Talks

Can a front-end developer do any good for a QA except for programming bugs? Let's imagine that we are all friends, eager to help each other. Which little things that developer's able to do without much effort can ease the testing process?

Have you thought about what a vulnerability is? Would you ever think you are directly connected to this phenomenon? We'd like to discuss what types of bugs matter. Let's see a real-life vulnerability example and how security researchers fight against it. Let's raise our security awareness.

The future of web testing and automation belongs to Puppeteer — Andrey will show why and how.

We'll being looking at how applying TLA+ and random testing can catch hard-to-find bugs in our designs and implementations of distributed systems. People will see the utility of these techniques and where to start learning about them so they can apply the techniques themselves.

All that Denis knows about SSRF and considers interesting. The auditor's experience.

We'll discuss how to combine tools and testing approaches in order to not to test one and the same things multiple times; use tests to make your system more easy to observe; ease test code support; stop locking ourselves into specific testing technologies.

jQAssistant allows you to build a graph representation of your Java project to analyze it and to write automatic checks to ensure your own rules in your code base without limitations on what you would like to check.

Nikita will explain the theory — why and how to test the tests — show what tools there are, using Python as an example, and reveal the implementation issues honestly.

Applying property-based testing methods to end-to-end tests for distributed data systems and other complex applications.

Ivan will tell what XSS vulnerability is, share his own technique of detecting it, explore potentially vulnerable parts of web applications and show how to create a generic payload to successfully detect XSS.

How do data scientists formulate the hypothesis that they want to test? What does overfitting has in common with the hard quality control rules? What is critical rationalism and why we should remember about it when working with real-world data?

Property testing has been discussed as the next logical step to augment unit tests. By learning to write property tests, developers and SDETs can get more mileage out of unit tests by either using random libraries to test ranges of inputs over time, or in some cases automating testing for a specified series of inputs.

Two-hour global system failure which took place several years ago made Uber restructure their development and testing processes on all levels. Yury will tell about processes, approaches and tools concerning the iOS development part.

Igor will describe in detail how recon's being performed, covering procedures of gathering information about a test object, ways of automating these actions on any scripting language and existing solutions which are mainly used in the industry.

We'll see how to make static analyzers useful in your continuous integration pipeline, including projects that are old and didn't employ static analysis previously.

We'll tell how we were doing this, what solutions we had to reject and why.

This talk illustrates how to achieve evolutionary architectures and how to retrofit existing systems to support better evolution.

What is testing of IoT platforms as illustrated by successful project for elevator systems.

Lessons learned working to change testing culture in a Fortune 10 global auto manufacturing company.

Tim will walk you through the different kinds of component testing, show working examples and advise when to apply them. He will also cover what this might mean for your organization's broader testing strategy.

Pandora is a load tool that can run your Go scenarios. Alexey will explain its architecture, show you how to write a load scenario, to configure and run it.

In the projects requiring high load, performance of a load script becomes a crucial question. And so we've tested performance of the performance testing tool.

This talk covers how to create complex end-to-end tests to cover the evolving user scenarios and emerging hw platforms like IOR devices. We will introduce the concept of host-driven test architecture and the tools Google built to implement such tests.

Payments testing is always a complicated process due to variety of payment providers. This talk is devoted to approach applied in Badoo, which let us increase speed and quality of service delivery.

Anton will share his experience of automating use of the basic cluster protection rules, and also detection and attack techniques.

We'll explore how infrastructure of back-end integration testing evolves when we switch from monolith to microservices. We'll pay special attention to problems that only appear in testing of microservice applications.

Beyond a frank discussion starter on the criteria by which we measure quality, this talk summarizes the real quality requirements of enterprise customers and presents a compelling story for verifying and/or selecting your OpenJDK implementation.