appsconsultant.com

appsconsultant.com
  • Home
  • About
      • About us

        Flexibility is the biggest selling point that we have over our larger rivals. We give our clients the freedom needed to thrive in today’s fast-paced business world, organisations say to us that they often see higher quality work from independent consultants like us, this reason is the primary motivator when choosing us over a big firm. This means that we have the same skills and experience as the big firms, with added freedom and flexibility to let us focus and resolve client requirements.

      • Latest news
        Reinforce application security developed on AWS/ Azure - Options

        Most corporations are adopting a DevSecOps approach - by maximising automation and trying to reduce manual intervention as much as possible.

        In continuous delivery environment , most companies dont have the resources and probably not possible to have a team out of project to proceed with security test in a continuous delivery approach.

         

        When looking for a solution , here are the requirements that you should focus on :

         

        Detection of application code vulnerabilities:

        1. Cover the entire application
        2. Be able to set security rules
        3. Ability to perform incremental scans
        4. Acceptable false positive rate
        5. Detection must not impact application performance
        6. anonymization of the name of the applications for the vulnerabilities reported

        Automation of detection:

        1.   Integration with Continuous delivery platforms (example: Concourse, Jenkins)
        2.   Build in case of discovery of vulnerabilities

        Reporting:

        1.   Integrate with bug management tools
        2.   Raising indicators specific to each application in a portal

        Dont build i think its a mistake, the market is moving towards solutions that are SaaS and most of these companies are building a blackbox type of security solution, buy a market solution and integrate it

        here is a starter list:

        1) Veracode https://www.veracode.com/

        2) Checkmarx https://www.checkmarx.com/

        3) IBM AppScan Entreprise https://www.ibm.com/security/solutions

        4) Contrast Security Assess https://www.contrastsecurity.com/interactive-application-security-testing-iast 

         

         

         

         

         

         

         

         

         

         

        Adapt your sprint delivery, don't follow textbooks or best practices

        The question that is asked often by clients:  How often do you release your product to your end users? How often do your end users see and use your product? Do you release in sync with your Sprint length, is it after the Sprint Review? Is the Sprint Review meeting the only valid release point? When do you plan your releases? Always adapt your Scrum and Continuous Delivery to build the right thing, - EVERY COMPANY IS DIFFERENT this takes time at the start to get used to working in this type of environment when implemented properly, release it as planned to ultimately deliver superior value to your customers. Its exactly the same as you ever wondered why your fingers are different sizes?

        In short, our fingers are uneven for various reasons, and all theories suggest the evolution of the hand is tightly related to its functionality , same as sprint delivery every company functions differently.

        Below a step by step approach that you should adapt to your company needs:

         

         

         

         

        Scrum vs Kanban cheat sheet

        A friend of mine Mark sent me this excellent image that depicts the difference between Scrum vs Kanban , the image takes a complex idea that he breaks down to summarize the key deltas about both approaches.

      • What we offer

        Business & Technology Consulting

        We offer clients specialised consulting in areas that we deeply understand. Our services include:

        • - Skills To Envision, Design And Develop Enterprise Apps
        • - Talent For SaaS/PaaS/IaaS In The Cloud
        • - API Architecture
        • - Data Science Talent
        • - ALM deployments – Agile/Devops
        Read more
  • Services
  • Blog
  • Contact
  • Home | 
  • Blog | 
  • Enterprise applications | 
  • A Powerful Testing strategy - 5 tips

A Powerful Testing strategy - 5 tips

by Alex Antonatos
on 19 October 2018

What is a Test Strategy ?

A strategy for defining a testing approach, what you want to accomplish and how you are going to achieve it, the details how the testing objectives would be met effectively. 

This document removes all uncertainty or vague requirement statements with a clear plan of approach for achieving the test objectives for your project. Test strategy is one of the most important documents for the QA team. 

You should look at any defined test processes (e.g. entry/ suspension/ resumption/ exit criteria for test, process to execute test cases and process to report a defect) to examine their feasibility in your situation. Identify the required test processes that will be re-used, modified or create them from scratch.
 
1. Encourage clarity in reporting bugs, always propose a standardized test template for the users.
2. Identify the data that will be recorded, measured, analyzed and reported to show the progress of testing.
3. Challenge all assumptions while you design your test strategy. Provide safeguards if any of your prior assumptions prove incorrect later.
4. Remember that a powerful strategy is never static. Monitor the results obtained from the test strategy and do not hesitate in making the desired modifications towards completing your test strategy.

5. Last tip, a great testing strategy should include all areas included in this table of content.

test strategy

 

Categories
  • Blogue (Francais)
  • Enterprise applications
2305 Rockland Rd Mount Royal, QC H3P 3E9
514-240-40907 Days a week from 9:00 am to 7:00 pm
alex@appsconsultant.com
appsconsultant.com © 2019. Privacy Policy
Login
 Facebook  Google

Register
username / password