Agile + DevOps USA 2024 - Security

Web applications are often security critical or serve as front-ends for security critical applications, making web testing for vulnerabilities an essential part of software testing. Unfortunately, most software testers have not been taught how to identify web security issues while testing applications. Join Tom Stiehm as he shares what you need to know to security test web-based applications as part of your overall testing process. Learn about the most common web security vulnerabilities and how they are introduced into web code and exploited by hackers. Explore test techniques for...

One of the great things about using the cloud is how easy it is to spin up resources and use them. The downside is it is really easy to spin up resources and forget about them. Sprawl becomes a real problem. You waste money if you fail to shut them down when you finish with them or even overnight. And it isn’t just costs. Managing a cloud infrastructure can be a real pain. Who spun this up? What project is it for? Does it need to be shut down? When? Shouldn’t it be encrypted? Cloud Custodian is an easy-to-use framework that allows simple YAML files to specify how to gather, filter, and act...

With the rapid adoption of generative AI, more and more companies are infusing AI models and services into their products. However, many of these companies are likely to lose business and valuable revenue due to their lack of investment in MLOps. Typically, organizations developing AI systems have relied on training metrics like accuracy, precision and recall, but software quality goes beyond that. Now that the barrier to entry for AI tools is smaller, we need to set quality standards, test practices, and think about AI ethics and safety. Ensuring the quality of AI goes beyond traditional...