UNTIL 30.04.2025
Agenda
To be announced soon!
- Day 1
- Day 2
Are you still using Selenium for your web testing needs? It may be time to explore better
options! This talk will dive into test automation tools, comparing Selenium with alternatives
like Playwright and Cypress to see which suits you best.
First, we’ll break down Selenium’s features, like its ability to work with multiple browsers,
cross-platform support, a robust ecosystem, and various programming language options. We
will recognize its downsides: learning it can be challenging, you’ll need to wait around for
things to load, and handling tricky webpage elements can be a headache. We’ll also discuss
when there are better options than Selenium.
We’ll also compare Selenium with Playwright and Cypress. These tools have strengths and
downsides that could suit your needs better than Selenium. Throughout the talk, we will
provide practical examples to showcase alternative tools and approaches that complement or
replace Selenium, depending on specific testing requirements. This will empower you to
evaluate Selenium for their projects and consider alternative solutions to make your testing
life more effortless.
By the end of the session, you will have a solid foundation for choosing the proper
framework that will enable you to optimize web testing efforts and deliver more value to
your team through test automation. Join us to explore the diverse world of web testing
frameworks and unlock the full potential of web testing.
Takeaways:
1. Discover what makes Selenium great and where it falls short, like its ability to handle
different browsers but needing help with tricky webpage elements.
2. Explore alternative tools like Playwright and Cypress to determine if they better fit your
testing tasks.
3. Gain insights to make informed decisions about your testing toolkit, helping you streamline
your testing process and achieve better outcomes.
In today’s interconnected digital world, the security of software supply chains has never been more critical. This session delves into the dark corners of software package ecosystems, using npm and NuGet as examples. We’ll explore real-world incidents of supply chain attacks, illustrating how attackers have successfully infiltrated various platforms to distribute malicious packages.
Key topics include:
1. Types of Supply Chain Attacks: Understanding the various attack vectors such as dependency confusion, typosquatting, and malicious package insertion.
2. Case Studies: Mention of recent attacks on npm and NuGet, providing a broad idea of how some of these attacks were carried out.
3. Attack Mechanisms: Step-by-step breakdown of how attackers create and distribute seemingly harmless packages with malicious payloads, open pull requests to popular repositories, and ultimately exploit these to harvest sensitive data.
4. Mitigation Strategies: Best practices for developers and organizations to protect their projects, including dependency management, using private package repositories, and educating developers on the risks and detection of supply chain attacks.
Join me to learn how to safeguard your projects against these insidious threats and ensure the integrity of your software supply chain.
Have you ever been curious about what it is – to be a team lead?
Perhaps you’re aspiring to become a team lead, or you’re already in that role and striving to optimize your daily operations. Despite employing time management strategies and delegation, you are not seeing the positive impact you anticipated by being a team lead? Are you concerned as your colleagues’ technical skills advance while your own development seems to have plateaued?
I’ll provide tips and tricks that can make a tangible difference. Exploring cases from my experience as a team lead and fellow managers, you will understand if this role is for you and how to overcome most typical obstacles that you may have at the beginning of your journey.
What if the human definition of intelligence is wrong? If we don’t know what intelligence is, how we can develop and trust artificial intelligence? During the talk, I will go through specific decisions that might be classified as smart and intelligent, but in the end they are not. Real-world examples of testing and development choices that shouldn’t happen.
As a people, we think that any action is intelligent only if we will do the same action. Example: AI is intelligent because it can answer millions of questions and the answers sound meaningful for us.
Example 2: Monkeys are intelligent animals because some of them use tools, like humans do. But birds and fishes are not intelligent because we don’t understand their actions.
The same situation happens when teams (qa and dev) choose tools/technologies/processes.
Teams/Companies are mainly making their choices based on trends and what they see in other companies. But some of the tools/processes might not work for them. For example, using Playwright only because Microsoft does might not work for your team.
How blockchain technology is becoming integrated into everyday applications, such as digital identity verification, voting systems, and decentralized finance (DeFi).
Abstract:
Blockchain technology is quickly becoming a part of our lives with its decentralized, transparent and secure features making it invaluable, in various industries. This presentation delves into how blockchain’s being incorporated into applications particularly focusing on digital identity verification, voting systems and decentralized finance (DeFi).
Digital identity verification utilizes blockchain to offer identities that are decentralized tackling issues like security breaches and identity theft. The e Residency program in Estonia serves as an example by providing a blockchain based identity that is both secure and easily verifiable.
In the realm of voting blockchain technology holds the promise of enhancing transparency and security in processes. By ensuring that votes cannot be altered or manipulated and are easily verifiable blockchain based voting systems can help build trust in practices. Examples like Voatz in the US and various global trials of voting underscore the potential for this technology to revolutionize our voting methods.
