Friday, 30 November 2012

Top 10 Signs You’re Not Ready To Be A Security Tester

Top 10 Signs You're Not Ready To Be A Security Tester


Becoming a security tester can be tough. It requires deep training and expertise in system architecture, computer engineering, network theory, and human psychology. Learning these skills can take considerable time, and it may take years for a tester to truly become a security master.

If you are learning to be a security testers, here are 10 signs you're not quite ready for the job:

10. Your password appears on this list.

9. Your concept of social engineering is to throw a really great party and then figure out how each person can have the best possible time.

8. You think 56 bit DES ought to be good enough for anyone.

7. You can't remember if your doctor gave you a SQL injection with your last set of vaccinations.

6. You think Van Eck phreaking is the title of Armin Van Buuren's latest album.

5. You start looking for a mop when you hear someone mention a buffer overflow.

4. You think phishing means getting stoned and going to a concert by that band from Vermont.

3. When you hear OWASP, you reach for a can of bug spray.

2. You think that cross-site scripting is a fancy form of calligraphy.

1. You worry that if the private key doesn't open up a little more, it will never be accepted by its friends and public_key will always be the popular one.

Mobile Testing

Today's Mobile Applications deliver complex functionality on platforms having limited resources for computing. The Mobile environment comprises of plethora of devices with diverse hardware & software configurations. This diversity in Mobile computing environment presents unique challenges in quality assurance thus requiring unique testing strategies.

Challenges in Mobile Testing:

The challenges in Mobile testing arise from the diversity of device environment, hardware & networking considerations and methodologies of application development. The prime challenges are:

  • Device Environment – There are almost 100 types of devices available in market with more than 40 Mobile browsers running on several operating systems. Rendering images, positioning of elements on screen, application runtime etc are just few of the areas one need to test across devices.
  • Hardware & Network – Limitations in processing speed, Memory size of mobile devices, protocols used to communicate with outer world, network latency, gateways etc are the major challenges from a hardware & network perspective for Mobile testing.
  • Scripts – This challenge arises from the choice of manual or automation testing scripts. Because of several different user interfaces working on several devices the script has to be build accordingly.

Critical Factors:

The critical factors that determine the success of any Mobile Testing project are:

  • Mobile Environment testing
  • Application complexity testing
  • Use of emulators & actual devices
  • Use of test automation

Mobile Testing Features:

The major features of Mobile Testing are:

  • Functional Testing – Under functional testing the tests which are performed are Installation testing, System testing, Mobile Web content testing & Usability Testing. Security Testing is also done for Input Validation Checks & Authentication Checks.
  • Performance Testing – Under performance testing the focus is on Test application responsiveness to user events, measure server response time in case of API calls, simulate multiple use request to perform load test & bandwidth choking to simulate mobile network speed.
  • Usability & Compatibility Testing – This testing is done to understand how people interact with the platform, observe how the mass market use, avg. time taken for a use case, ease of use and recall, compliance against mobile usability standards, mobile browser compatibility test & multi-device compatibility check for OS, resolution, device level features etc
  • Network Testing – In network testing, we test the application using multiple carriers, on different modes of connectivity, perform memory profiling, battery usage test for high data volume apps etc

Test Automation tools:

For building automation test scripts various tools are available in market (Open source as well as Commercial). Below is a sample list of the tools available:

Unit Testing System Testing (Open source) System Testing (Commercial)
jUnitRobotium M-euxTest
RoboelectricSelenium DeviceAnywhere
jMockMonkeyRunner Perfecto Mobile

Advantages of Agile Methodology

Agile as the name refers implies something to do very quickly. Hence Agile Testing refers to validate the client requirements as soon as possible and make it customer friendly. Agile development methodology is a conceptual framework for undertaking any software engineering projects. There are a number of agile software development methods but the most popular agile methods are Extreme Programming (XP) and Scrum.

In general agile methods attempt to minimize risk and maximize productivity by developing software in short iterations and deemphasizing work on interim work artifacts and it is people oriented. Here are some of the key characteristics of the agile methodology:

  • Deliver frequently.
  • More iteration.
  • Less defects.
  • Test frequently.
  • Collaborative approach.
  • Maximum ROI.

Top reasons for adopting Agile Methodology:

  • Iterative and incremental delivery: Project delivery is divided into small functional releases or increments to manage risk and to get early feedback from customers and end users. These small releases are delivered on a schedule using iterations that typically last between one and four weeks each.
  • Collaboration: All core project team members including an on-site customer are co-located in a shared, open area to facilitate face-to-communication and conduct interactions.
  • Continuous Improvement: Practices that enable delivery process inspection and adaptation are integrated into agile methods. Project Reflections are meetings conducted while the project is underway to facilitate regular reflection on its successes and failures, and any of the tools and techniques applied.

