Connect With Us

Events

Upcoming events

    • 19 May 2021
    • 12:00 PM - 1:00 PM (CDT)
    • Webinar
    Register

    Testing for Privacy and Data Protection at Speed: Integrating AppSec Tools into DevOps Pipelines Without Slowing Down

    Joe Jarzombek and Meera Rao, Synopsys, Inc.

    About the Topic

    Data protection and privacy are at the top of many organizational priorities. The results of application software testing can provide the basis for defensible quality/security controls to protect sensitive data and confirm effectiveness of relevant data protection controls.  Many organizations undergo process assessments in demonstrating compliance with laws associated with protecting privacy and data.  Scanning code that will run in enterprise network-connected assets that process or transmit data can determine if the systems or devices enable data leakage or lack adequate protections to mitigate unauthorized access to read or modify data. 

           Using the CISQ Automated Source Code Data Protection Measure in software testing can reveal source vectors for data leakage or data corruption; providing indicators for non-compliance with respective Data Protection/Privacy guidelines.

           Derived from the Automated Source Code Quality Measure (ASCQM), recently published as “ISO/IEC 5055 Information technology — Software measurement — Software quality measurement — Automated source code quality measures,” this specification covers common weaknesses (CWEs) that affect the protection of controlled or confidential information and data associated with intellectual property and privacy, such as associated with personal identifiable information (PII), personal health information (PHI), or payment card industry (PCI) data.

    Testing for privacy and data protection can be a normal part of quality assurance test regimes.  Integrating security testing as part of quality assurance programs within Continuous Integration (CI)/Continuous Delivery (CD) or Deployment (CD) pipelines requires integrating tool scans for Static Analysis Security Testing (SAST), Dynamic Analysis Security Testing (DAST), or Software Composition Analysis (SCA), which are performed at different stages in the CI/CD pipeline. These tools each have their own strengths and weaknesses and are complementary to each other. How long each tool takes to complete a scan affects how often and when tools are deployed into a staging or production environment.

    Key Learning Objectives

      In this webinar, you’ll learn:

      • How common weaknesses in software can represent source vectors for unauthorized access to read or modify data; putting enterprises and their customers at risk in terms of data loss or data corruption.
      • How quality assurance application testing can incorporate tools with built-in security domain checkers/gates to enable all developers and testers to mitigate relevant software weaknesses and address privacy and data protection.
      • How legacy CI/CD approaches can’t keep up with the speed of DevOps
      • How Intelligent Orchestration helps break down silos and leverages a dedicated pipeline that automatically runs the right security tools at the right time and triggers manual testing activities based on SDLC events and pre-defined policies, while also providing continuous metrics and feedback.
      • How this enables quality/security teams to automate security gates and enforce policies for all applications across their organization, at enterprise scale.

      Attendees will be provided access to acquire free copies of:

      ISO/IEC 5055 Information technology — Software measurement — Software quality measurement — Automated source code quality measures | First edition 2021-03 | Reference number ISO/IEC 5055:2021(E)

      CISO’s Guide to Sensitive Data Protection

      2021 Open Source Security and Risk Analysis (OSSRA) Report open-source-trends

      About the Speakers

      Joe Jarzombek <sjarzom@synopsys.com> is Director for Government & Critical Infrastructure Programs in Synopsys, Inc. He participates in relevant consortia, public-private collaboration groups, trade associations, standards groups, and R&D projects to assist in accelerating technology adoption.  Prior to joining Synopsys, Jarzombek served in the government public sector; collaborating with industry, federal agencies, and international allies in addressing cybersecurity challenges.  He served in the US Department of Homeland Security as the Director for Software & Supply Chain Assurance for over ten years, and in that role, to enable security automation and the sharing of cybersecurity information exchange, he sponsored CVE, along with the initiation and evolution of CWE and CAPEC.

      Meera Rao <mmeera@synopsys.com> is Senior Director of Product Management in the Synopsys Software Integrity Group, has more than 20 years of experience in software development, more recently focusing on DevOps and CI/CD. She is also leading Intelligent Orchestration development at Synopsys.”

      Registration

      REGISTRATION IS REQUIRED TO ATTEND THIS PROGRAM.

      Please register by May 18th at www.cqaa.org. If you have any questions, please contact info@cqaa.org.

