have to do with accessibility testing?

Why is WordPress heavily investing in a performance team?

And are your Facebook smartglasses a security risk? Find out the answers to these and all other full-stack on emission testing, performance testing, site reliability testing, and engineering security. DevOps-related news for this week of October 17th and this edition of the TestGuild new show.

So grab a cup of coffee or tea, and let's do this!

Exclusive Sponsor

This episode of the TestGuild News Show is sponsored by the folks at Applitools. Applitools is a next-generation test automation platform powered by Visual AI. Increase quality, accelerate delivery, and reduce cost with the world’s most intelligent test automation platform. Seeing is believing, so create your free account now!

Links to News Mentioned in this Episode

*** Applitools free account: https://rcl.ink/xroZw ***

1.https://metro.co.uk/2021/10/14/posting-a-red-flag-meme-has-unintended-consequences-for-disabled-users-15420354/amp/

2.https://github.com/robotframework/robotframework/blob/master/doc/releasenotes/rf-4.1.2.rst

3.https://www.linkedin.com/posts/nana-janashia_nana-goes-to-kubecon-activity-6854363124775096320-MteZ

4.https://aisingapore.org/2021/10/pitting-tagui-against-the-big-boys/

5.https://github.com/saucelabs-training/automation-best-practices/tree/main/testing-for-charity#%EF%B8%8F-setup

https://www.linkedin.com/posts/nikolayadvolodkin_github-saucelabs-trainingautomation-best-practices-activity-6854394493299507200-zVZs

6.https://make.wordpress.org/core/2021/10/12/proposal-for-a-performance-team/

7.https://www.prnewswire.com/news-releases/dod-approves-parasoft-static-application-security-testing-sast-container-for-devsecops-deployment-301399141.html

8 https://cybernews.com/privacy/facebook-smart-glasses-a-privacy-nightmare-waiting-to-come-true/

9.https://community.microfocus.com/cyberres/b/sws-22/posts/devsecops-with-public-cloud-providers-automated-security-testing-with-aws-codestar

10.https://twitter.com/johnsosnowski4/status/1448702704486912011?s=21

11.https://www.startupdaily.net/2021/10/kiwi-cybersecurity-training-platform-safestack-academy-banks-nz2-3-million-seed-round/?utm_source=organic&utm_medium=startupdaily&utm_id=linkedin

https://www.linkedin.com/posts/lauradbell_kiwi-cybersecurity-training-platform-safestack-activity-6853215462025691136-pIL3

News

First up, automation testing news.

I'm not sure if you're familiar with the red flag meme that's been going on the past week or so. I didn't know that it had actual consequences to testing, but actually posting the red flag meme has unintended consequences for disabled social media users. So as a tester, you know, screen readers can be used to help those that are blind or visually impaired understand the content. So the problem with this is if there are like thirty-two red flags, it'll count each red flags. So Red Flag, Red Flag, Red flag, which, as you could see, gets annoying and it'd be better if it can somehow count the flags and just say, Hey, thirty-two red flags found. I just heard about this, and I just want to give a quick shout-out to Crystal Preston Watson if you don't follow her already. She's an accessibility testing expert, and this is where I actually first heard about this issue. She has a lot of insight into this particular issue and all other accessibility testing issues. So I highly recommend if you don't already to actually give her a follow on Twitter, so check her out. Always stay up to date on accessibility-type issues like these.

And Pekka Klarck the creator of Robot Framework just announced a new release of robot framework. You can see everything that's included in Robot Framework 4.1.2. So if using robot framework, definitely check out the latest release.

Also, a big trend in automation is, as I've been mentioned in the previous shows, is the automation of infrastructure, and I found a really good video on Kubernetes, which is one of the terms I've been hearing more and more of. And this one is from LinkedIn, from Nana Janashia. I'm probably getting that wrong, but I'll have a post for this in the in the links below. So a lot of good insight around Kubernetes and should help you get up to speed if you're just getting into it.

I also came across another interesting LinkedIn post by Ken Soh about TagUI, which is a open source RPA solution. Where they actually did a battle between their solution and a paid solution to see how well it did? And based on Ken's experience, he's saying that some users did an experiment where they used an open RPA solution to for a challenge. I was also used by Automation Anywhere, which a paid solution and it turns out that a lot of people found it just as easy to use and was quickly able to reproduce the same functionality that you got out of commercial solutions as well. And the article just goes into more detail about what the challenge was and the results. So thank you Ken for posting in that.

And it was a really busy week on LinkedIn. I found a lot of good news sources here. So, Nikolay I actually posted a really good link about a workshop they did on automation around best practices using JavaScript. So in this workshop, you'd learn the latest, greatest tools techniques to drastically improve your testing. A lot of cool things, and it's led by some folks that are awesome automation engineers who definitely should be following as well. So Nikolay Advolodkin and also Josh Grant. So definitely check out that workshop down below in the comments.

