Thursday, May 31, 2018

ISTQB Advanced Security Tester Live Virtual Training in September 2018

I hope you can take advantage of a unique opportunity to attend live virtual training for the ISTQB Advanced Security Tester certification in September.

The dates of the course are from 9 a.m. to 5:30 p.m. EDT on Sept. 10 - 13, 2018.

I will be the instructor of the course. As chair of the ISTQB Advanced Security Tester Working Group, I can bring a unique perspective to the training and prepare you to take the exam.

Here's what you need to know:

1. This is a live virtual class that you can take from your desk or home. You will be able to interact with me, ask questions, make comments, etc.

2. This will be an intensive course with over 20 exercises. I will present some material, then we will have exercise time. At the completion of each exercise, I give my perspective about the solutions.

3. We will go over every question in the ASTQB Sample Exam after each major section in the syllabus. There are nine sections in the syllabus.

4. If you can't make all the sessions, I am also including the e-learning version at no extra cost so you can make-up any sessions needed.

5. The exam is not included in the price of the course. However, the exam can be added for $200. You can use the exam voucher at any Kryterion exam center. Please note that while anyone may take the course and gain a lot from it, in order for you to take the exam, you must first hold the ISTQB Foundation Certification (CTFL) and have 3 or more years relevant experience in software testing or a related field.

6.  The course also includes a printed workbook. Please allow 5 - 7 days for printing and shipping the book to you. If you live outside of the USA, allow 14 days to receive the book.

7. After August 31, the registration price increases by $200. So, it's best to register soon.

8. Before registering for the class, please review the course outline and ISTQB Advanced Security Tester syllabus so you will be aware of the topics we will cover. While we do cover penetration testing, this is not a class on penetration testing. This certification and course covers many aspects of cybersecurity and the testing of security defenses.

9.  You will leave the class with an increased knowledge of how to help protect your organization by testing your security defenses to ensure they are working effectively.

10.  This course is fully accredited by the ASTQB.

11.  You can register at https://www.mysoftwaretesting.com/ISTQB_Adv_Security_Tester_Certification_Course_p/istqbseclv.htm

If you have any other questions, please feel free to contact me by phone (405-691-8075) or through the contact form at http://www.riceconsulting.com/home/index.php/component/com_formmaker/Itemid,453/id,1/view,formmaker/.

I hope to see you in the course!

Randy

Thursday, May 17, 2018

Upcoming Courses and Other News

I hope you have had a great week!

I recently finished teaching a two-day live virtual private course on Basic Training in Software Testing. One of the students said it sounded like I was in the room with them. We had a great time together, even though the course was virtual. They even got to hear some of my humor (tasteful, of course) and stories from the trenches of testing!

I just want to let you know there are two courses on my public live virtual schedule. Both courses are guaranteed to run. I will be the instructor for both courses.

June 19 - 21, 2018 - ISTQB Foundation Course - This will be my only live public presentation of this course this summer. It's a great opportunity to get personal live training for the ISTQB CTFL certification. To learn more and to register, please visit https://www.mysoftwaretesting.com/ISTQB_Foundation_Level_Course_in_Software_Testing_p/ctfllv.htm

August 1 and 2, 2018 - UAT Fast-Track Course - This is a two afternoon course designed to get you going in User Acceptance Testing right away. This is a complete coverage of UAT practices and processes that teaches true real-world system validation from the business user perspective. To register and learn more, please visit https://www.mysoftwaretesting.com/Structured_User_Acceptance_Testing_Live_Virtual_p/uat-lv.htm

QAI Quest 2018 - I will be speaking at QAI's Quest conference in San Antonio next week. This is a great conference. Great sessions, lots of networking opportunities, great food, all in the San Antonio Riverwalk area. I'll be doing my famous (or infamous) "Becoming an Influential Test Team Leader" tutorial on Monday, a test management workshop all day on Tuesday, and then on Thursday, "Building Your Credibility as a Test Leader." If you are attending, please connect and say "Hi!" It is still possible to register, but time is almost up, so act fast if you want to attend. http://qaiquest.org/2018

ASTQB Webinar - I will be conducting a free webinar on Thursday, May 24 for ASTQB on "Defining Solid Software Security Requirements". If you find defining security requirements a challenge, I will present some ideas that may help.

User stories, while helpful to define functions, are typically not detailed enough to define both intended and unintended behavior of a system, especially in the context of information security.
Unfortunately, industry metrics tell us that the great majority of software defects (security and others) can be traced back to flawed or missing requirements.

