appsconsultant.com

appsconsultant.com
  • Home
  • About
      • About us

        Flexibility is the biggest selling point that we have over our larger rivals. We give our clients the freedom needed to thrive in today’s fast-paced business world, organisations say to us that they often see higher quality work from independent consultants like us, this reason is the primary motivator when choosing us over a big firm. This means that we have the same skills and experience as the big firms, with added freedom and flexibility to let us focus and resolve client requirements.

      • Latest news
        Pros of implementing SAFe (Scaled Agile Framework)

         

        Lets explore the Pros of SAFe as I see them. In a future article would look at the cons 

        The biggest benefit of adopting SAFe is the opportunity to tap into a relatively lightweight framework that creates efficiency in software development while maintaining the centralized decision-making necessary at the enterprise level. 

        Pros

        In large organisations with multiple teams and vendors spread across locations, this is far from reality. SAFe has an excellent way of ensuring the teams recognise the dependencies (during PI Planning), discuss and negotiate them, visualise them and plan for them. 

        SAFe is a solid way of engaging Business Stakeholders on a regular basis with the teams. SAFe's PI Planning process (and other mechanisms like PI System Demo, Product Sync etc.) literally force the teams to engage the business stakeholders, customers and even vendors in the Planning process. 

        Business to Business, Business to IT Alignment

        SAFe events like PI Planning, Product Sync bring together the business stakeholders, the product development teams, shared services teams and enterprise architecture teams into one place. 

        Business and IT - Joint Planning 

        In SAFe, all the teams within a particular group (called an Agile Release Train) start and end their Sprints on the same day. This brings a degree of synchronicity, efficiency and predictability to the delivery across the group.

        Implementation Roadmap

        SAFe has a solid, well proven Implementation Roadmap. This is something that SAFe has put together iteratively over many years drawing on experiences, lessons learned from hundreds of implementations.

        Structuring the Teams

        Many Agile teams do their best to deliver in a consistent, predictable way. But they are hampered because of the way the teams are structured and created. If Agile teams are created incorrectly - e.g. based on technology or component or location - they end up creating a huge number of Dependencies increasing the effort and the time to market.

        SAFe has a lot of literature and best practices and strongly emphasises structuring the teams on a feature basis. The framework strongly recommends undertaking a Value Stream Mapping exercise (as part of the Implementation Roadmap) to structure the teams properly and efficiently (with an aim to delivering as independently as possible). 

        Architecture and transition Design

        Architecture and Architects are sensitive topics within the world of Agility with widely varying opinions in terms of their role in Agile teams.

        SAFe tries to strike a sensible balance between completely centralised architecture vs completely de-centralised team based Architecture decisions for various reasons (in large organisations there could be a need to decide on certain tools centrally, purchase licenses on a global basis for certain applications / tools to optimise cost or decide on a central database decision etc.)

        SAFe's mantra is - Intentional Architecture and transition Design. SAFe also appears to provide the right amount of balance between letting teams do their own thing but establishes some guard rails. It also encourages teams to think about architecture somewhat ahead of time with a continuous transition architecture.

        Message processing vs stream processing architecture

         

        • A quick simple diagram differentiation between message processing and stream processing architecture.

        • The stream processing pattern bears many similarities to the message processing pattern that you are familiar with, but in stream processing, the processor looks at one or more streams as a whole, rather than at discrete messages

        • Streams are aggregated, combined and filtered to observe patterns and enrich data. The output of a stream processor is itself a stream, which may consist of filtered or mapped data or events.

        Reinforce application security developed on AWS/ Azure - Options

        Most corporations are adopting a DevSecOps approach - by maximising automation and trying to reduce manual intervention as much as possible.

        In continuous delivery environment , most companies dont have the resources and probably not possible to have a team out of project to proceed with security test in a continuous delivery approach.

         

        When looking for a solution , here are the requirements that you should focus on :

         

        Detection of application code vulnerabilities:

        1. Cover the entire application
        2. Be able to set security rules
        3. Ability to perform incremental scans
        4. Acceptable false positive rate
        5. Detection must not impact application performance
        6. anonymization of the name of the applications for the vulnerabilities reported

        Automation of detection:

        1.   Integration with Continuous delivery platforms (example: Concourse, Jenkins)
        2.   Build in case of discovery of vulnerabilities

        Reporting:

        1.   Integrate with bug management tools
        2.   Raising indicators specific to each application in a portal

        Dont build i think its a mistake, the market is moving towards solutions that are SaaS and most of these companies are building a blackbox type of security solution, buy a market solution and integrate it

        here is a starter list:

        1) Veracode https://www.veracode.com/

        2) Checkmarx https://www.checkmarx.com/

        3) IBM AppScan Entreprise https://www.ibm.com/security/solutions

        4) Contrast Security Assess https://www.contrastsecurity.com/interactive-application-security-testing-iast 

         

         

         

         

         

         

         

         

         

         

      • What we offer

        Business & Technology Consulting

        We offer clients specialised consulting in areas that we deeply understand. Our services include:

        • - Skills To Envision, Design And Develop Enterprise Apps
        • - Talent For SaaS/PaaS/IaaS In The Cloud
        • - API Architecture
        • - Data Science Talent
        • - ALM deployments – Agile/Devops
        Read more
  • Services
  • Blog
  • Contact
  • Home | 
  • Blog | 
  • Enterprise applications | 
  • A Powerful Testing strategy - 5 tips

A Powerful Testing strategy - 5 tips

by Alex Antonatos
on 19 October 2018

What is a Test Strategy ?

A strategy for defining a testing approach, what you want to accomplish and how you are going to achieve it, the details how the testing objectives would be met effectively. 

This document removes all uncertainty or vague requirement statements with a clear plan of approach for achieving the test objectives for your project. Test strategy is one of the most important documents for the QA team. 

You should look at any defined test processes (e.g. entry/ suspension/ resumption/ exit criteria for test, process to execute test cases and process to report a defect) to examine their feasibility in your situation. Identify the required test processes that will be re-used, modified or create them from scratch.
 
1. Encourage clarity in reporting bugs, always propose a standardized test template for the users.
2. Identify the data that will be recorded, measured, analyzed and reported to show the progress of testing.
3. Challenge all assumptions while you design your test strategy. Provide safeguards if any of your prior assumptions prove incorrect later.
4. Remember that a powerful strategy is never static. Monitor the results obtained from the test strategy and do not hesitate in making the desired modifications towards completing your test strategy.

5. Last tip, a great testing strategy should include all areas included in this table of content.

test strategy

 

Categories
  • Blogue (Francais)
  • Enterprise applications
2305 Rockland Rd Mount Royal, QC H3P 3E9
514-240-40907 Days a week from 9:00 am to 7:00 pm
alex@appsconsultant.com
appsconsultant.com © 2019. Privacy Policy
Login
 Facebook  Google

Register
username / password