ETL Testing / Data Warehouse Testing – Tips, Techniques, Process and Challenges


 ETL testing (Extract, Transform, and Load). This article will present you with a complete idea about ETL testing and what we do to test ETL process.

It has been observed that Independent Verification and Validation is gaining huge market potential and many companies are now seeing this as prospective business gain. Customers have been offered different range of products in terms of service offerings, distributed in many areas based on technology, process and solutions. ETL or data warehouse is one of the offerings which are developing rapidly and successfully.

ETL testing

Why do organizations need Data Warehouse?
Organizations with organized IT practices are looking forward to create a next level of technology transformation. They are now trying to make themselves much more operational with easy-to-interoperate data. Having said that data is most important part of any organization, it may be everyday data or historical data. Data is backbone of any report and reports are the baseline on which all the vital management decisions are taken.

Most of the companies are taking a step forward for constructing their data warehouse to store and monitor real time data as well as historical data. Crafting an efficient data warehouse is not an easy job. Many organizations have distributed departments with different applications running on distributed technology. ETL tool is employed in order to make a flawless integration between different data sources from different departments. ETL tool will work as an integrator, extracting data from different sources; transforming it in preferred format based on the business transformation rules and loading it in cohesive DB known are Data Warehouse.

Well planned, well defined and effective testing scope guarantees smooth conversion of the project to the production. A business gains the real buoyancy once the ETL processes are verified and validated by independent group of experts to make sure that data warehouse is concrete and robust.

ETL or Data warehouse testing is categorized into four different engagements irrespective of technology or ETL tools used:

  • New Data Warehouse Testing – New DW is built and verified from scratch. Data input is taken from customer requirements and different data sources and new data warehouse is build and verified with the help of ETL tools.
  • Migration Testing – In this type of project customer will have an existing DW and ETL performing the job but they are looking to bag new tool in order to improve efficiency.
  • Change Request – In this type of project new data is added from different sources to an existing DW. Also, there might be a condition where customer needs to change their existing business rule or they might integrate the new rule.
  • Report Testing – Report are the end result of any Data Warehouse and the basic propose for which DW is build. Report must be tested by validating layout, data in the report and calculation.

ETL Testing Techniques:

1) Verify that data is transformed correctly according to various business requirements and rules.
2) Make sure that all projected data is loaded into the data warehouse without any data loss and truncation.
3) Make sure that ETL application appropriately rejects, replaces with default values and reports invalid data.
4) Make sure that data is loaded in data warehouse within prescribed and expected time frames to confirm improved performance and scalability.

Apart from these 4 main ETL testing methods other testing methods like integration testing and user acceptance testing is also carried out to make sure everything is smooth and reliable.

ETL Testing Process:

Similar to any other testing that lies under Independent Verification and Validation, ETL also go through the same phase.

  • Business and requirement understanding
  • Validating
  • Test Estimation
  • Test planning based on the inputs from test estimation and business requirement
  • Designing test cases and test scenarios from all the available inputs
  • Once all the test cases are ready and are approved, testing team proceed to perform pre-execution check and test data preparation for testing
  • Lastly execution is performed till exit criteria are met
  • Upon successful completion summary report is prepared and closure process is done.

It is necessary to define test strategy which should be mutually accepted by stakeholders before starting actual testing. A well defined test strategy will make sure that correct approach has been followed meeting the testing aspiration. ETL testing might require writing SQL statements extensively by testing team or may be tailoring the SQL provided by development team. In any case testing team must be aware of the results they are trying to get using those SQL statements.

Difference between Database and Data Warehouse Testing
There is a popular misunderstanding that database testing and data warehouse is similar while the fact is that both hold different direction in testing.

  •  Database testing is done using smaller scale of data normally with OLTP (Online transaction processing) type of databases while data warehouse testing is done with large volume with data involving OLAP (online analytical processing) databases.
  •  In database testing normally data is consistently injected from uniform sources while in data warehouse testing most of the data comes from different kind of data sources which are sequentially inconsistent.
  • We generally perform only CRUD (Create, read, update and delete) operation in database testing while in data warehouse testing we use read-only (Select) operation.
  • Normalized databases are used in DB testing while demoralized DB is used in data warehouse testing.

