My Journey as a Video Game Tester

Hi, my name is Hari Panicker. A passionate video game tester, Also, I am a die-hard fan of playing (Role-Playing, Adventure, MMORPG & arcade games.  My unmeasurable love towards game is the main reason why my career as a video game tester flourished.
It all started with the game called Contra and Dangerous Dev in my 4th standard.
The game was so interesting that after school I used to dash towards home to complete my homework then sit and play till bedtime without even flinching. Ah! How can I forget?
As I grew up I discovered more and more intense games like CS, Dota I, Red Alert, AOE (Age of Empires), GunZ the Reloaded Duel and many more. Among the huge list, hands down my favorite, the one, and only Ragnarok Online.
About the game, Ragnarok is an MMORPG created by Gravity. I was so into this game that I used to sometimes skip my study hours for playing the game with my friends (lol..).  I and my friends used to party up and level up our characters, hunt equips /attribute card from morning till noon.
Then in the evening, we party up again for some PVP (Player vs. Player) and GVG (Guild vs. Guild) fights. It was not just playing the game for me and my friends we started to make money by selling some rare items in-game which was very hard to obtain.
After a few years, the game server closed so I had to move to another Ragnarok server. This was a Malaysian Server called Happy Ragnarok Online. I was the No.1 Player of the server which gave me the opportunity to work as a Game Master for this game.
From there my Game Testing life started I had to report Bugs, find out who is using Cheat (Botting) result to permanent BAN and Ragnarok Support (Help players if they have any questions regarding the game).
Moving on I realized that my career is into Game Testing and further started to work in a game testing company where I got to learn many new things about games and how it works (many new terms used in-game, writing bugs, uploading them on Jira, Mantis, etc.) in testing.
Within 6 to 7 months I got promoted to a Senior Test Engineer where I had to handle a team of 8 to 15 people, explains them the task to do, solve their queries about the game, review the bugs properly and send daily status reports.
Games I have tested:

My team had good times and bad times in projects we tested. we were gifted with immense pleasure when the tested game gets positive feedback from the clients with some Goodies (Gifts) 😊, and of course, there is a lot of pressure when the delivery date approaches. But yes, after all, its fun testing more and more games 😊

My craving for games and testing them will never end. It’s like my hobby turned in to my career.

How to Get a Job In QA Testing Company? Essential Traits and Techniques

Why QA testing job can be a good career choice
If you are in a confusion in deciding after your graduation whether to choose Software Testing as a career, then the below points can strengthen your judgment to choose software testing as a career.
In case you are already employed in a Company as a Software Tester and worried about your career growth then these points confirm that you have chosen a right career path.

  • High demand for testing

Testing has become an essential process when it comes to validation of any software. Since software always have a market, testing will also do. So does testers

  • Designing experiments

A QA tester is that mad scientist who designs and performs elaborate experiments to bring out the real quality and real capabilities of the software.

  • Remuneration

Remuneration is one of the biggest highlights of this profession. Even though freshers have less, as experience increases payscale also increases.
Read this blog to know more about software tester remuneration of 2019

  • Code Writer

It is an old myth in an industry that anyone who cannot code can be a Software Tester. But this being an automation age, a QA tester adopts writing code to automate the scripts.

  • Growth and multiple routes towards progression

Speaking about career growth, a Tester will eventually become Test Lead, and then  Project Lead,  and then Automation Architect,  and then Test Manager etc., Ultimately everyone in this path reaches to the manager level.

  • The scope of Exploring the Latest Technologies

Being a tester and as the process entails, you will be required to work with all the latest techniques and technologies. So you get well versed with the popular and prevalent testing tools.

  • Creativity and Innovation

Since testing work is not explained to you, you will need to analyze the clues and think of places where the application is inconsistent with the end-user. So that generates creativity and innovation in you.

Summarily, if you like solving logical puzzles, if you love helping others in releasing a quality product in the market or if you love to take challenges in exploring and struggling to understand and find bugs and reporting to fix them, QA testing job is the right choice for you.
Skill sets required for a QA testing job
Certification
You need to pass the foundation course in QA testing. You should be well accustomed with the QA Testing methodologies, terminologies,  and various testing techniques so that you will be familiar with the different development models (or methodologies) such as waterfall, the V model, incremental, spiral and more frequently these days, the Agile processes.
Test Techniques
You need to have full knowledge of all the testing techniques.
Documentation and Testing process
You need to know how to obtain conditions from the required document, ways to devise test-cases from the test conditions and ways of writing test procedures.
Testing Tools
You need to have knowledge and experience on Automation Testing Tools, Performance Testing Tools, Test Management Tools, and Bug Tracking Tools.
Personality and Attitude towards testing
As a QA tester, your job is to check to see that the project is running according to the design and specification and you should report any variation from the documented scripts. Hence, a great deal of concentration, comprehensive investigation and proper recording of results are very important. A good tester must possess the ability to take advantage of any security risks and exhibit that the output is fit for release.
Other attributes required are:

  • A good memory to reproduce the unscripted steps
  • You need to be a good communicator and team player to discuss any defects found to other members of the team
  • You need to be Ethical


Tips on getting a QA testing job easily

  • Update your resume

Make sure you take the time to think back about all your relevant past year work experiences. Do not try to show off. Organize your resume accordingly.