Next up, performance and reliability news.

All right for some reason, I did find a lot of news articles for SRE & performance testing, but I did find one interesting post around why WordPress is investing in a performance team. I'm surprised they don't have one already, but really good write-up here. And so Ari has a really good proposal for a Performance team listed out of what the problems are that they're trying to solve, why they believe a performance team would help with these problems and why a team is a good idea. So if your team is also struggling with performance testing, you don't have a performance team or you're trying to justify a performance team to your management, this is good resources definitely should check out. So I actually came across this once again from LinkedIn, from James Pulley. So thank you, James, for posting that. Also.

Next up, security news.

So in security news, it's the opposite of performance and site reliability news, I didn't see a lot of issues or a lot of articles on performance or site reliability. I must've missed them, but I did find a whole bunch on security. So let's just jump into security.

So I think this is one of the first times Parasoft has entered the news on the TestGuild news show. So welcome Parasoft off to the new show. They actually had a new release or a new announcement that DOD has approved Parasoft's static application security testing container for DevSecOps deployment. Really big news here. If you don't know Parasoft has been doing software testing for over 30 years and one of the main tools or one of the more popular tools they have is their C and C++ tests and static application security testing SAST tool. And why this is important is that a lot of recent attacks have been targeting the software supply chain, and so Parasfot actually invested time and to provide full support for DOD's DevSecOps mission-critical pipelines. It's a really cool achievement, and if you'd have anything to do with DOD, I think it's definitely a development you should check out as well.

And I've heard of Google Glasses, but this is the first time I've actually heard of Facebook having a pair of smart glasses. So this bubbled up as a security news article on how this can actually impact the privacy of users. And Jeff Martin, who's the VP of Product of Finite State. So Jeff has a great quote talks about how there's really a difference between wearable technologies like smartwatches and the difference between smart glasses. Because in the case of wearables, the choice of wearing the device and accepting all the accompanying privacy and security risks fall on the owner. But when it comes to wearing things like … Things like smart glasses, things get more complicated because glasses have an outward-facing camera, which introduced privacy and security concerns for individuals who did not opt-in. In general, privacy regulations are trending towards requiring activity and informed options. This is going to be an even bigger issue as time moves on. I'm sure this is not the first type of device that's going to come up with the camera or wearable smart glass type of device, so we need to get our heads around how to harden these security risks before they become a major issue for society. So another really good read that you definitely should check in the comments below.

So if you ever wondered what maybe some of the top IT assets are that attackers are most likely to target for exploitation? Well, if you are, you're in luck because this article covers this exact issue, and it goes over some of the internet's most tempting targets, as well as some key trends that are going on in this area as well. And it goes. It also talks about how organizations struggle to know what they have been exposed to on the internet, especially with cloud migrations that we've been talking about, with work from home boom, drastically increasing the number of exposed assets and people can no longer rely on existing security strategies to understand their attack surface. So really, eye-opening if you're not aware of all the different ways your company may be exposed to different security hacks, this is definitely a must check also.

And so I think a few weeks ago, I talked about code star, but if you missed it, I found another article on DevSecOps with the public cloud providers automated security testing with AWS code star. This really has a good breakdown with an AWS glossary, some cloud DevOps processes, and security testing using Fortify with the AWS pipeline. And so thank you, John, for posting this on Twitter, because this is where I found this particular article.

So I always say follow the money whenever it comes to trends that you should be paying attention to? Obviously, security is one of them. So this is from Laura Bell, who is the founder and CEO of SafeStack Academy, which she started in September of 2020. It's an online training platform offering flexible, secure development training for teams and individuals, as well as security, private as well as security and privacy awareness training. This is a big shout-out they actually received. $2.3 million in a seed round. And Bell mentions it's a critical time for security education, as they're seeing illustrated by the increased security incidents in all parts of the world that we've covered on the show. And it's more important than ever that we build in security from the start. If we are to protect our data systems and people, so really good insight. So just a big congratulations to Laura and thank you for helping educate folks on security and the massive need for education in this area.

All right. So that's it for all the news for the week of October 17th, so definitely check all the links below and also make sure to check out our sponsor Applitools awesome Visual AI that's really going to help take your functional automation to the next level. Create a free account now by clicking the link down below.

All right, so that's it for this episode of the TestGuild new show. I'm Joe and my mission is to help you succeed with creating end-to-end full stack automation and testing awesomeness.

As always test everything and keep the good cheers.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

TestGuild News Show Feature Image