There are number of universal verifications that have to be carried out for any kind of data warehouse testing. Below is the list of objects that are treated as essential for validation in ETL testing:
- Verify that data transformation from source to destination works as expected
- Verify that expected data is added in target system
- Verify that all DB fields and field data is loaded without any truncation
- Verify data checksum for record count match
- Verify that for rejected data proper error logs are generated with all details
- Verify NULL value fields
- Verify that duplicate data is not loaded
- Verify data integrity

ETL Testing Challenges:

ETL testing is quite different from conventional testing. There are many challenges we faced while performing data warehouse testing. Here is the list of few ETL testing challenges I experienced on my project:
- Incompatible and duplicate data.
- Loss of data during ETL process.
- Unavailability of inclusive test bed.
- Testers have no privileges to execute ETL jobs by their own.
- Volume and complexity of data is very huge.
- Fault in business process and procedures.
- Trouble acquiring and building test data.
- Missing business flow information.

Data is important for businesses to make the critical business decisions. ETL testing plays a significant role validating and ensuring that the business information is exact, consistent and reliable. Also, it minimizes hazard of data loss in production.

Tags:

etl testing

etl testing tutorial

etl testing interview questions

etl testing concepts

etl testing process

etl testing approach

etl testing methodology

etl testing tools

etl testing jobs

ew questions and answers pdf

sql interview questions

etl testing concepts

etl testing tutorial

etl testing process

etl testing tools

etl testing concepts pdf

etl testing pdf

etl testing concepts pdf

etl testing concepts ppt

etl testing interview questions

etl testing tutorial

what is etl testing

etl testing basics

etl testing process

etl testing tools

data warehousing testing

data warehousing testing pdf

data warehousing testing interview questions

data warehousing testing jobs

data warehousing testing interview questions and answers

data warehousing testing ppt

data warehousing testing training

data warehousing testing life cycle

data warehousing testing questions

data warehousing interview questions and answers

data warehousing architect interview questions

data warehouse testing interview questions pdf

data warehousing concepts interview questions

advanced data warehouse interview questions

oracle data warehouse interview questions

data warehouse architect interview questions

dwh concepts interview questions

data warehousing interview questions and answers pdf

data warehouse testing interview questions and answers

data warehousing testing interview questions

advanced data warehouse interview questions

data warehousing concepts interview questions answers

dwh interview questions

dw interview questions

data warehouse faq answers


How to Deliver High Value Software Features using Agile Scrum Process

What is agile scrum (sprint) process?

Scrum is a software development process. In today's rapid world stakeholders want immediate return on their investments. They don't want to wait for longer periods to get full featured product. As a result, nowadays new software development and testing framework is catching momentum i.e. Scrum approach.

In scrum, projects are divided in small features to be developed and tested in specific time-frames called as sprint (small cycles). Features should get developed and tested in specified small time-frames.  This agile scrum team is handled by scrum master.

Scrum is an iterative, incremental framework for projects and products or application development. Scrum has become more and more popular software development and testing framework among organizations. Many small to large sized IT companies have started to embrace Scrum framework, as this can create excellent quality products in less time than other traditional methodologies. This framework can save companies both time and money.

  Source: ScrumAlliance

Soft Skills for a Scrum Team:

What Soft Skills are required to be a Successful Scrum Team?

When we start our regular (Agile) sprints (Cycles of work), we usually find some of the challenges with our team members. These challenges are not part of technical difficulties.  It usually occurs with team member's mindset or their soft skills.  Many successful Scrum projects taught us that the success of scrum depends on how team members support whole heartedly towards the Sprint.

Let us discuss some of the pre-requisite soft skills for a Scrum Team.

Team Spirit

Cross functional Team work is at the heart of Scrum.  There is no "my work", "I have finished my work" and "your work". On a Scrum team we find only "Our work", "we have completed our Sprint".  Individuals will have helping tendency for sharing technical knowledge. Scrum Members are always available to team members rather than locked away behind closed doors.  Scrum Master will always motivate the teams and create a Supporting learning environment. Team will always be sprint-oriented and often discuss smooth run of the sprint. A scrum team's job is to self-organize around the challenges and management's job is to remove impediments to self-organization.

Communication

Good communication must exist among team members of development team, testing team, business analysts and stake holders. There must be highly collaborative interaction between client and the delivery teams. More client involvement implies more suggestions or changes from the client.  It implies more bandwidth for communication.

Commitment

Agile Teams needs periodic re-energizing to renew their commitments to their purpose and to each other.  Scrum Masters can help by ensuring that the team embraces the concept of whole-team responsibility and whole-team commitment to deliver working software at the end of each sprint. With the whole-team commitment, the team member who has completed his tasks will help the one who has not completed so that hopefully each finishes on time.

Problem Solving

Scrum does not simply focus on developing just any type of end product.  Instead, the Scrum method allows the team to focus on creating a product that fulfils the customer's highest value priorities which are defined by product owners.