  • Get feedback on your resume before submitting

Ask others to review your resume because often a second eye may notice formatting or grammatical error.

  • Develop your Minimum Viable Job

When trying to decide between two competing offers, look out for aspects like geographical location or industry.

  • Create a list of potential employers and companies

Make a list of all the companies you would like to work for and then decide whether you want to move on to a smaller company or join an organization that has an established QA and testing practices.

  • Grow your network, tap coworkers, QA groups and LinkedIn

Confirm with other QA professionals from their LinkedIn profiles to get an idea of how to present your skills and experience and be sure to have your LinkedIn profile at par with your updated resume.

  • Benchmark the company’s QA and testing practices

Identify the best employer by finding out the future goals and current QA practices and methodologies.

  • Do not be too quick to say “yes” to the hiring manager

Get a thorough understanding by paying attention to every step of the job search process prior to confirming your acceptance of the role to the hiring manager.

How to Find Bugs in Your App

Have you ever wondered about how to find bugs in your app? Do you possess testcases that you think is enough to trace out bugs? In this blog we have detailed about the effective steps that can be used to find bugs in your app.
1. Save the Code at Good Place
This first step is not only useful for tracking bugs. It has many other advantages that, truthfully, would give for an entire article. All the files that make up the source code of an application are not simple files that we should have saved in Dropbox or, worse, in a hard disk.
We should not save the source code of an application in places like Dropbox, Google Drive or on a hard drive. They are pretty peculiar files.
They are files that undergo different changes over time and that as a whole have different versions. To coder, these versions of the code have to be easily accessible and must have an explanation of what they represent.

To understand each other, we are talking about different versions of your code files, representing different versions of your application in the market for example, version 1, version 1.1, and version 2.0.
To all this, we have to add that these files have to be easily accessible to all the people who are working on them. The owner of the code has to be in possession of these files, but he has to allow access in a secure way to the developer or developers working on it.

Also Read : How to Test an Ecommerce Website: Points To Remember

The good news? There is a storage system that allows all this and much more that was designed precisely to save code. This system is called Git.
We could say that Git is not just a protocol, a standard or rules to follow, call it what you want. From here, there are different platforms that implement it. The best known today, and the one that has more popularity, is Github.
Advantages of Git includes,

  • Distributed Development

Each developer gets a local repository connected to a central repository does not require a network connection for commit creates a reliable environment

  • Workflow Branching Capability

Easy to manage branched system that provides an isolated environment for development. Create a new branch if you wish to work on something new. Ensures master branch have production quality code helps to work as detailed as agile backlog

  • Merge One Branch with Another

Merge one branch with another helps to pull request from one branch to entirely different one owing to that, changes can be tracked easily opens up the chances for discussion regarding their work before integrating with codebase inexperienced developers ruining entire project is minimal since pull request can be created as formal code review

  • Community Support

New addition to the team can get easily used to distributed development Easy to leverage 3rd party libraries others can fork their own source code

  • Faster Release Cycle

Developers can share smaller changes frequently helps well with continuous delivery and integration environment deployment can be automated. You can build and deploy code to servers from the branch of your like

2. Bug Tracking
At this point I am going to assume that we have the code of application in a Github repository.
If we had everything well configured, we, as owners of the application, would have to be the owners of the Github repository and developers, would have to have access to it in order to make the necessary modifications.
So far we have not seen any reason why Github can help us in tracking bugs, but peace of mind, we start now. Every repository in Github has a tab called bugs (bugs), and yes, we will use it for precisely to register the different bugs that happen in your application.
We can create a new bug by clicking on the New Issue button. From there we can add a title and a description. Now this bug will be registered in the repository until someone does something with it.
3. Automating the Bug Log
So far we have solved a small part of the problem. Now we have a registry of bugs to which, both we as owners of the code, and the developer that will be the person in charge of solving them, we can access.
However there is a great disadvantage. At this time the bug log is something manual. To track a bug, we would have to experience it ourselves and then go to the repository to register it and write down the details of it.

