Do you want to get started with performance testing, but think that it is unimportant or that it won’t fit into your process? This 5-minute ignite talk provides an introduction to performance testing and some of the potential negative consequences of releasing a system with poor performance. In it, I provide an overview of six […]
For decades, software security organizations and those that assure security have built processes and procedures around waterfall software development practices. This has often led to security testing being “bolted on” at the end of the process. In addition, many organizations have seen the rise of mindless information security assurance, whereby engineers avoid assessing, understanding, or […]
I frequently talk about best practices when writing test cases in the Mobile Application Testing Course that I teach. I recently ran into an issue on a project and figured it was worth throwing this information out for all to share. Test cases are great; obviously, they’re important to have, whether they’re automated or manual, as […]
Nearly every organization dreads the “S-word,” but security should be something we embrace early instead of avoiding until the last minute. It’s strange that we would delay something that could derail our entire application release to the very end when we know we will have no time to address it. Fear of the unknown and fear of failure are […]
When I attended STARWEST in Anaheim in October 2016, I had the opportunity to sit down for an interview with Jennifer Bonine, VP, Global Delivery and Solutions at tap|QA LLC. In the interview, Jennifer and I discussed how and why companies should be testing with continuous delivery. Jennifer Bonine: Hi, and welcome back to the […]
For a variety of reasons, a lot of companies are moving to an Agile, DevOps Culture, Continuous Integration and Delivery/Deployment (CI/CD) model. These transformations rely on a variety of tools, including open source. A lot of organizations also use open source tools and libraries to develop their applications and in order to ensure security, these […]
I’m currently working on a DevOps project, heavily centered around AWS GovCloud. It’s important to point out I’m working in GovCloud, as opposed to AWS, as this means several key tools are missing. My colleague, Alan Crouch, recently pointed out how NAT Gateways are missing from the offered infrastructure. Another tool we found missing was Route 53, […]
Inevitably on any agile project with a good degree of DevOps maturity, engineers start looking less at the application efficiencies and begin to look at addressing issues with their pipelines and frameworks to deliver faster or more effectively. At Coveros, we call this “DevOps’ing your DevOps.” It is a silly sentence but it speaks to the challenge […]
Welcome to the fourth and final post in my series, DevOps in a Regulated and Embedded Environment. In this part, we’ll look at the problems that pop up when the deploy/test environments aren’t virtualizable. I’m assuming that you’ve already read my earlier post on “Git Flow in a Regulated World”. If you haven’t, the short […]
One of the most important things in software testing is integrating tests with the build tool that your project uses. Developers need to be able to run your tests easily, otherwise, they’re probably not going to run them. Another reason for integrating tests is that it encourages clearly defining your project’s build process. In the case […]
