Agile Testing

Testing in Agile takes a different mindset. Instead of waiting until development freezes code, we are constantly testing stories, integration of features, and subsystems. Regardless of whether this testing if automated or not (its usually a combination), software testers and SDETs much be fully integrated into the development and delivery process to be effective.

At Coveros, we are all about helping you knock down the walls between your software developers and testers through a combination of Agile practices and pragmatic test automation. Let us help you today!

Test Process Assessment

Coveros will assess your organization’s current processes against our maturity model to determine your current capabilities and competencies, as well as identify areas of improvement. Our maturity model evaluates your organization against a range of criteria including but not limited to: process, strategy, training, defect tracking, tooling, metrics, communication, and reporting. In addition to our assessment, Coveros will work with your organization to develop a roadmap for improving the testing practices within your organization, and help it move from its current state to an optimized one.

Agile Testing and Automation

Coveros will help your organization adopt agile testing principles and practices.  This means that testing is a part of every user story, and a story is not considered to be done until all story-level tests have been written and successfully executed.. These tests include, but are not limited to: unit, functional, and acceptance tests. We will work with your development team to improve the quality of your unit tests, while introducing them to concepts such as test-driven development (TDD), which ensures that every new feature developed begins with writing a test. We will also help non-technical stakeholders participate in specifying how an application should behave functionally by introducing behavior-driven development (BDD) tools.

While some organizations advocate an “automate everything” methodology, Coveros will help your organization find the right balance between manual and automated testing and include this balance as part of your test plan. While we can help organizations at any point along the test automation maturity spectrum, we have a proven process for taking an organization with non-existent or poor automation and starting them on the path to reaching full test automation maturity.  This process begins with our staff setting up frameworks (e.g., JUnit for Java) that will allow automated tests to be written. Coveros has also developed our own open source testing framework called SecureCI Testing Framework which is an excellent tool, and can be a great starting point for building or improving test automation in your organization. Our consultants will then write sample test cases that demonstrate best practices, and which your staff can use as a model for how tests should be automated.  Finally, we will train your staff on how to automate tests so that they can eventually become self-sufficient in developing their own automated tests.

Integrating Testing and DevOps

One of the more difficult challenges facing testers and organizations today is integrating their automated testing solutions into their DevOps solution or pipeline. At Coveros, not only do we have test automation expertise, but each of our consultants is also certified in DevOps. Our deep understanding and experience with DevOps gives our consultants a unique perspective on how and where automated testing fits into an organization’s DevOps pipeline. We will incorporate this information in addition to details about what metrics are used to evaluate the tests and the application (e.g., code coverage) in the test plan.  Along with integrating our tests into the pipeline, our consultants are also able to foresee and avoid common pitfalls that cause automated tests to be unreliable in a DevOps pipeline. Automated testing in your DevOps pipeline is vital to ensure quality software at all stages of development. There are also different tests that should be run at each development stage in your pipeline. As your deployments get closer to production, the depth of testing should increase in order to provide assurance of software quality and customer value.

To further ensure a seamless integration of these processes, Coveros developed and open-sourced our own CI tooled called SecureCI. SecureCI is a continuous integration solution tool which comes pre-packaged with a number of open source tools that help to consolidate the management of your pipeline and provide a central location for all of your resources.

Security Testing

Security is typically an afterthought — it only becomes a concern once there is a security breach and it is already too late to make the application secure.  At Coveros, we include security testing as part of test planning to ensure that security is built into the application as it is developed.  We do this in two ways.  First, we will run static analysis tools like FindSecurityBugs in order to identify code-level vulnerabilities.  This analysis will be performed for every build that is processed by the CI server, and any developer who introduces security vulnerabilities will be required to fix them.  Fixing these easily-identifiable vulnerabilities will allow later testing efforts to focus on revealing more difficult to detect vulnerabilities through dynamic analysis such as fuzz and penetration testing.  These types of testing further improve confidence in a build, but because they are more resource-intensive, they are performed much less frequently — usually once per release.

X