Does not seem like a good idea, right? Above all we have to take into account that there will be bugs that will only appear in certain specific cases, with which it is possible that, yes, they will be experienced by other users and not by ourselves.
It is also not necessary to mention that the process of going to create the bug manually to the repository is not an especially productive method.
Another tool to the rescue! In this case it is about Rollbar. Rollbar is a platform that is responsible for tracking bugs in any type of software. We can use it on websites, desktop programs, and programs running on a server and, of course, mobile applications.
4. Configuring Rollbar and Connecting with Github
How can we configure both tools to automate bug logging?
First of all we must create a project in Rollbar and configure it so that it is linked to the Github account. Specifically we will have to link new project to a repository. This repository will obviously be the one that contains all the source code of your application.

Also Read : How to Test a Bank ERP System

Next, we will have a slightly more technical part that the developer must complete. You will have to implement the Rollbar library within the source code of the application. It’s a quick job that can be ready in less than 1 day depending on the level of registration you want to follow.
What will happen once these steps are completed? Any bug, which happens to any user in your application, will be created automatically in the Issues section of Github repository. Automated bug logging!
5. Obtaining More information of Each Bug
Another of the problems we had without Rollbar that was the little information we had about a bug.
For anyone, with or without technical knowledge, it is very difficult to find out at a glance what is causing an application to fail. It does not matter if you have technical knowledge. Maybe you could know where the shots are going, but it would be almost impossible to know the cause at 100%.
6. Solving Bugs and Communication with the Developer
Well, now that we have seen the different tools, the configuration of the same and what benefits we will obtain, we will see what the day to day would be like to track the bugs of application.
In the first place, we should not have any person in charge of recording the bugs. Automatically Rollbar would create them as they happened.
The developer every X time would have to go consulting if there are new bugs and solves them. Once a bug has been solved and the code has been updated in the repository, the bug would be closed.

These are the standard factors that one asks for testing, for each of these clients, more information is required, such as on which network provider the bug was detected or the size of the screen where the bug was, etc.
Finding out bugs can be fun. Correct documentation along with corner cases will help you maximize the result.
Conclusion
These are the basic steps in finding bugs in the developmental phase of software/app once the development has been done, it’s always better to do professional QA (Quality Analysis) with the help of a QA company to make the app as stable as it can get.

Get an eBook : Download PDF

Software Testing Life Cycle (STLC)

Software testing is a very important part of software development.  owing to the huge demand and necessity of testing nowadays, The software testing process is now getting more intricate, and competent.  Because of that, Software testing not only limited to finding bugs but plays an important role in delivering a quality product to the end-users and on time. This has resulted in making the whole testing process streamlined and organized. And that led to the development of the software testing life cycle or what is commonly known to us as STLC.
What is STLC?
The software testing life cycle is a sequential flow of various testing processes that are to be executed to ensure maximum results from software testing. STLC ensures that all the testing processes are carried out in an orderly and planned manner.
We have understood that STLC is a process, now look at the different steps involved in this process:

  1. Requirement Gathering
  2. Test planning
  3. Test case Development
  4. Set up the test environment (Test, Int, Prod)
  5. Test case Execution
  6. Test cycle Closure/Maintenance

Software Testing Life Cycle
1. Requirement Gathering
Requirement Gathering is the very first Step in the STLC process. The document containing these requirements is called the Specification Document. This is a very important part of the software because all the development would be revolving around this document.
It is always advised to get a sign off from the client for the requirements document, to reiterate the correctness of the specification that the client is looking for. It is with these requirements that testers would be able to come up with the test cases.
Requirements will be either in the form of a document or User Stories. In Agile a requirement is called User story. Each user story can be further broken down into several tasks and assigned to different members of the team.
The requirements are received from clients/stakeholders who are in need of the product/service. A BA (business analyst) is normally the person who prepares this document after discussions with the client. It is advisable to have the client, the BA, product owner or manager along with team leads (including QA lead) and architects should be attending the requirement gathering meeting.
Entry Criteria

  • Availability of requirement Document, acceptance criteria and application architectural document.

Activities

  • Recognizing the tests to be executed.
  • Identify test priorities and focuses
  • Create Requirement Traceability Matrix (RTM).
  • Recognize details about the test environment
  • Carry out Automation feasibility for the testing.

Deliverables

  • RTM
  • Automation feasibility report.

Exit Criteria

  • RTM
  • Automation Feasibility report

2. Test Planning
Once the requirement analysis is over next is the planning phase. Team lead/Test Lead or sometimes Manager will prepare the Test Plan document. This plan will be kept in share drives or test management tools like Rally, ALM, etc. so that they are accessible to everyone.

