Software agility scaling depends upon appropriate Use Cases indeed.

No doubt! Use Cases help with all the different areas of the application which converse the requirement precisely, in slice by slice. Actually, application's architecture, planning, developing, testing and user experience all of these areas are glued with the accurate Use Cases. It's just scaling the software agility to a great extent. Hence, we should be very careful to create each of the Use Case properly. 

Use Case should be:

• kinda storytelling in effectively and spontaneously.
• kept as simple and precise telling about a particular goal details. 
• depicted the big picture to understand stories perfectly.   
• focused on value of the stories.
• adapted to meet the team’s needs.
• sliced the proposed stories by addressing each aspect of the feature, kinda task break down.
• assisted to sequentially stories coverage in top down/ bottom up approach. 
• assisted to discover hidden requirements.
• assisted to prioritize the requirements.

At the same time, above Use Case scopes entail to us to be more cautious to focus on Use Case realization which will guide the application's elements, such as components, programs, stored procedures, configuration files and data-base tables, collaborate together to perform a use case.

However, sum-up is: Use Case which mitigates the client's every piece of expectation in respect of successful every achievement. 

Become Blazemeter fan as long as it has free offer and 100% JMeter compatibility.

Barely, we have launched our applications without load testing. Load testing for an application is one of the most important key part to measure its performance. However, there are so many important factors those should be considered for every successful load testing outcomes. To find out  the bottleneck is and what is causing it, we have to aware of followings:

• Load testing environment,
• Select compatible tool to generate load testing,
• Tool's configuration properly,
• Hardware response
• Software response
• Blackboard configuration
• Network response,
• Server capacity,
• Proper scenario...

Have to focus on following application parameters, specially:

• Number of connections,
• Response time,
• Transaction times
• Assertions
• Throughput...

I have tried to perform load testing with the following tools - JMeter, Grinder, Microsoft Application Center Test (ACT), Load testing applications of Visual Studio, Agileload, LoadRunner and so on. BTW, recently, I am very much fan of Blazemeter as long as it's been free. As it's 100% JMeter compatible so I can reuse my scripts to perform load testing in Blazemeter (the load testing Cloud).

During  in time constraints, even we may generate JMeter scripts swiftly by using Blazemeter Chrome Extension. (https://chrome.google.com/webstore/detail/blazemeter-the-load-testi/mbopgmdnpcbohhpnfglgohlbhfongabi). Really, its simplify Load testing in a great extent!

Some Tools: http://community.blazemeter.com/knowledgebase/topics/11667-developer-tools

Basic security testing is must for quality product

Certainly! all types of applications, mobile apps and web-based systems are secure requires more than just good design and rocket science development. For security problems, we need to refer vulnerability scan, pen testing or penetration testing which is the act of reconnaissance and analysing a system to find out all possible holes. Security testing should be considered as an ongoing activity for all projects.

We have to impede following basic holes:

• Inappropriate validation of input and output data.
• Injection flaws (data theft).
• Flaw with authentication.
• Data poisoning.
• Poor Error handling.
• Allow to execute malicious script(s).
• Buffer overflow error.
• Cross site scripting (XSS) attack.
• Brute force cracking.

For more details go to OWASP: https://www.owasp.org/index.php/Top_10_2013-Top_10
[Study OWASP is must read for security tester]

Some basic tips on pen testing:

• Have to collect as much information as possible about the system.
• Have to clear concept about the application infrastructure. 
• Have to figure out crucial weak spots. 
• Have to make sure the data protection in transit
• Have to try the weaknesses in input validation, 
• Have to looking for authentication and information leakage.
• Have to check the cookies and session management.

Vulnerability Scanning Tools: https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools

Note: When you looking for vulnerabilities, manual exploratory testing is always a good choice.