      Webinar Access

      A link to the webinar will be added to this announcement before the date of the webinar. Please check back.

       

      • 23 Jun 2021
      • 12:00 PM - 1:00 PM (CDT)
      • Webinar
      Register

      CQAA June 2021 Virtual Meet-Up:  Navigate Through Change or Transformation

      About the Topic

      As we often hear, change is the only constant. Technological transformation and organizational changes are everyday norm. Covid-19 has also brought unprecedented change in our ways of working. As software quality professionals who live in constant changes, how can we all maintain quality of our work during organizational pivot? Something that is coming up a lot more as a result of COVID, both from a project priority standpoint and also from a cultural standpoint, such as less interaction with people, equipment, and resources as a result of working remotely

      Let’s get together to share our experience and give each other support!

      This virtual meet-up is a great opportunity to meet other people facing the same successes and challenges due to various changes in your work. Come to share and to celebrate what obstacles you’ve overcome, discuss your struggles as well as tips that have worked well, or ask others for advice that could help you to cope, adapt, and thrive in time of change.

      •  What types of changes you are going through or have been through?
      •  How are the changes impacting your organization in terms of processes and technologies?
      •  How are the changes impacting your roles and skills?
      •  How are the changes affecting the prioritization of your work and personal lives?
      •  What do you do in positive ways to embrace the changes and thrive?
      •  As leaders, how do you \lead people through the changes?
      • Are you able to see opportunities through the challenges from the change?
      • What actions can take that help you in time of change?

      Date and Time

      Wednesday, June 23rd, 2021
      12:00 Noon – 1:00 PM

      Moderated By

      Cindy Glaser has been a QA practitioner for over 23 years, focusing during the last decade on leading QA, development, and marketing teams through Agile transformations and maturation. She has overseen teams in multiple industries including Financial, Retail, and Manufacturing. She works with organizations to create customized frameworks that enable teams to transform into high-performing contributors, successful in self-management and continuous improvement. She has spoken at past CQAA programs as well as the Quest and TesTrek conferences and has served on the CQAA board since 2009. She is currently Senior Manager of Software Quality and Process at Life Fitness.

      Dai Whaley is VP of Quality Engineering at Applied Systems. She is a technology leader who is passionate about software quality assurance and aiming to build the right digital products through building the products right.  With 20+ years of working in software development in Chicagoland and feeling grateful for the journey, Dai has I traveled and participated in tremendous technological transformation in history. She is more excited than ever about the future and how technology will make even bigger evolution changes in our lives. What’s even better than this evolution is witnessing the transformation of our profession in quality assurance.

      Hosted By

      SPR Consulting

      Registration

      REGISTRATION IS REQUIRED TO ATTEND THIS MEET-UP.
      PLEASE REGISTER BY Monday, June 21st, 2021 at
      www.cqaa.org. If you have any questions, please info@cqaa.org

      To Join the Meet-Up

      CQAA Meeting
      Wed, Jun 23, 2021 12:00 PM - 1:00 PM (CDT)

      Please join my meeting from your computer, tablet or smartphone.
      https://global.gotomeeting.com/join/549943221

      You can also dial in using your phone.
      United States: 
      +1 (872) 240-3412

      Access Code: 549-943-221

      New to GoToMeeting? Get the app now and be ready when your first meeting starts: 
      https://global.gotomeeting.com/install/549943221

       

