February 12, 2018

Are You a Gauge Expert? How Do You Graft On a Fluent Selenium-Ruby Framework?

Are you an expert in Gauge, the BDD framework? ( See a Brief Overview of Gauge ).

I have a question: How do you work with selenium-ruby?

I was planning on working towards what Dave Haeffner has in ElementalSelenium.com creating a library of:
I am brand-new to Gauge and using Selenium-Ruby. So far I only have used Selenium-Java.

It looks like Gauge strongly advocates against page objects calling them an Anti-Pattern. Er... Um... burying a page's locators in code, as they do in the blog makes me worried. I am looking for other solutions.

February 10, 2018

"How Machine Learning Helps Test Software" - Ministry of Testing - Boston - Feb. 6, 2018

On Tuesday, February 6th, 2018, the Ministry of Testing - Boston was invited by Mabl to hear John Kinnebrew and Sergei Makar-Limanov describe how mabl "uses machine intelligence to automate visual insights and make tests more adaptive".

With their AI, you can train mabl to go on a "user's journey". Much like Selenium IDE, the record-and-playback device, you walk the agent on what you as a tester would like it to focus on. What you want it to know. What you want it to ignore. It then learns and adapts, learning how you like to test.

Their product should be launching a free public beta in a few weeks. I can't wait to try it out!

Thank you so much, mabl for having us!

Intelligent Testing with mabl: Adaptive tests and automated visual insights
John Kinnebrew and Sergei Makar-Limanov
February 6th, 2018


About John Kinnebrew:

https://johnkinnebrew.com/

"John is building intelligent tools that enable developers to create better software at mabl. He received his B.A. in Computer Science from Harvard University and his Ph.D. in Computer Science from Vanderbilt University. His research interests include machine learning, combinatorial optimization, intelligent agents, and coordination in multi-agent systems.

"At Bridj, he led the research and data science group with a focus on machine learning and AI optimization techniques applied to transportation modeling, prediction, and optimization for improving mass transit. His research at Vanderbilt focused on the design of intelligent pedagogical agents and machine learning techniques to model important learning behaviors, including metacognition and self-regulated learning strategies, from activity traces of student interaction in educational systems".


Happy Testing!

-T.J. Maher
Sr. QA Engineer, Software Engineer in Test
Meetup Organizer, Ministry of Testing - Boston

Twitter | YouTubeLinkedIn | Articles

February 5, 2018

Introduction to Vulns, Common Vulnerabilities and Exposures, the CVE List, and the National Vulnerability Database

Whenever I find a software testing position in a field in which I am unfamiliar, I try rounding up all resources I can. In my security testing research, I found a syllabus for Tufts University's COMP 116: Introduction to Computer Security course offered Spring of 2018. Just my luck! The instructor for the course posted the entire syllabus and required reading material online, including a copy of a wonderful slide deck for a presentation on an Introduction to CVE, CWE, and the Top 25 given by Steve Christey Coley, creator of the term, CVE -- Common Vulnerabilities and Exposures.

What is a Vulnerability?

According to CVE.MITRE.org, in their terminology section, "a vulnerability is a weakness in the computational logic (e.g., code) found in software and some hardware components (e.g., firmware) that, when exploited, results in a negative impact to confidentiality, integrity, OR availability. Mitigation of the vulnerabilities in this context typically involves coding changes, but could also include specification changes or even specification deprecations (e.g., removal of affected protocols or functionality in their entirety).

"Examples of vulnerabilities include:
  • "phf (remote command execution as user "nobody")
  • "rpc.ttdbserverd (remote command execution as root)
  • "world-writeable password file (modification of system-critical data)
  • "default password (remote command execution or other access)
  • "denial of service problems that allow an attacker to cause a Blue Screen of Death
  • "smurf (denial of service by flooding a network)"
MITRE, a not-for-profit in Bedford, MA, maintains the Common Vulnerabilities and Exposures (CVE)® List.