The test plan document is a single point of reference when it comes to all testing activities. It also works like the document that is shared between the Dev team, Business Analysts, Project Managers,  and the other teams for concurrence.
Owing to this transparency of the QA team’s work to the external teams will increase to a great extent. The main input needed for the test plan is the signed of requirement document.
Test plan Document may have the following Sections:
1. Entry Criteria
It specifies the conditions which must be satisfied for the testing process to begin. The most common entry for testing is a stable build that has passed the smoke test within the minimum number of failures or the data setup is ready or the hardware is ready etc.
2. Scope 
The scope of the Testing will be listed in this section.
The scope of the testing refers to the list of requirements from the requirement document that are feasible for testing in that particular release or iteration.
There will also be a traceability matrix created which will map the requirements to feasibility, test cases, test case runs, test case status and defects. This matrix will clearly indicate the status of the testing and quality of the product.
3. Out of Scope
Out of Scope feature will be listed in this section.
Any features or requirements which are not covered as part of the current release will be marked as out of scope. There can be several reasons for marking an item as out of scope. Data setup not available, dependency on other modules, application not ready, not feasible for testing are some of these reasons.
4. Assumptions
Assumptions are listed in this section.
As the name suggests this section would contain the list of things we think would be ready when we are starting the testing. Some of the items covered in this section are application is up and running, resources are available, hardware setup is up and running. Each project can have a different set of assumptions.
5. Schedules
Here we can write about how many test cycles are needed. Start date and end date of each cycle, the sequence of testing, etc. This section will contain an estimate of the number of test cases available and how long it will take to script and test each of these.
Then based on the number of resources available a timeline is reached for test case creation, data preparation (if applicable), and test case execution and reporting.
6. Roles and Responsibilities
Team members and their roles and responsibilities are listed in this section. Since this test plan document is shared with the development and other teams, it helps them to know whom to contact in case needed.
7. Defect management
This section talks about the process followed for reporting and closing defects. Most companies use test management or defect tracking tools like ALM, Bugzilla, and Rally, etc. This section also discusses to whom the defects will be assigned and the steps to closure.
8. Deliverables
This section contains the list of documents the testing team promises to deliver after the testing process is completed. Test results summary, defect list, and testing metrics are some of the deliverables that can be mentioned here.
9. Hardware and Environments
This section mentions the hardware requirements and setup that is needed for testing and the environment in which the testing will be done in each phase. In most cases, the testing is done in QA or Stage environment with a dummy copy of production data.
10. Risks
This is a very important section that lists out the risks and contingencies along with the mitigation plan. There can be many types of risks like hardware failures, application downtime, data unavailable, etc. These basically refer to issues that can impact your testing activities and schedule. For all risks mentioned, it is advisable for a mitigation plan. This is like a plan B when plan A fails.
11. Exit Criteria
Here we need to mention when the testing will be stopped. There are 2 situations when testing is stopped. One, when the testing is completed.
In this, the exit criteria would be testing completed for all test cases and x% of the defects closed. (X is the % of defects closed and would be decided by the management). Second, when testing needs to be stopped due to various reasons. Build instability, too many Sev 1 and Sev 2 defects or reduced timelines can be some of these reasons.
3. Test Case development
What is a test case?
A TEST CASE can be defined as a set of variables with which is used by a tester to determine whether the system under test satisfies requirements and works correctly. The process of developing test cases can also help find problems in the requirements or design of an application.
Who will write the test case?
Usually, the Test case document will be developed by the testers. The test cases are written in such a way that it validates each requirement.
The test case is based on what document?
Test cases will be based on the requirement document (SRS- Software Requirement Specification) or in agile where we do not have proper requirement document the test case will be based on the User stories

How do you identify Test cases?
Ideally, for each requirement, there should be at least one test case. In Agile User, Stories will be broken into tasks. Usually, there will be multiple test cases for each requirement/task. The mapping of the Test case to Requirement is called the Traceability Matrix.
While writing the test cases one should be careful to make sure that a maximum number of options, navigations, and validations are covered. Ideally, the test cases should be written such that every branch of the code is exercised.
Different Types of Test cases
Regression Test cases:
Regression test cases are those which cover stable and previously rolled out functionalities. Regression test cases are usually automated and are called Regression Suite. Also known as Sanity testing
Functional Test cases:
Functional test cases are test cases that validate the functional aspect of the AUT. Most of the UI and interface-related test cases would be functional. Login, logout, navigational flow and error scenarios are examples of functional test cases.
Non Functional Test Cases:
The test cases which are not related to the functionality of the application are known as non-functional test cases. For example the layout of the page, font, color, text size, image size, etc.
Integration Test cases:
When data flows from one system to another, then the test cases need to be elaborately written to cover this. These are called integration tests as they validate the integration between one or more systems.
Performance Test cases:
Test cases related to Performance of the site or application like the loading time, load it can take, etc.
White Box Test cases:
Some amount of technical knowledge is needed to write white box test cases. These test cases validate the developer code and the functional modules developed.
Let us now try to write a typical test case. It should have the following fields