    Past events

    21 Apr 2021 CQAA April Webinar: Emotional Intelligence: Bringing Heart into Testing
    24 Mar 2021 CQAA March Webinar: Agile Metrics to Boost Quality Improvement
    25 Feb 2021 CQAA February Webinar: Strategies to Optimize Test Data Management for Continuous Testing
    17 Nov 2020 CQAA November Virtual Meet-Up: Service API Testing: Successes, Challenges and Lessons Learned
    29 Oct 2020 CQAA October 2020 Event: Production Stability: QA’s Role in ‘Strengthening Right’
    23 Sep 2020 CQAA September 2020 Webinar: Value of Codeless Test Automation
    18 Aug 2020 CQAA August 2020 Webinar: Test Scenario Design Models: What are They and Why are They Your Key to Agile Quality Success
    22 Jul 2020 CQAA July 2020 Webinar: Effective Test Strategies! Are They Meeting Stakeholder Needs?
    23 Jun 2020 CQAA June 2020 Webinar: Testing the Manifesto
    21 May 2020 CQAA May 2020 Webinar: Unit Testing: Why and How QA Can Get Involved
    28 Apr 2020 CQAA April 2020 Webinar: Future of Testing - Software Process and Measurement Cast
    25 Mar 2020 CQAA March 2020 Webinar: Test Automation in DevOps: Moving Towards Continuous Testing
    19 Feb 2020 CQAA February 2020 Speaker Program: How to Implement ATDD from Scratch in Large Scale Agile Projects
    18 Dec 2019 CQAA December 2019 Webinar: The Revised Role of Functional QA Managers
    20 Nov 2019 CQAA November 2019 Speaker Program: Regression Testing: Ensuring Adequate Coverage and Prioritization
    16 Oct 2019 CQAA October 2019 Speaker Program: A Picture is Worth a Thousand Words: Metrics with a Punch!
    17 Sep 2019 CQAA September 2019 Speaker Program: The Art of Saying No
    15 Aug 2019 CQAA August 2019 Lunch-n-Learn: Automation Pitfalls and How to Swing Past the Tar Pit
    18 Jul 2019 CQAA July 2019 Speaker Program: Adding Automated UI Tests to Your iOS Application
    19 Jun 2019 CQAA June 2019 Speaker Program: Security Testing for QA’s
    17 May 2019 CQAA May 2019 Speaker Program: For a Fresh Perspective on Team Leadership Look to the Drummer What?
    18 Apr 2019 CQAA April 2019 Speaker Program: So You Want to Start API Testing, Now What?
    27 Feb 2019 CQAA February 2019 Lunch-n-Learn: Selenium Meet-up
    22 Jan 2019 CQAA January 2019 Lunch-n-Learn: Selenium Meet-up
    12 Dec 2018 CQAA December 2018 Webinar: Scaling Agility - A Practitioner's Framework
    15 Nov 2018 CQAA November 2018 Speaker Program: Owning Quality in a Cross-Functional Agile Team
    23 Oct 2018 CQAA October 2018 Lunch-n-Learn: Automation Meet-Up: Successes, Challenges and Lessons Learned
    18 Sep 2018 CQAA September 2018 Speaker Program: Quality Buddy System: How QA can influence Application Development to achieve High Quality Products
    22 Aug 2018 CQAA August 2018 Webinar: What Team Size Says About Your Company's Quality Culture
    18 Jul 2018 CQAA July 2018 Speaker Program: Industrialized Agile Quality: Leveraging ISO Standards to Deliver Business Agility with World Class Quality
    22 Jun 2018 CQAA June 2018 Speaker Program: Innovation: Start With Why, Spaghetti and a Marshmallow
    08 May 2018 CQAA May 2018 Lunch-n-Learn: OMG! What's Next for Us Software Testers?
    19 Apr 2018 CQAA April 2018 Speaker Program: From Nuclear Submarines to Agile Widgets: What QA and Test Defect Rates Are Saying
    22 Mar 2018 CQAA March 2018 Speaker Program: The New Test Automation Toolkit: From Cloud to Code Analysis
    22 Feb 2018 CQAA February 2018 Speaker Program: Best Practices for Desktop and Mobile Open Source Automation
    23 Jan 2018 CQAA January 2018 Speaker Program: Automated Testing and the DevOps Pipeline
    13 Dec 2017 CQAA December 2017 Speaker Program: Performance Testing Strategy and Implementation
    30 Nov 2017 CQAA November 2017 Speaker Program: Knowledge ≠ Understanding: An Agile Journey