Transparency

Transparency among team members and management gives a real momentum to the scrum team. Scrum Master encourages people to ask for help, surface roadblocks, and give public recognition for those brave enough to do so. At the same time, Scrum Master also understands the time wasted and impact on the team when individuals sit on or ignore problems.

Scrum Result

If scrum team follows some of above said soft skills, team velocity will increase significantly.  In turn, customers will appreciate the results or updates – and also can react quickly to any potential problems. Team can deliver high value software features in a short time period keeps everyone on top of changing business conditions.


Tips to be More Innovative in the Age of Agile Testing

What is Agile Testing?
"Agile testing involves testing from the customer perspective as early as possible, testing early and often as code becomes available and stable enough from module/unit level testing." – A wikipedia definition.

The Challenges in Agile Testing

Agile Testers face lot of challenges when they are working with Agile development team. A tester should be able to apply Root-Cause Analysis when finding severe bugs so that they unlikely to reoccur. While Agile has different flavors, Scrum is one process for implementing Agile. Some of the challenging scrum rules to be followed by every individual are

  •  Obtain Number of Hours Commitment Up Front
  •  Gather Requirements / Estimates Up Front
  •  Entering the actual hours and estimated hours daily.
  •  Daily Builds
  •  Keep the Daily Scrum meetings short
  •  Code Inspections are Paramount

So, in order to meet the above challenges, an agile tester needs to be innovative with the tools that they have. A great idea happens when what you have (tangible and intangible) meets the world's deepest hunger

How Testers Can be More Innovative in the Age of Agile Testing?

Here are Important Keys to Innovation:

1. Creative

A good Agile Tester needs to be extremely creative when trying to cope up with speed of development/release.  For a tester, being creative is more important than being critical.

2. Talented

He must be highly talented and strives for more learning and innovating new ideas. Talented Testers are never satisfied with what they have achieved and always strives to find unimaginable bugs of high value and priority.

3. Fearless

An Agile Tester should not be afraid to look at a developer's code and if need be, hopefully in extreme cases, go in and correct it.

4. Visionary

He must have a comprehensive vision, which includes client's expectations and delivery of the good product.

5. Empowered

He must be empowered to work in Pairs.  He will be involving in Pair Programming to bring shorter scripts, better designs and finding more bugs.

6. Passionate

Passionate Testers always have something unique to contribute that may be in terms of their innovative ideas, the way they carry day-to-day work, their outputs and improve things around them tirelessly.

7. Multiple Disciplines

Agile Tester must have multiple skills like, Manual, Functional, Performance testing skills and soft skills like Leadership skills, Communication skills, EI, etc. so that agile testing will become a cake walk.

Tags:

agile testing life cycle

agile testing methodology

agile testing ppt

agile methodology

agile testing process

agile model

agile testing scrum

scrum

agile testing

agile testing life cycle

agile testing scrum

agile testing process activities

agile testing process ppt

agile testing interview questions

software testing process agile development

agile testing process wikipedia

agile testing process examples

agile testing scrum ppt

what is agile testing scrum and sprint

testing agile scrum methodology

agile scrum testing methodology

what is scrum process in testing

agile test plan

what is agile methodology

scrum test plan

janet gregory agile test plan template

agile test plan template

quality assurance agile test plan

agile test plan forums

agile test plan quality methodologies

kind agile test plan

agile test plan sample

test plan in agile methodology

agile scrum testing process

agile testing process diagram

agile testing process ppt

agile software testing process

agile testing challenges

agile testing basics

agile regression testing

what is agile testing in software testing

agile testing process ppt

testing challenges in software testing

testing in agile environment

what is agile testing in software testing

regression testing in agile

define agile testing

agile testing benefits

role of tester in agile

gile test strategy

agile testing methodology wiki

testing agile scrum methodology

agile testing methodology tutorial

agile testing methodology diagram

performance testing agile methodology

agile methodology in software testing

agile model in testing

what is agile testing

what is agile testing explain with example

agile testing process

agile testing methodology

what is agile testing model

what is agile methodology

what is agile testing in software testing

what is agile testing with example

what is agile testing wikipedia



Test Driven Development – Some practical tips

Test Driven Development – Some practical tips

In an earlier post, I had touched upon TDD very briefly, and promised some practical tips on implementing TDD in a future post. Here they are…

Having managed teams implementing TDD, I have learnt the hard way, that implementing TDD is not a cakewalk; the glamour and hype attached to it notwithstanding. So if you are contemplating on implementing TDD, try the following practical tips:

1) There will be starting-trouble, since this calls for a complete paradigm shift in the minds of the developers. Many of us have grown up hearing and practicing this: Write code, then test. TDD turns that completely topsy-turvy. It says, write a test case (it will obviously fail since it is checking for code which is still not there). Then write code which will just satisfy the test case and make it run (note that the code should do nothing more than barely making the test case run). Then write the next test case, and make it pass by writing the corresponding code. This concept requires some unlearning, so be prepared to add sufficient buffer in your deliverables for implementing this, and don't crucify your developers for taking some extra time in the beginning of your TDD roll-out. This extra time will decrease once they are comfortable with this approach – at that point, they'll reach a desirable mindset where they'll find it difficult to write code without writing test cases, but till then, patience….