  • Test case number
  • Test case Name
  • Input steps
  • Test case Type(functional, performance, Regression)-optional
  • Expected Result
  • Actual Result
  • Status
  • Requirement No
  • Bugs associated (Bug ids)

If Expected Result and Actual result matches Status will be pass else fail.
4. Setting up Test Environment


Most of the companies will have a different environment to test against examples of environment would be TEST, INT, and PROD (testing, integration, and production).
There could be multiple test environments. The setup would also include any data and device setup that is needed to kick start the execution process.
Once the test cases are ready next test environment needs to be set. For example, if we are going to execute the test cases against “Test Environment “the build which developer sends for testing need to be deployed in Test Environment.
Sanity check or Regression needs to be run and there should be no new failure which means the new feature is not affecting the existing application. Only then QA can execute test cases against it.
5. Test case Execution
Here is where the actual execution takes place. Each tester is assigned a separate set of test cases. Based on the step to reproduce as mentioned in the test case document, the tester would validate whether the mention functionality is pass or fail. In case it is a fail, he needs to open a defect for the defect. He may also be required to attend triage meetings to help the developers to better understand the problems and hence fix it too.

Read also : Test Management Process: A Complete Guide

While the testing is in progress the team would be having a daily status reporting to the test lead or manager to track the progress. The team may also need to be constantly in touch with the developers to help them understand the issues and defects.
In case any bug fixes are received, the team needs to make sure the issues are actually fixed and also validate that the fix has not adversely affected any other functionality
6. Testing closure/Maintenance
Once all the test cases are completed and most of the defects are tracked to closure, the test process is also closed. All the deliverables’s as mentioned in the test plan is shared with the development team along with the certification of whether or not the build is a go or no-go to the next stage.
Hope this section was useful to you in understanding the STLC process. Though we have talked about the 6 steps there are always customizations that we need to do to make things smoother for the project.
With Scrum and agile being the buzz words, the STLC has been reduced to a minimum with no proper test plan and in most cases no detailed test cases as well. But always remember the process is important and the more you do away with the greater is the risk.
Why do we need STLC?
Software testing ensures the high quality of the software product and is essentially a very important part of software development. The software testing life cycle ensures that the testing process is carried out in a well-planned and sequential order thus promising better testing results.

The Software Testing Life Cycle can embrace 4 different testing models namely the agile model, the waterfall model, the V model, and the spiral model.

  • Agile model: Agile Testing model is being largely adopted by testing teams. It is based on continuous integration between testers and developers. Agile Testing does not follow a sequential flow of testing processes.
  • Waterfall testing model: Waterfall Model or Linear Sequential Life Cycle follows a sequential order of testing. We only move to the next phase of testing when the previous phase is completed. It is good for small projects where the requirements are very clear.
  • V model: V Model is an advanced version of the classic waterfall model. In the V model, each phase of the software development life-cycle is validated before going to the next level. In the V model, software testing starts as soon as the requirements are written. V model helps in detecting defects in the early stages of life-cycle and it also minimizes probable future defects.
  • Spiral Model: Spiral Model is based on incremental and prototype techniques. It is usually applied in large and complicated projects with high-risk probability.

Conclusion
A systematic and sequential approach is always beneficial for any process. The software testing life cycle is such a systematic and sequential way of conducting software testing that promises a more effective and efficient testing results.

Software Testing Life Cycle (STLC) | TestBytes from Testbytes

Get an eBook: Download PDF

Bamboo vs Jenkins : Which CI/CD Tool is Better? [Table included]

Bamboo vs Jenkins! both are continuous integration automation tools. Both of them are widely used by agile teams to quicken and make their process more efficient. Bamboo and Jenkins can also assist agile teams to regularly share their work.
However, which one to use if they are equally good? Go through this comparison blog and find out.

What is Continuous integration?

Continuous Integration is a process progressively being adopted by software development teams to enhance the frequent sharing of their work with the rest of the team to fasten and enhance their software development process.
Every time integration takes place it is verified/tested by a build that includes test cases. This results in early detection and correction of bugs and streamlining and fastening the development process.

What is Jenkins?