    25 Oct 2017 CQAA October 2017 Speaker Program: Designing a Comprehensive QA Roadmap
    20 Sep 2017 CQAA September 2017 Speaker Program: Test Case Renovation
    22 Aug 2017 CQAA August 2017 Speaker Program: Demystifying Mobile Testing - Quick Tours on Your Mobile App
    25 Jul 2017 CQAA July 2017 Speaker Program: Designing a Roadmap towards Continuous Quality
    15 May 2017 CQAA May 2017 Speaker Program: Agile QA Dashboard: Metrics that Matter for your Agile QA Teams
    07 Apr 2017 CQAA April 2017 Panel Discussion: Using Selenium within Your Test Automation Solution
    21 Mar 2017 CQAA March 2017 Speaker Program: Continuous Delivery Changes Everything (For The Better!)
    27 Feb 2017 CQAA Suburbarn Automation Meet-Up: Successes, Challenges and Lessons Learned
    22 Feb 2017 CQAA February Webinar: Testing in an Internet of Things’ World!
    31 Jan 2017 CQAA Automation Meet-Up: Successes, Challenges and Lessons Learned
    25 Jan 2017 CQAA January 2017 Webinar: Technology Megatrends and QA: Ready, Set, Evolve!
    17 Nov 2016 CQAA November 2016 Speaker Program: How to Test When the Requirements are Unknown
    21 Sep 2016 CQAA September 2016 Speaker Program: How to Measure the Quality of Testing
    17 Aug 2016 CQAA August 2016 Webinar Simplicity: The Path to Achieving Agile Testing Efficiency
    25 Jul 2016 CQAA July 2016 Speaker Program: Responsive Web Testing: Way Beyond Resizing a Browser Window
    28 Jun 2016 CQAA June 2016 Speaker Program: Leveraging Free, Open Source, and Low Cost Tools for Back End Testing
    10 May 2016 CQAA May 2016 Speaker Program: Efficiency and Effectiveness - When Process and Pressure Collide
    07 Apr 2016 CQAA April 2016 Round Table Discussion: Test Cases Written by Business Analysts
    06 Apr 2016 QUEST 2016 Webinar Series: Improve your Retrospectives with Agile Kaizen
    24 Mar 2016 QUEST 2016 Webinar Series: Metrics That Matter – In the Context of Software Testing and QA with Bernd Haber
    22 Mar 2016 CQAA March 2016 Speaker Program: The Testing Pyramid: It's Not About Testing
    25 Feb 2016 CQAA February 2016 Speaker Program: What Project Teams Need to Know about Test Automation
    18 Feb 2016 QUEST 2016 Webinar Series: Pairwise Testing: What it is, When to Use and Not to Use with Philip Lew
    26 Jan 2016 CQAA January 2016 Speaker Program: Influencing your Team Towards BDD & Agile Practices
    21 Jan 2016 QUEST 2016 Webinar Series: Compatibility Testing for Mobile Devices
    13 Nov 2015 CQAA November 2015 Round Table Discussion: Testing Effort Estimation in Agile
    20 Oct 2015 CQAA October 2015 Speaker Program: Data, Data Everywhere! Understand Your Data & Maximize Test Coverage
    16 Sep 2015 CQAA September 2015 Speaker Program: Real World Security Testing
    26 Aug 2015 CQAA August 2015 Round Table Discussion: Data Testing / Data Validation
    18 Aug 2015 CQAA August 2015 Webinar: Root Cause Analysis: Helping Make the Right Decisions
    21 Jul 2015 CQAA July 2015 Speaker Program: When is a Project Ready for Software Automation?
    13 Jul 2015 Certified Software Tester (CSTE) Prep Course
    20 May 2015 CQAA May 2015 Speaker Program: Best Practices for Performance Testing Mobile Apps
    28 Apr 2015 CQAA April 2015 Lunch & Learn: The Perils of Being an Agile Tester – Discussion Forum
    25 Mar 2015 CQAA March 2015 Speaker Program: Promoting Quality Principles and Practices thru Organization Change Management
    18 Feb 2015 CQAA February 2015 Speaker Program: QA Engagement During User Acceptance Testing
    12 Feb 2015 CQAA February 2015 Webinar: The Force Awakens
    23 Jan 2015 CQAA January 2015 Webinar: Enterprise Agility Starts with Healthy Teams, How Healthy is YOUR Agile Team?
    15 Jan 2015 CQAA January 2015 Webinar: Why Test Automation Fails