Decentralized Finance (DeFi) stands out as another application of technology offering financial services through decentralized networks without traditional middlemen. DeFi platforms facilitate activities such as lending, borrowing and trading cryptocurrencies while democratizing access to services and boosting efficiency. Leading DeFi projects such, as Uniswap, Compound and Aave demonstrate how blockchain is reshaping the sector.
The talk explores the gap between theoretical and practical accessibility through the humorous yet enlightening perspective of a new guide dog owner. The speaker delves into the early, often bumpy stages of adjusting to a guide dog, where a lack of familiarity can lead to unexpected encounters with walls and obstacles, highlighting the learning curve and patience required. Drawing parallels to the tech world, the talk emphasizes that simply implementing accessibility features doesn’t guarantee seamless usability. Like a guide dog partnership, accessible technology requires adaptation, testing, and iteration to truly support users in real-world contexts. The speaker urges a rethink of accessibility in design and development, advocating for continuous feedback and flexibility so that, just as in the case of a guide dog and handler, technology can evolve to meet users’ real needs.
Real data and the future of AI-assisted coding
GitHub Copilot’s impact on code quality
Does GitHub Copilot’s performance meet expectations
How to integrate AI-assisted coding into your workflow
Ethical considerations and grey areas in AI-powered coding
How far does the AI evolution go
In the 21st Century the Cyber Universe is threatened by Evil Source Code and Evil entities. The only hope for many developers is the Fifth Element : the Sec in Devops, which must be implemented side by side with the Four elementals : Code, Build, Test , Deploy. A Microsoft Service is bringing the Four Elements but can the Fifth be included, and will it save us from disaster?
Learn about secure development practices, hardening developer ecosystems , secure coding, and much much more !
Turning Complexity Into Modularity
Every software engineer and architect wants to design modular software systems and to avoid complexity. Yet, frequently, we end up with the opposite: what promised to be an elegant, well-thought architecture results in another big ball of mud. Why does this sad story keep repeating? In this talk, I will delve into the nature of modularity and complexity, highlighting their surprising similarities. You will learn what forces push software architecture towards complexity, and which strategies result in the desired modularity. Ultimately, you will learn to harness these forces to design systems that withstand changes and the test of time.
In today’s agile software development processes, effective testing is crucial. It must be an integral part of writing code to ensure the resulting product functions as specified. In this session, we will define what constitutes good unit and integration tests and share common bad practices in unit testing that we have encountered over time.
We’ll explore real-world examples of poor testing patterns, their negative impacts, and how to rework them into more effective practices.
By the end, you’ll have a structured approach to writing better tests!
Key Takeaways:
– Characteristics of Effective Tests
– Common Pitfalls in Testing
– Efficient Test Creation
Risk Assessment: Understanding the capabilities of identifying and evaluating security risks via AI and what risks AI presents
What is SSDLC: An introduction to the Secure Software Development Life Cycle and its significance.
Modern SSDLC Methodologies: Exploring the latest trends and methodologies leveraging AI
How to Implement a SSDLC: Practical steps and strategies for integrating a Secure Software Development Life Cycle in your processes.
Threat Modeling & AI-Assisted Threat Modeling: Leveraging AI to identify and mitigate potential threats during the development phase.
Secure Coding Today: Best practices for writing secure code in an AI-influenced environment.
Modern Runtime Security with AI: Utilizing AI to enhance runtime application security and protect from emerging threats.
We’ll explore the fundamentals of Retrieval Augmented Generation (RAG), which combines retrieval and generative models for enhanced AI capabilities. We’ll look at the practical applications of RAG such as implementing a simple customer support chatbot. Additionally, we’ll explore vector databases, understanding their role in storing and retrieving information efficiently, while highlighting best practices and advanced techniques for maximizing RAG’s potential.
During the talk you will learn what is web accessibility and why is so important for everyone. You will hear about different good and bad practices, learn about the approach of adding Accessibility on already built component based site, along with high-level techniques and tools.
Accessibility understanding – people with disabilities and their way to shop online and why e-commerce sector receive more lawsuit for inaccessible sites
Buying power for people with disabilities
What are the accessibility principles from e-commerce point of view?
Examples of inaccessible components, that can make the online shopping a nightmare for disable people – Videos(реклами), Colors – contrast,Zoom 400%, Navigation, Inaccessible forms, Pop ups (that cannot be closed)
What should the approach of adding accessibility to an already built component based site?