Jenkins is a renowned open-source CI/CD tool. It is an automation server that will help in the software development process. It is also a Java-based tool that assists the development team to focus on continuous delivery.
Another feature of Jenkins is that it’s a server-based system that runs in a servlet ( a small java program that runs in a web server) containers. For instance, Apache tomcat
Features of Jenkins

  • Jenkins is easy to install across OS
  • Jenkins makes sure that your code is well through continuous integration
  • Increases code coverage by facilitating transparent dev
  • Hundreds of plugins are available

What is Bamboo?

Bamboo is a continuous integration tool used by development team members to continuously share their work with the team. Bamboo services were originally available as both in-house and cloud computing services. But later cloud computing services were discontinued.
Top Features of Bamboo

  • Can run multiple builds in parallel
  • Build failure analysis, including a stack trace
  • Offers REST API
  • Great Plugin Support
  • Supports build tasks for build tools
  • Supports testing tools
  • Customizable build notifications
  • Supports importing data from Jenkins

Major differences between Bamboo vs Jenkins

Let us have a look at the major differences between Bamboo and Jenkins

  • Open Source

Jenkins is open-source while Bamboo is a paid tool. Bamboo charges money; based on the user’s requirements. It can be quite costly for high-end projects and projects having various versions.
In short, Jenkins is completely free and Bamboo is not. Bamboo starts with a minimal cost of as low as $10 but this cost rapidly grows to a massive $880 a year.

  • User Community

Being completely free Jenkins has a huge user community. It adds an advantage to look out for various upgrades, updates, and bugs. But searching for some solutions can be a hectic process as a user might have to search through a large number of threads to look out for a solution.
While Bamboo is a paid service and hence has a smaller user community. But it offers professional support and is completely user-friendly and can be customizable.

  • Plugins

Being an open-source tool, Jenkins supports a massive library of plugins. It has a library of over 1400 plugins. You can readily use these plugins to customize Jenkins and to extend its functionalities.
In the case of Bamboo, the number of plugins is rather less.  But not to miss on the quality of the plugins. The plugins that Bamboo offers are almost perfect with no bugs.

  • Cloud Support

With gradually, the world depending upon cloud services, comparing the two continuous integration tools – Bamboo and Jenkins on the basis of this feature is worth it.
Both Jenkins and Bamboo initially supported both on-premises and cloud services. But later on, Bamboo discontinues its cloud version. Hence current scenarios only Jenkins offers cloud support while Bamboo does not.

  • Setup Complexity

Another important feature to discuss is setup complexity. While Bamboo comes with an easy to use user-interface and full professional support for your queries, Jenkins misses on all these features.

Read also : 15 Best Mobile App Testing Tools For 2019

Jenkins has a pretty complex user interface that is even less attractive than Bamboo. Jenkins does not offer any professional support to set up your tool or to resolve any query, whereas Bamboo offers pretty good professional support to its customers. But being open-source, missing on these features is completely justifiable for Jenkins.

  • Integration with other tools

Atlassian Bamboo is renowned for its integration capability with other Atlassian tools like JIRA and Bitbucket. You can easily and quickly integrate such tools with Bamboo.
Though Jenkins can also integrate with such tools, thanks to a massive number of plugins Jenkins supports, integration is rarely required. However, If you are dealing with big projects, the integration could be very inconvenient.

  • Project Support

Bamboo is a preferred choice for large enterprise projects with extended budgets, Projects with massive software systems and supporting various versions can be easily handled by Bamboo. But for simpler and stand-alone projects Jenkins is a better choice as it is open-source.
A Quick Look on the Differences:

Feature

Jenkins

Bamboo

Availability

Open-Source

Not an Open-Source

Price

Free

Depending upon your requirement price varies from $11 to $900.

Source Code

Java

Java

Supported operating systems

Windows, Ubuntu, Red Hat, Mac OS

Windows, Linux, Solaris

Browsers Support

Chrome, Firefox, Internet Explorer

Firefox, Chrome, Safari, Edge

Plugins

A massive number of Plugins

Fewer Plugins

User Community

Very big

Smaller

Backup facility

Complex

Easy

Git branching workflows

Not Available

Available

Built-in Deployment Projects

Not Available

Available

Test Automation

Tricky but possible using Plugins

Is built-in

Distributed Build support

Remote Nodes

Remote Agents

Integration with Jira

 Tricky but possible using Plugins

Easy integration with Jira

Built-in Integration for Bitbucket Server

Tricky but possible using Plugins

Easy integration with Bitbucket

REST APIs

Yes

Yes

Professional Support

No

Yes

Usage

Complex

Easy

User-Interface

Difficult to Use

Easy to use

Which is better?
With new processes like Agile and DevOps out-casting age-old software CI/CD tools to fasten and streamline your software development process. Bamboo vs Jenkins for sure is the two most popular CI/CD tools available in the markets.
Picking up one among the two as a better tool is practically not possible. To pick up on one of these two tools entirely depends upon your requirements.