    04 Dec 2014 CQAA December 2014 Webinar: Test Data Management for Agile Continuous Testing
    19 Nov 2014 CQAA November 2014 Program: The QA Aspects of DevOps - Enabling Quality, Speed and Agility within your SDLC
    23 Oct 2014 CQAA October 2014 Program: Creating Useful Metrics to Provide Quality Software
    24 Sep 2014 CQAA September 2014 Speaker Program: CSI Chicago: Attributes of a Successful Software Forensics Solutions
    23 Sep 2014 Certified Software Tester (CSTE) Prep Course
    27 Aug 2014 CQAA August 2014 Webinar: Revealing the Mystery behind Test Automation Framework Design
    31 Jul 2014 CQAA July Event: The Bushido Code & 30th Anniversary Celebration
    24 Jun 2014 CQAA June 2014 Speaker Program: Managing Your Offshore Testing Team
    20 May 2014 CQAA May 2014 Speaker Program: Roadmap to Continuous Integration Testing and Benefits
    23 Apr 2014 CQAA April 2014 Speaker Program: Reaching the Holy Grail of Effective Application Performance Testing and Analysis
    19 Mar 2014 CQAA March 2014 Speaker Program: Quality Engineering: Driving Higher Quality throughout the SDLC
    25 Feb 2014 CQAA February 2014 Speaker Program: Model-Based Testing: Taking BDD/ATDD to the Next Level
    19 Feb 2014 Quest February 2014 Webinar: Software Quality Metrics Do’s and Don’ts
    13 Feb 2014 CQAA February 2014 Lunch & Learn: Lightning Talks Strike CQAA Again
    05 Feb 2014 Quest February 2014 Webinar: Career Planning for Agile QA
    12 Dec 2013 CQAA December 2013 Webinar: Best Practices in Testing
    19 Nov 2013 CQAA November 2013 Speaker Program: Testing Mobile Apps and Websites: Conquering the Multitude with the help of Automation
    18 Oct 2013 CQAA October 2013 Speaker Program: Continuous Quality: What Software as Service Means to QA
    20 Sep 2013 CQAA September 2013 Speaker Program: Metrics: Delivering QA Value Across IT
    21 Aug 2013 CQAA August 2013 Webinar: 5 Steps to World Class Testing Performance - What is the TMMi?
    25 Jul 2013 CQAA July 2013 Speaker Program: Integrating Exploratory Testing with Traditional Testing Methods
    17 Jul 2013 CQAA July 2013 Lunch & Learn: Microsoft TFS/MTM Tool Interest Group
    25 Jun 2013 CQAA June 2013 Speaker Program: Agile Testing in a Waterfall World
    23 May 2013 CQAA May 2013 Speaker Program: Secrets of Test Automation
    16 May 2013 CQAA May 2013 Lunch & Learn: Tools for Quality Assurance / Quality Control
    18 Mar 2013 CQAA March 2013 Speaker Program: Distributed Teams that Pop
    22 Feb 2013 CQAA February 2013 Speaker Program: Risk-Based Testing: Focused Effort, Better Results
    14 Feb 2013 CQAA February 2013 Lunch & Learn: Lightning Talks Strike CQAA Again
    25 Jan 2013 CQAA January 2013 Speaker Program: The UAT Chess Game: Playing Your Pieces to Win
    19 Dec 2012 CQAA December 2012 Webinar: Test Planning Versus Test Strategy. Are They the Same?
    13 Nov 2012 CQAA November 2012 Speaker Program: The Application Management Tools Industry Has Failed You!
    30 Oct 2012 CQAA October 2012 Lunch & Learn: Leading Change from the Inside Out
    26 Sep 2012 CQAA September 2012 Lunch & Learn: Quality Application Leadership in a Large Organization
    14 Sep 2012 CQAA September 2012 Speaker Program: Assessing your Testing Using the Test Maturity Model (TMM)
    15 Aug 2012 CQAA August 2012 Webinar: Testing 2013
    27 Jul 2012 CQAA July 2012 Speaker Program: Automation using Open Source Frameworks like Selenium and TestNG
    28 Jun 2012 CQAA June 2012 Speaker Program: Performance Testing: Roles, Activities and QA Inclusion
    20 Jun 2012 CQAA June 2012 Lunch & Learn: Enterprise of Social Media, Collaboration, Jetpacks, and Ray Guns
    17 Apr 2012 CQAA April 2012 Speaker Program: Exploring How the Mobile App Project Is Shaping the Way We Approach Quality
