Posts

Showing posts from February, 2019

Heuristics and Oracles

Image
As part of the "Learn Something New Every Day" challenge, I had decided to read an article a day and write short notes on Lessons Learned. The topic of the week: Heuristics and Oracles The words "Heuristics and Oracles" are new concepts, for testers who have not heard about it. I have not used these terminologies in the last 6 years at my job. I heard about the words "Heuristics, Oracles" in Weekend Testing session. From a long time, I wanted to learn about Heuristics and Oracles more in detail and to Understand it in a better way. Heuristics: When we have a Testing Problem in Application, we try with different options or test ideas which we know how to test it and see if it works. The different options which we try are the  test heuristics. Heuristics are simply experience-based techniques for problem-solving, learning, and discovery.  In Real Time, you might be experienced with testing an application which has sched

Security Testing Terminologies

Image
As part of the "Learn Something New Every Day" challenge, I had decided to read an article a day and write short notes on Lessons Learned. The topic of the day: Security Testing Terminologies Last month, I have encountered with new terminology in security testing: False Positive. I have understood in short, It is not an issue to fix. But wanted to learn more in detail. Below are the references which I have used to learn about Security Terminologies: https://www.contrastsecurity.com/security-influencers/the-true-cost-of-false-positive-vulnerabilities-in-application-security https://www.owasp.org/index.php/Benchmark https://community.softwaregrp.com/t5/ArcSight-User-Discussions/what-is-false-positive-false-negetive-true-positive-and-true/td-p/1582039 After going through these links, It was easy for me to correlate and understand easily. What I have learned: Below is the representation of Security Testing Terminologies. 1. False Positives 2. False Negatives 3. Tr

A Transpection Session: Inputs and Expected Results

Image
As part of the "Learn Something New Every Day" challenge, I had decided to read an article a day and write short notes on Lessons Learned. The topic of the day: A Transpection Session: Inputs and Expected Results https://www.developsense.com/blog/2010/05/a-transpection-session-inputs-and-expected-results/ First, I was not aware of the word: Transpection. The definition I understood from  http://www.satisfice.com/blog/archives/62  : Transpection is Learning about a product, by putting yourself in someone's place. Asking someone a question, then thinking through the same question and comparing the answers with others while listening to them. Definitions of Testing: James - "Ask Questions in Order to Evaluate It" Jerry Weinberg - "Gather Information with the intention of informing a decision" Testing is not just about "Inputs and Expected Results" What is Input? Different types of Inputs: Symbolic Input, Non-Symbolic Inp