If you have a standalone software system and have a constrained budget, then definitely Jenkins is a better pick for you. But if you are looking for an extremely professional setup to deal with enterprise software systems having multiple builds and versions, then Bamboo is a better option for you.
So it’s time to analyze your requirements and pick the best suited CI tool to fasten and make your software development process more progressive.

8 Best Python Test Automation Framework

Python test automation framework ! Yes you have heard it right. Python has got framework that can be used for testing. Since the language is Python, regarded one of the most versatile language in the world, quirks of such framework is many. Some of them are,

  • The quality of the script of the framework
  • Easiness of test case
  • Method to execute modules

Considering the following points you can easily pick out the best framework for your purposes. Some of the commonly used python frameworks are;
1. Robot Framework

Robot framework is largely used for acceptance testing. It is counted among one of the best python framework. The robot is used in Python but it can run on .net-based IronPython and on Jython which is Java based.

The robot is compatible with various platforms including Windows, MacOS or Linux. Robot framework requires Python 2.7.14 or above. To run Robot you will also require ‘pip’ or python package manager. You should also download a development framework to use robot framework.
Advantages of Robot Framework

  • It helps testers to create readable test cases easily using keyword-driven-test approach.
  • Easy usability of Test data syntax
  • It allows using individual elements in separate projects.
  • Having numerous APIs is highly extensible.
  • Supports parallel running of tests via a Selenium Grid.

Disadvantages of Robot Framework

  • Creating customized HTML reports using Robot can be very tricky.
  • Not enough support for parallel testing.

2. Pytest Framework

Pytest Framework
Pytest can assist in test automation of all kinds of software testing. It is easy to learn, open source Python-based framework extensively used by QA teams.
Its veteran features like ‘assert rewriting’; it is being extensively adopted by testers worldwide. Using python does not require any specific prerequisites except for working knowledge of Python. Apart from this, you should also have a python package manager, command line interface, and an IDE.
Advantages of Pytest Framework         

  • Supports compact test suits.
  • Unlike other tools, Pytest does not require debugger or explicitly checking the logs.
  • Supports easy creation of test cases.
  • Pytest allows the use of multiple fixtures.
  • Pytest is extensible by using plugins
  • It offers easy and fewer bugs prone development of test cases.

Disadvantages of Pytest Framework        
The main issue with pytest is the compatibility issue. It does not allow using the test cases written in pytest to be shared with other frameworks.
3. PyUnit/UnitTest Framework
PyUnit/UnitTest FrameworkUnittest or PyUnit is a unit testing Python framework. In the PyUnit framework, the base class TestCase provides assertion methods and the cleanup and setup routines. The methods name starts with “test” in the subclass of TestCase to allow them to execute as test cases.
For the grouping and loading of tests, it supports the load methods and the TestSuite class. It also supports XML reports and unittest-sml-reporting. PyUnit comes with Python by default.
Advantages of PyUnit/UnitTest Framework         

  • No additional module is required to be installed.
  • It is easy to work even for people with no high-end knowledge of Python
  • It offers simple and flexible executing test cases execution.
  • Quick generation of test reports.

Disadvantages of PyUnit/UnitTest Framework

  • The snake_case naming method of python codes and camelCase naming method of JUnit causes confusion.
  • Unclear intent of the test code.
  • Requires boilerplate code.

4. Behave Framework

Behave allows software teams to run BDD testing without any difficulties. It is similar to SpecFlow and Cucumber. Behave allows writing test cases in easily readable language.
Behave requires Python 2.7.14 or any above version, Python package manager or pip, and any IDE like Pycharm or other.
Advantages of Behave Framework

  • Easy coordination among the teams and easy execution of all kinds of test cases.
  • Promotes detailed Reasoning and thinking
  • Clarity of QAs and Devs output.

Disadvantages of Behave Framework

5. Lettuce Framework

It is a behavior driven automation tool that is easy to use and it getting highly popular for BDD testing. It is based on Python and cucumber. It makes the process simpler and entertaining by its BDD approach. Lettuce requires Python 2.7.14 or any above version, Python package manager or pip, and any IDE like Pycharm or other.
Advantages of Lettuce Framework

  • It uses simple language and allows developers to create more than one scenario.
  • Supports cooperation among Dev and QA teams.
  • Helps in running behaviour driven tests cases for black box testing.

