May 31, 2018 Comments Off on AWS Neptune graph database training now available
Currently in preview mode, Amazon’s new Neptune graph database offering will be a game changer. By democratizing access to graph data, it will spawn innumerable new initiatives.
I’m proud to announce the availability of the WiseClouds’ Amazon Web Services Neptune Graph Database Design & Development course. Available for private delivery (both via live Webinar as well as onsite), these hands-on classes are highly customizable based on client requirements. To learn more and download the syllabus, visit here.
February 28, 2018 Comments Off on DB-Engines.com: A very helpful database technology comparison site
I’ve been working with all sorts of databases for a really long time, and I’ve never seen the industry as dynamic and diverse as it is right now. Unfortunately, if you’re evaluating databases – relational, NoSQL, or otherwise – it can be very difficult to obtain a high-level, vendor-neutral view of your options.
Lately I’ve been spending a fair amount of time on the DB-Engines website in support of some research initiatives that I’m carrying out. DB-Engines provides a wealth of really useful information, including:
- Database rankings
- A compendium of database solutions
- A glossary of key terms
- Side-by-side product comparisons
If you’re interested in learning more about which database technology is best for you and your organization, it’s definitely worth dropping by.
January 30, 2018 Comments Off on Swagger Inspector from SmartBear: a very nice free online tool for testing APIs
SmartBear, makers of ReadyAPI (the most comprehensive and widely adopted Web service and REST API testing platform) have just released an excellent, free tool for carrying out quick and easy interactions with your API.
Swagger Inspector does a superb job of working with APIs (all HTTP methods are available), and it supports parameters, authentication & headers, and message payloads. It even generates OpenAPI documentation. If you’re designing, developing, testing, or simply using an API, you’ll want to check out this exciting new offering.
August 31, 2017 Comments Off on SoapUI training & certification track at SmartBear Connect on September 12
If you’re going to be in the Boston area on September 12, and would like to learn how to deliver high quality APIs by applying robust functional, performance, and security tests, be sure to check out the special training course that will take place during the SmartBear Connect user conference.
This all-day class – which is usually only available for private organizations – will be delivered by SmartBear’s Mike Giller using a significant subset of the training materials WiseClouds presents during private sessions. Mike will discuss:
- The ReadyAPI Platform
- Establishing Connectivity to your APIs
- Developing Functional Tests
- Validating API Responses with Assertions
- Data-Driven Testing & Programmatic Test Control
- Performance Testing & Virtualization
- Best Practices for ReadyAPI
Along with increasing your skill levels, attending this class will prepare you for the optional SoapUI certification exam. And to make things even more interesting, there will be additional tracks and events dedicated to the other major components in SmartBear’s far-reaching product portfolio.
You can learn more here.
April 30, 2017 Comments Off on Software Quality Matters blog: Five API Development & Testing Trends
SmartBear has just published an article that I wrote about five widespread development and testing changes that are dramatically disrupting the ways that APIs are being evaluated prior to being placed into production.
In a nutshell, these trends are:
- Business-driven API design and development.
- Agile methodologies
- Test automation
- API complexity outstripping testing capabilities
- New dangers for siloed testing
If you’d like to check it out, visit the posting here.
October 30, 2016 Comments Off on Why the recent Internet of Things (IoT) attack is just the beginning
A few days ago we witnessed a new type of distributed denial of service (DDoS) incident. Unlike previous botnet attacks that enlisted compromised computers, this one corralled assorted unprotected devices like Internet-ready webcams, DVRs, and baby monitors to flood Domain Name System (DNS) servers, and thereby seriously degrade the Internet for hours. I’ll leave the explanation of the mechanics of this incident to more qualified commentators, but I do want to weigh in on why I think these types of events are very hard to combat and why I’m very skeptical about the hype around the Internet of Things (IoT).
We all (well, many of us) know how important it is to keep our computers and software patched and up-to-date; most people also get why firewalls are essential. But consider these facts about IoT devices:
- They’re being created for just about every industry. This diversity means that it’s much harder for the entire universe of vendors to agree on common security standards: defining safeguards for a heart pump is a little different than for a Web-ready washing machine. I’ve served on my share of standards committees: to say that they move slowly is an understatement!
- They have really short development cycles. IoT is shaping up to be a brutally competitive landscape. The winners will be those vendors that deliver solutions to market quickly. Designing and building strong security safeguards takes time, and time is money. The end result is that device protection takes a back seat to market pressures.
- There’s limited space for security software. Margins are very thin on hardware devices: security-focused onboard storage space adds costs that aren’t directly related to functionality.
- They frequently rely on APIs for communication. I’ve blogged about API security in the past. Suffice it to say that it’s a rare API that’s locked down properly.
- New models are always coming on the market. Here’s the really scary part: even if vendors do start getting their security act together, it will be years before today’s highly insecure devices get retired. Meanwhile, they’ll be standing by for their next set of DDoS orders.