    11 Apr 2012 CQAA April 2012 Lunch & Learn: Model Based Testing for Flexible and Predictable Test Coverage
    20 Mar 2012 CQAA March 2012 Speaker Program: Testing and Measurement
    23 Feb 2012 CQAA February 2012 Program: 10 Principles of Smart Requirements Gathering
    16 Feb 2012 CQAA February 2012 Lunch & Learn: Lightning Talks Strike CQAA
    17 Jan 2012 CQAA January 2012 Program: Automated Tests Into Automated Builds!
    06 Dec 2011 CQAA December 2011 Webinar: Raising Your Technical Debt Ceiling…Or Not?
    08 Nov 2011 CQAA November 2011 Program: Successful Strategies for QA-Based Security Testing
    26 Oct 2011 CQAA October 2011 Program: Functional Testing and Automation within Behavior Driven Development
    27 Sep 2011 CQAA September 2011 Lunch & Learn: Web Accessibility: A Missed Quality Requirement
    20 Sep 2011 CQAA September 2011 Dinner Event: Innovations & Emerging Trends in Software Quality Assurance
    09 Aug 2011 CQAA August 2011 Webinar: Testing @ Microsoft
    27 Jul 2011 CQAA July 2011 Program: Mobile Technology Testing - Are You Ready?
    22 Jun 2011 CQAA June 2011 Program: Exploratory Testing in the Enterprise
    08 Jun 2011 Certified Software Quality Analyst (CSQA) Prep Course
    06 Jun 2011 Certified Software Tester (CSTE) Prep Course
    24 May 2011 CQAA May 2011 Spring Dinner Event: The Future of Software Projects - How Quality Assurance and Development Are Changing
    19 May 2011 CQAA May 2011 Lunch & Learn: Establishing and Integrating Service Oriented Architecture (SOA) Testing
    26 Apr 2011 CQAA April 2011 Program: Closing the Gap in Regression Testing
    20 Apr 2011 CQAA April 2011 Lunch & Learn: Getting the Best out of Distributed Teams
    15 Mar 2011 CQAA March 2011 Program: Defect Prevention - A Tester's Role in Process Improvement and Reducing the Cost of Poor Quality
    23 Feb 2011 CQAA February 2011 Program: Scrum - A Disciplined Approach to Product Quality and Project Success
    09 Feb 2011 CQAA February 2011 Lunch & Learn: Meeting New Business Challenges With Dynamic Quality Assurance
    18 Jan 2011 CQAA January 2011 Program: Project and Process Tailoring for Success
    07 Dec 2010 CQAA December 2010 Webinar: Writing Testable Requirements
    30 Nov 2010 CQAA November 2010 Program: IT Disciplines - Collaboration, Competencies, and Careers
    26 Oct 2010 CQAA October 2010 Program: A Guide to Software Tool Selection
    21 Oct 2010 CQAA October 2010 Lunch & Learn: Collaborative Lifecycle Management
    21 Sep 2010 CQAA September 2010 Dinner Event: Mitigating Exploitable Software Risk
    14 Sep 2010 CQAA September 2010 Lunch & Learn: Parallel Data Testing
    26 Aug 2010 CQAA August 2010 Webinar: Team-Based Acceptance Test Driven-Development
    28 Jul 2010 CQAA July 2010 Program: Practical Metrics for Managing and Improving Software Testing
    23 Jun 2010 CQAA June 2010 Lunch and Learn: Reporting Skills and Software Testing
    17 Jun 2010 CQAA June 2010 Program: Introducing Risk Based Testing to Organizations
    26 May 2010 CQAA May 2010 Lunch and Learn: Agile Through SCRUM
    17 May 2010 CQAA May 2010 Dinner Program: Dr Cem Kaner Speaks on the Law of Software Quality
    27 Apr 2010 CQAA April 2010 Lunch and Learn: Testing Critical Infrastructure Applications
    13 Apr 2010 CQAA April 2010 Program with C-SPIN: Managing Software Quality within the Team Software Process
    24 Mar 2010 CQAA March 2010 Program: Bringing Value to the Organization With Performance Testing
    25 Feb 2010 CQAA February 2010 Lunch and Learn - 360° Project Lifecycle Health Assessments
    16 Feb 2010 CQAA February 2010 Program: Optimizing Modular Test Automation
    27 Jan 2010 CQAA January Program: Assurance for Cloud Computing
    Powered by Wild Apricot Membership Software