Testing for CSRF

Normally I would only post this under my Cybersecurity blog, but as this can be checked during the testing cycle I thought it might work out well in the QA blog. CSRF is a vulnerability in web applications, where an attacker can send a POST to the web app from a different origin (domain). For …

Burp Suite

Portswigger has an amazing and popular tool called Burp Suite. Generally I would write about it over on my Information Security blog, FFE4.org, but today I wanted to talk about it on the Quality Assurance blog. Although it’s a security tool, its purpose is to find holes and bugs in web applications. For that reason …

X100VI Image Quality

Precondition: I’m looking to upgrade my FujiFilm X-T2 camera to something a bit more modern and flexible. I got caught up in the hype on the X100VI and was waiting for production supply to come up, where I’d pull the trigger and buy it…. Then I saw the sample shots taken from other users, and …

Most Important QA Trait

I stepped into my first QA role in 2005 or 2006 while at Warner Bros. Prior to that, I worked as a web developer. Since then I have stayed the path and remained in QA, getting more experience from various positions at Yahoo!, Universal Music Group, eHarmony and Toll Free Forwarding. Over time I’ve been …