Notes from SDTimes and STP
While waiting for a server to restart I went through the issues of Software Test & Performance and SD Times that were cluttering up my desktop. The non-italic stuff is direct from an article somewhere in the issue.
SD Times – June 15, 2007
- 6th Sense is a hosted application that communicates with plug-ins that work with more than two dozen IDEs. This plug-in tracks all of the actions taken by a developer during his or her workday. Todd Olson, 6th Sense’s co-founder and CTO, explained that the product measures two types of activity in the IDE: active time and flow time. The first of those measurements monitors the actual work being done inside and outside the browser: Is the developer awake, typing, moving the mouse and interacting with the repositories? The second of those metrics kicks in only once the developer has hit his or her stride. “This comes out of a lot of academic research, which says that when a knowledge worker is focused for 20 minutes or more on a project, they’re in the flow [and] they’re fully immersed,†said Olson. “We’re measuring these flow-time units. This can also help you determine whether or not there are environmental issues” – Seriously, just how badly are these metrics going to be abused by management. I can’t imagine working in a place where the tools I use are instrumented to report back to my boss how much time I spend in each. Sure, the information would be useful if someone never hits flow, but theres very little chance this will be used as designed
SD Times – July 1, 2007
- Automating the Virtual Testing Lab for Fun and Profit
- In buying Watchfire and integrating its tools with its Rational development platform, IBM will take a leading role in proactive application security by spreading the word on why it’s essential to address security concerns early in the application life cycle, instead of simply relying on firewalls that aim to block intruders at the network door, said Lanowitz.
- My build tool should not be determining which tools I can and cannot run.
SD Times – July 15, 2007
- Although further security acquisitions are expected, Rende claimed that HP was not trying to become a security vendor, arguing that security assessment and vulnerabilities are synonymous with defects. “Security assessment falls under the quality side of our business.â€
- SPI’s products include Dev-Inspect, QAInspect and Web-Inspect; these run throughout the life cycle of Web applications to identify security vulnerabilities and integrate with HP Quality Center software. So is Quality Center part of a metaframework?
- Veracode has launched its Software Security Ratings Service, a service that scans binary code and benefits developers using SOA by allowing them to test code being drawn from multiple programs, the company claims. Software is tested on an A–F letter grade system, receiving three different grades based on a scan of binary code, dynamic analysis testing and manual code review that is carried out by a penetration tester