In this session, I will cover:
. The lifecycle view of software requirements and security
. Stakeholder involvement in gathering and documenting requirements for software security
. The importance of clearly defining the security aspects of a system
. How to drive the scope of requirements by understanding known threats and available defenses
. How to define “misuse cases”
. How to revise and maintain software requirements when threats change, new threats emerge or new features are added to the system

You may register for the live webinar at https://register.gotowebinar.com/register/5774716823412850689

Please note that these sessions fill up very fast and if you are able to register, it's a good   idea to show up 10 - 15 minutes early to make sure you can get a spot. There are limited slots available. (This webinar will be recorded and made available on the ASTQB website following the webinar.)
=======

Finally...One of the great rewards in being a trainer and consultant is to see people succeed in building their careers. One story in particular is that of Tammy Khan, who has achieved 11 ISTQB/ASTQB certifications since last fall. It was my pleasure to help her in that effort. Way to go, Tammy! You can read her story here - https://www.astqb.org/press-room/astqb-newsletter-2018-2.php

Feel free to contact me with any questions by just replying to this e-mail.

I would love to see you at one of these events!

Tuesday, April 17, 2018

ISTQB Advanced Test Automation Engineer (CTAL-TAE) Now Available in e-Learning Format


I am excited to let you know about my newest course offering, the ISTQB Advanced Test Automation Engineer (CTAL-TAE).

This course is available for private in-house presentations and in e-Learning format to take at your own pace. I am the instructor in both training formats. The materials are written by Grove Consultants.

I have been working with test automation since 1988 and I think the information presented in this course should be in every test automator's knowledgebase and skill sets. Since those early days of test automation, we have now progressed to the point where test automation is an essential skill for testers.

Although anyone can take this course, to take the exam you must first hold the ISTQB Foundation Level certification (CTFL) and have 3 or more years experience in software testing or a related field. Exams are not included in the base price, but can be added, if desired.

To learn more and enroll, just visit: https://www.mysoftwaretesting.com/ISTQB_Adv_Test_Automation_Engineer_e_Learning_p/advate.htm

For a limited time, I am offering a $100 off discount!

I have also created a special 5-person team license for the e-Learning course. https://www.mysoftwaretesting.com/ISTQB_Adv_Test_Automation_Engineer_e_Learning_Team_p/advate5.htm

One more thing... I am planning to conduct a live virtual presentation of the ISTQB Foundation Level course on June 19 - 21, 2018 (Tuesday - Thursday).

I will be the instructor of this all-inclusive training offering - one electronic exam and physical notebook are included. Plus, you get 3-months access to the e-learning following the course! https://www.mysoftwaretesting.com/ISTQB_Foundation_Level_Course_in_Software_Testing_p/ctfllv.htm

I hope to see you at one of these events!

Wednesday, October 18, 2017

Slides from Today's Talk at the OKC QA Meetup

Hi everyone,

Here are the slides I presented at the OKC Meeting lunch meeting. If we have a recording, I'll post it here soon as well. Thanks!

Slides - QA Certifications - Why They are Beneficial and How to Get Them

Report - The Value of ISTQB Certification

Sunday, September 24, 2017

Randall Rice to Present Talk at the 28th Annual IEEE Software Technology Conference

Oklahoma City, OK, September 25, 2017:  Randall Rice, internationally-recognized author, consultant and trainer in software testing and cyber security testing will be speaking this week at the 28th Annual IEEE Software Technology Conference in Gaithersburg, MD.

Mr. Rice's presentation on Wednesday, September 27th is on the topic of "Training and Certifying Security Testers Beyond Penetration Testing". His presentation is sponsored by the American Software Testing Qualifications Board (ASTQB).

"When asking senior-level executives or security administrators about the adequacy of their organizations’ information security defenses, most people will list things such as encryption, firewalls, malware protection, and so forth. When asked, 'How effective are your defenses?' most people can’t give a definitive answer because the defenses have not been tested in a continuous and holistic way. Many people believe the status quo position that penetration testing is all that is needed to find security vulnerabilities," explains Rice.

To help meet the need of training software testers and others in how to perform security testing as a specialty practice, the International Software Testing Qualifications Board (ISTQB) has developed an Advanced Level Security Tester syllabus and exam which leads to the CTAL-SEC designation. The American Software Testing Qualifications Board (ASTQB) administers this certification in the United States. The goal is to provide the information needed to train people in performing security testing at an advanced level.

Mr. Rice is a board member of the ASTQB and is the leader of the international working group that developed the Advanced Level Security Tester syllabus.

