My this article is in response to a linkedin question "What to do when we are out of time, application is not bug free and tomorrow its going for production?"
Here are my thoughts on this:
1. Make a list of all open defects and share across all key stakeholders like Requirement Owner (PO, Business Analyst), Dev Lead, Dev Manager, Test Lead, Test Manager, Delivery Manager (stakeholders may vary.. depends on your project)
2. Schedule a defect triage meeting to prioritize all defects in following categories -
Category A: Issues which must be fixed. Software cant be released without that.
Category B: high-priority Issues that should be included in the solution if it is possible
Category C: Issues which is considered desirable but not necessary
Category D: Defects which will not be fixed (issues which does not generate any value addition to the software)
There are two key testing certification bodies – ISTQB & CSTE. ISTQB is easy and popular among UK testers. But CSTE is well recognized in states. (See the comparison table below)
[[ A Must Read -
Why one should go for ISTQB Software Testing Certifications? and ISTQB and AST – Which one should you go for? ]]
|Sr. No||Area of comparison||ISTQB||CSTE|
|1||Certification provided by||International Software Testing Qualification Board (ISTQB)||Quality Assurance Institute (QAI)|
|2||Prerequisites||None. Anyone can take up this examination||18 months of experience in Software Testing + minimal educational experience (check the website… It gives this very clearly)|
|3||Levels of Certification offered||Certified Tester Foundation Level (CTFL)||Certified Associate in Software Testing (CAST)|
|Certified Tester Advanced Level – Test Analyst (CTAL-TL)||Certified Software Test Engineer (CSTE)|
|Certified Tester Advanced Level – Technical Test Analyst (CTAL-TTL)||Certified Manager of Software Testing: (CMST)|
|Certified Tester Advanced Level – Test Manager (CTAL-TM)|
|4||Certification coverage||Can be considered as a subset of CSTE syllabus.||Superior coverage when compared to ISTQB.. 10 Skill categories are there|
|ISQTB certification has 4 levels , starts from Foundation.||Probably somewhere between 2nd level and 3rd level of ISQTB would match CSTE.|
|5||Examination pattern||ISTQB Foundation: 75 Mins closed book exam consists of approximately 40 multiple choice questions of 1 points each. An exam amounts to 40 points total, pass is 65%(26 points)||CSTE has four sections and total exam duration is 270 min. There are 2 section having 50 objective questions and time limit is 45 min and 2 sections having subjective 6 to 10 questions and time limit as 75 min. With 10 min, break after each paper the total duration.|
|6||Recertification Required for First Level?||No||Yes – every 3 years|
|7||Others||- CSTE costs approximately thrice compared to ISTQB foundation level|
|- ISQTB is totally objective while CSTE examination consists of written and objective|
|- CSTE is preferred in US and Asian countries, while ISTQB/ISEB preferred in UK|
The following are the suggested action points based on which a test case can be derived and executed for unit testing.
· Test case action which acts as input to the AUT
1. Validation rules of data fields do not match with the program/data specification.
2. Valid data fields are rejected.
3. Data fields of invalid class, range and format are accepted.
4. Invalid fields cause abnormal program end.
For those who are doing business in 21st century, automation is the name of the game! Of course, web apps bring flexibility for the businesses to reach out millions of potential customers across the globe, but security issues are increasing threat these days.
According to the recent independent analysis by Acutenix, an industry leader in web application security, 75% of all cyber-attacks are done at web application level. Also, the firm has shown that at least 70% of websites are at immediate risk of being hacked! As more ‘n’ more critical and sensitive data is stored in the web applications and the number of transactions increases, precise security testing of web applications has become crucial.
(Click Image to view larger image)
Security testing is to be carried out in order to ensure that whether a web app is capable enough to prevent the unauthorized users to access the resource and data. In web applications and other client server applications, security testing plays a vital role as it helps you identify the vulnerabilities or weakness of the website or web app on the go.
However, before you get into web app security testing, it is important that you make yourself aware about certain terms used in security testing. Here’re a few common terms that you will be frequently going to use in web application testing for security:
“Vulnerability” - It is nothing but some kind of weakness within the web application. The main reason behind such weakness could be bugs within the application.