DEV point of view:
High-level techniques – Skip to main content, aria (html guidance), linter
Tools – NVDA, Voice Over, AXE automation testing, Contrast ratio checker, Paid AXE
Who will benefit from it: companies and clients
– revenue increase
– social sustainability
– better SEO ranking for site with accessibility
Why should we pick this talk:
– positive social impact
– inforce increaesment near future
– from 2025 the European accessibility act will be applicable through the web
In this session we will get a glimpse on how to instill growth mindset in teams and organizations. And pave the way to higher employee engagement, innovation and performance.
Without a shadow of a doubt machine text generation has become a work of art in the past years. Articles, posts, reviews and other are flooding the internet space. An important question that people have to answer is how to detect if a piece of text is written by a human or a large language model. In this talk I am presenting the challenges of this task by describing how some solutions work under the hood and whether sufficient results can be achieved without training a specific model for the problem. In addition, there is going to be a demonstration that shows the performance with several paragraphs.
Web is huge and so is the variety of tools and strategies for testing web applications. Selenium has been around for two decades, but nowadays we have Cypress, Playwright, Puppeteer, WebdriverIO and many more. Let’s also not forget that e2e testing is just the top of the testing pyramid, we have various options to do component testing as well. The web testing world is evolving rapidly and we will talk about its state in 2024.
This a story about journey, fraught with high-stress levels, and accentuated by the varied understanding of cloud culture, differing technical expertise, and diverse professional experience. The absence of established procedures meant reliance on manual deployment in an environment where change was the only constant. Like a caterpillar transforming into a butterfly, the team adapted to leverage cloud services, bringing much-needed speed and agility to respond to the fast-evolving global marketplace, a metamorphosis driven by necessity and survival. The transformation adhered to the industry-standard for software delivery, through the lens of DevOps Research and Assessment (DORA) key performance indicators (KPIs). In choosing tools, compatibility with these strategic ideals was the guiding principle. Clear and honest communication mapped out the shared objectives and the untrodden path.
Now that Ivan Goychev has seen both the private companies and public administration, he wants to share some insights of the differences and similarities(yes, there are such) in how each organization type ensures delivering high quality services. He will present some practical process examples of what works, what to avoid and what can be done better. He will including some counterintuitive advices backed by research to encourage those who might be hesitant to try. The topic is suitable for C-Level executives, managers and individual contributors at all levels.
In the realm of software testing, the challenge persists: how can testers, especially those lacking coding experience, contribute effectively to test automation? The traditional approach of relying solely on developers for automation can lead to inefficiencies, especially concerning team dynamics and continuity. This dilemma is exacerbated when testers depart, leaving behind convoluted codebases and intricate page objects.
Enter the Pattern Object Model (POM), a game-changer in the landscape of test automation. This methodology transcends the limitations of individual coding prowess by providing a structured framework for crafting robust automated tests. Through the implementation of POM, our team witnessed a paradigm shift, empowering testers to deliver automated tests from day one of the projects, irrespective of their coding background.
Moreover, POM significantly alleviates the burden of maintenance, a perennial concern in test automation. By adhering to standardized patterns and practices, we mitigated duplication of logic across page objects, thus facilitating seamless refactoring and reducing maintenance overhead. Our experiences with POM have not only garnered the trust of new clients but also fortified relationships with existing ones, thanks to reduced maintenance cycles and enhanced test reliability.
This presentation delves into the transformative power of POM, offering insights gleaned from practical implementations. Attendees will discover how adopting POM can streamline test automation workflows, enhance team collaboration, and ultimately elevate the quality of software deliverables. For those eager to explore further, code samples and conceptual elucidations are readily accessible on my GitHub repository.
Join us as we unravel the nuances of Effective Test Automation using a Pattern Object Model, and embark on a journey towards more efficient and sustainable testing practices.
Speakers
Tickets
- √ Two tracks onsite
- √ Fun expo zone
- √ Breakfast and Lunch
- √ Unlimited Coffee
- √ Goodie Bag
- √ Raffle with amazing gifs
Partners
ISTA Sponsors Brochure 2025 - Download Here
About
ISTA is not just a conference. Organized since 2011 by IT professionals for IT professionals, ISTA has become a tradition. This is one of the biggest and most prominent tech events in the region.
ISTA is the place to be for anyone who is truly passionate about information technology, development, quality, automation, and innovation. Throughout the years, ISTA has gathered IT professionals and world-renowned speakers who have shared their knowledge and expertise.
The conference is all about collaboration, knowledge sharing, meeting new friends, inspiring and being inspired in a world of constantly evolving technology.
Organized by leading IT companies in Bulgaria – Experian, Infragistics, Musala Soft, SAP & Merkle – ISTA combines the ability of the five organizations to create INNOVATION, to SHARE KNOWLEDGE and to bring together people, who CHANGE THE WORLD.
Join our ISTA world of Discoverers and Innovators!