This syllabus is freely available from the ASTQB web site at http://www.astqb.org and draws from sources such as the National Institute of Standards and Technology (NIST), the Computer Emergency Readiness Team (CERT) and the Open Web Application Security Project (OWASP) to describe the in-depth knowledge needed to test the security of systems and applications of all types. This syllabus and certification covers the topic of penetration testing, but goes beyond penetration testing to test internal controls and procedures, identify vulnerabilities at the code level, perform security risk assessments, understand the tools available for security testing and how to design and conduct effective security tests.

In this presentation, Mr. Rice will present:

An overview of the ISTQB Advanced Security Tester syllabus topics
How the certification works
How this certification differs from other security certifications
How this certification is compatible with NICE’s ongoing efforts and how this relates to the various framework analyses already underway
The intended audience for the training
The value of the ISTQB Advanced Security Tester certifications to testers and to organizations

Randall W. Rice, is a highly specialized trainer and consultant in the field of software testing and cyber security testing with clients in every industry sector, including defense and finance. He is the co-author with William E. Perry of two books, “Surviving the Top Ten Challenges of Software Testing” and “Testing Dirty Systems.”

Wednesday, September 20, 2017

ASTQB Summit Recap

Hi Everyone,

I just want to thank everyone who helped make the recent ASTQB Summit in Newport Beach, CA a success. Our team did a great job with handling marketing and logistics, as well as the technical program. Our speakers did a great job (I'm not sure about that Rice guy...).

But most of all, I want to thank those that support ASTQB and spent last Friday to expand their knowledge and collaborate with other testers. We had people in attendance from all over the country!

I told people in my sessions that I would have my slides posted to the blog, but as a board we decided it would be more fair to those who paid to attend the event to have exclusive access to the materials. So, if you were in attendance you will soon be receiving an e-mail with instructions on how to get the content.

If you have any questions about anything I said in my three presentations (by the way, thanks also to my co-presenter Taz Daughtrey in the Mobile Testing and Security Testing Workshop), please feel free to add a comment/question below. I got a bit edgy in my Agile presentation, but sometimes I just feel I have to say it like I see it. I will have some articles and perhaps webinars in the coming days to flesh out those thoughts.

Thanks again!

Randy

Thursday, June 15, 2017

Become an ISTQB Advanced Level Certified Tester - Live Virtual Class Forming for July 31 - Aug 3, 2017

I hope you can take advantage of a unique opportunity to attend live virtual training for the ISTQB Advanced Security Tester certification this Summer.

The dates of the course are from 9 a.m. to 5:30 p.m. EDT on July 31 - August 3, 2017.

I will be the instructor of the course. As chair of the ISTQB Advanced Security Tester Working Group, I can bring a unique perspective to the training and prepare you to take the exam.

Here's what you need to know:

1. This is a live virtual class that you can take from your desk or home. You will be able to interact with me, ask questions, make comments, etc.

2. This will be an intensive course with over 20 exercises. I will present some material, then we will have exercise time. At the completion of each exercise, I give my perspective about the solutions.

3. We will go over every question in the ASTQB Sample Exam after each major section in the syllabus. There are nine sections in the syllabus.

4. If you can't make all the sessions, I am also including the e-learning version at no extra cost so you can make-up any sessions needed.

5. The exam is not included in the price of the course. However, the exam can be added for $200. You can use the exam voucher at any Kryterion exam center. Please note that while anyone may take the course and gain a lot from it, in order for you to take the exam, you must first hold the ISTQB Foundation Certification (CTFL) and have 3 or more years relevant experience in software testing or a related field.

6.  The course also includes a printed workbook. Please allow 5 - 7 days for printing and shipping the book to you. If you live outside of the USA, allow 14 days to receive the book.

7. After July 15, the registration price increases by $200. So, it's best to register soon.

8. Before registering for the class, please review the course outline and ISTQB Advanced Security Tester syllabus so you will be aware of the topics we will cover. While we do cover penetration testing, this is not a class on penetration testing. This certification and course covers many aspects of cybersecurity and the testing of security defenses.

9.  You will leave the class with an increased knowledge of how to help protect your organization by testing your security defenses to ensure they are working effectively.

10.  This course is fully accredited by the ASTQB.

11.  You can register at https://www.mysoftwaretesting.com/ISTQB_Adv_Security_Tester_Certification_Course_p/istqbseclv.htm

If you have any other questions, please feel free to contact me by phone (405-691-8075) or through the contact form at http://www.riceconsulting.com/home/index.php/component/com_formmaker/Itemid,453/id,1/view,formmaker/.

I hope to see you in the course!

Randy