2) Better to involve those experienced folks who know Unit Testing (eg. NUnit, JUnit). They would have written test cases after the code was written, and would definitely have faced issues where they've had to refactor the code in order to increase the code coverage from the unit test cases written. This is a constant pain, and TDD removes this by having tests initially, so code-coverage is not an issue (in case you are wondering, 'code-coverage' gives a measure of how much of the codebase is covered/tested by the unit-test-cases-suite).

3) Start with a very small but determined pilot team. Starting with a big team is not really manageable, because of immediate delivery pressures.

4) It is very easy for them to slip back into the traditional way of coding, if there is a schedule pressure, so watch closely for that.

5) Go for a code coverage of about 70-80%more than that could become an overkill in the initial stages… looks like the Pareto rule is kind-of applicable here too — you can achieve 80% of code coverage with 20% of effort, but the remaining 20% will take about 80% of the effort. Do I have an array of statistics to prove this? NopeJust a few metrics collected and analyzed from the projects I've worked on, and a gut feeling which has evolved over time. I have seen the enthusiasm die down because of the amount of additional effort needed to cover that last stretch It will take significant effort from you to rekindle the enthusiasm. So better to aim for about 70-80 % initially, and it has a better chance of working.

6) Its ok to have less unit tests for UI, since UI needs to get covered more by the Functionality/Usability testing. Focus on using TDD more for the sub-strata (layers below the UI).

7) In the middle layer(s), there would be integration points, so be sure not to ignore them, especially if they are part of the critical functionality/logic. Now the question is, we are doing Unit Testing (or in other words, we are notdoing Integration testing), so how do we cater to the integration points, since there would be some chatting between modules/classes. The solution is to use stubs. That is, create stubs which will be called (instead of the actual foreign class/module) by the unit, and return various values, and so the behavior of the unit can be tested based on the different values returned by the stub. Now the point is, writing stubs can be cumbersome. So for that, you could use some third-party API. For eg, there's a very good API for this very purpose, called TypeMock.

What is outlined above is but some of the pitfalls that you need to watch out for, in your journey towards TDD. Happy Test Driving !

Tags:

test driven testing

test driven testing methodology

data driven tests

keyword driven tests

driven dressage tests

test driven development unit testing

test complete data driven testing

test driven development agile

advantages of test driven development

test driven development methodology

test plan driven method

test driven development process

test driven development pdf

test first development methodology

test driven refactoring

advantages of test driven development

test driven development cycle

test driven development testing technique

test driven development unit testing

test driven development private methods




Enterprise Resource Planning (ERP) – The Basics

Enterprise Resource Planning (ERP) – The Basics

Enterprise Resource Planning (ERP) is a business management software that uses a system of integrated applications to run & manage the various businesses of an organization effectively & efficiently. Its a suite of integrated modules built for various functionalities of the organization like Manufacturing, CRM, Supply Chain/Procurement, Finance/Accounting, Human Capital Management, Services etc. All these business functions runs smoothly using the various modules provided by the ERP solution.

Some of the major advantages of using an ERP solution are:

  • Achieve end-to-end view across all business lines
  • Improve performance with upto date information on financial & operational activities
  • Extend global business process using Application integration architecture
  • Reduce back office costs
  • Efficient material management planning
  • Aligning sales channels with corporate objectives
  • Build customer focused applications strategy
  • Manage global processes in localized way
  • BI reports & analytics for better decision making

There are various providers of ERP solution in market with each of them having their pros & cons. An organization should evaluate very carefully the features of every ERP solution against their business needs and technical capabilities. One can start by implementing couple of most important modules like CRM, Manufacturing etc and then go full fledged into it.

You can chose from the below listed major ERP applications which are available in market today:

  • SAP Business All-in-one
  • Oracle EBS
  • Microsoft Dynamics AX
  • Infor10 ERP Enterprise
  • Epicor ERP
  • Sage ERP X3
  • Lawson M3 ERP Enterprise
  • Oracle JDEdwards Enterprise One