Do testers know what they are really looking for? More importantly, can they identify a risk if it is not shaped as they are expecting it to be (mostly in their limited/fixed test cases).
Metal detectors and baggage scanners (X-Ray machines for luggage) are a common sight at public places. These are installed and used for physical security checking. Most places, I feel the folks are too casual about security. However, I get a feeling of thoroughness at the airports with the officials working at these security check points. At most places, I notice, the officers sitting on the screens of the baggage scanners are not even looking at the screens – which makes me feel uneasy.
Very similar to the security checking mentioned above – Testing is an investigative process too. But do we know what we are actually looking for? And if during the process of investigation, vulnerability does gets exposed in full or part, are we equipped enough to point out the same and risks it.
If I were to ask the security personnels – do they know what a real bomb looks like or can they identify different pieces of a dismantled gun – what do you think the response is going to be. Similarly, if I were to ask the testers – Do testers know what they are really looking for? More importantly, can they identify a risk if it is not shaped as they are expecting it to be (mostly in their limited/fixed test cases). Most testers perform testing as a ritual they have to execute, in certain order. More often than not, Testing is in place only to put a check and say – yes we do it. When Automation comes into play – most testers don’t know how to make the best use of it. Mindless automation – again as a “must do” procedure is applied. And when it is about security – the longer the window of vulnerability, bigger the loss.
In the keynote – Smita will be talking about what is really important to know when testing – in fact, what should be the key focus for testers? How to leverage technology and tools to support our work? Importance of knowing when exploratory testing works and when tools do the magic. Overall being an effective tester, and knowing when to use the wand.