Fact-the quality of test data directly impacts the quality of testing. Traditional manual methods for creating test data are laborious, time consuming, often ineffective, and error prone. Huw Price explains the concept of test "data objects," an approach he uses to create high quality test data and eliminate the need to access live production data for testing. Data objects are abstractions of the data that capture the essence of a data type that can be quickly assembled to support specific tests. With definitive examples, Huw shows how to create basic "data objects" using data sampling and then expands to more complex objects using "data inheritance" that varies the data to satisfy specific testing needs. Learn about test data selection techniques-such as all-pairs, cause and effect, randomization, and probability distribution, to build high quality sets of data.

Testing teams are generally quite efficient at testing Web applications through a wide range of functional data, business processes, and click streams. However, testing for security defects, which requires testing and a different mindset, is another story. Security testing involves anticipating what the application is not expecting and building test cases to cover those situations. Rafal Los demonstrates the approaches you need to understand negative security testing by offering insight into common attacks from simple parameter-based attacks like Cross-Site Scripting (XSS) and SQL Injection (SQLi) to more complex attacks like Cross-Site Request Forgeries (CSRF) and multi-stage persistent Cross-Site Scripting attacks (pXSS). Rafal provides examples and methodologies for gathering information, creating a negative-test strategy, executing attacks, and interpreting the results.

Too often, testers have limited money, time, or both to purchase, learn, and implement the robust commercial test tools available today. However, as a tester, one of the best things you can have is your own personal testing toolkit. Since 2001, Randy Rice has been researching free and inexpensive test tools and has compiled a set of tools that have been a great help to him and many others. Randy presents an overview of these tools that can add power and efficiency to your test planning, execution, and evaluation. Randy presents and demonstrates tools that can be used for pairwise test design, test management, defect tracking, test data creation, test automation, test evaluation and Web-based load testing. Learn how you can use these tools together to achieve a combined effect of greater test speed and better test coverage at little or no out-of-pocket cost.

Managing a successful, rapidly changing Web site and trying to track the bugs is a never-ending process. Every release brings new challenges-identifying a bug that's causing havoc, creating patch solutions, and strategizing ways to fight fires with little down time. If you don't juggle resources well, the stress of managing a live site will take a toll on your team. Jane Fraser takes you through the setup and deployment of a War Room for releasing software in a 24/7 online world. See how Electronic Art’s use of wikis, chat rooms, and call bridges help keep communications flowing smoothly. Join Jane to follow the path of a production issue from inception to conclusion-identification, reproduction, risk assessment, patching, and the checks and balances to ensure the safest path towards fixing the issue. Learn from Electronic Art's lessons to eliminate some of the pitfalls in your 24/7 online world.