Disadvantages of Lettuce Framework
It required strong coordination and communication among developers, testers, and stakeholders.
6. RedwoodHQ Framework


The RedwoodHQ framework lets multiple testers to connect in a single web location to execute the tests simultaneously. It supports complete automation and management of software testing.
REdwoodHQ supports action keyword enabling creating test cases quickly and easily. Supports writing test cases in Python and other languages such as C#, Java, etc. It has an inbuilt IDE.
It helps in easy creation, modification, and execution of test cases. It records a history of all the test runs for future references.
Advantages of RedwoodHQ Framework

  • It is a very user-friendly framework
  • Supports parallel testing
  • Compatible with continuous integration tools such as Jenkins and TeamCity.
  • Suitable for front-end and back-end testing
  • Supports the parallel running of test cases
  • Helps testing teams to easily create and modify the tests.

7. Jasmine Framework
Jasime is a behaviour driven development (BDD) framework. It supports Python as well as Ruby and JavaScript unit test automation. It combines the server-client unit testing. To run Jasmine you are required to have Karma tests runner.
Advantages of Jasmine Framework

  • Supports both asynchronous and DOM-less test cases.
  • Simple, user-friendly and readable syntax
  • Parallel execution of server and client side test cases
  • No external dependencies
  • Available in a ready-to-use state
  • Active community for support issues.

Disadvantage of Jasmine Framework

  • More stress on applications of business value than the technical details.

8. Gauge framework

Gauge is an impeccable tool made from the same team that made Selenium. Since Gauge is an open source framework, there are plenty of quirks in using it. If you wish to integrate continuous testing into CI/CD pipeline, Gauge is one of the best options. Gauge is nowadays gaining lots of momentum owing to its cross-browser testing functionality.
Advantages of Gauge framework

  • Supports variety of plug-in such as java runner, c# runner, Ruby runner, JavaScript runner, Golang runner, Python runner, IDE plugins, Reports, build management etc.
  • Supports all major programming language including Python
  • Command line support
  • Defects can be quickly detected
  • Easy to write test cases
  • Cross browser tests can be automated
  • Scalability of product requirement across QA, Dev and business teams.

Disadvantage

  • Relatively young. Will take time to evolve

How to pick the best test automation framework?
In large a good test automation framework should have best

  • Scripts
  • Test cases
  • Assumptions
  • Techniques to run every module and code
  • High capability to detect the flaws and weaknesses.

But every project is different and might require one or more of the above parameters. So while selecting the best framework for test automation considers the following points:

  • Resource it requires
  • It’s functionalities
  • Test drivers that it includes.
  • Reporting features
  • Integration with third-party tools

It is better to break the project into smaller modules and then look out for the best fit. Not to ignore your budget. You need to consider your budget and then look out for a framework that offers maximum benefits and features for your project.
What to look for in a testing automation framework?
The framework helps in automating your testing process while reducing the manual efforts and making the testing process faster and more efficient. When looking out for an expert framework for your testing requirements consider the following points:

  • The capability of the framework to justify your testing needs
  • Ease of use
  • Library with reusable components
  • Maintenance overheads
  • Integrating with other tools and frameworks
  • Functionalities of your framework
  • Integration with the third-party tools
  • Complexity
  • Features of the framework
  • Support and Maintenance features
  • Triggering automatically without requiring human intervention
  • Stability, flexibility, and extensibility
  • Report creations

There are just the generic points you might consider before picking up a framework for your testing process. On a larger picture, developer’s requirements, an application under test, environment and more play a more important role in selecting the best framework for your requirements.
Conclusion

Now when we are acquainted with various python frameworks, choosing the best one could be a tricky task. Though all of them are good and serves different requirements. It is best to take a note of all your requirements and then pick the framework that fulfils your maximum requirements.

How To Choose The Best Test Management Service

How to choose the best test management service? Have you been baffled by this question?
Testing has been and always will be an important part of any development and creation process.
It is the only way to validate what we created is what we wanted or not. But since most of the software development is now moving to agile managing testing effectively becomes an uphill task.
Coming back to the first question, So what is the very possible way out of this?
There are many test management service providers in the market today. And they can provide you with end to end testing solutions for your business. With the testing work outsourced your team can focus on delivering with better velocity in every sprint.
There are several other advantages as well if you decide to use the help of a test management service provider. Let me now give you an insight into the advantages of using a test management service.

Independent and Impartial Validation:

One thumb rule in testing is that testing is best performed by an independent team located away from the development team for the best results. BY outsourcing your testing tasks you stick to this thumb rule. It also ensures that your testing results are impartial and accurate.

Professional Approach

In product teams focused on development, most of the time testing takes a back seat.
More often than not the processes are bypassed and rules are bent to meet the deadlines.
Consequences? Quality goes for a toss. This problem can be easily by entrusting your testing activities to a competent test management service provider.

Greater Bandwidth For Product Development

In an agile environment that has become the industry norm, the onus is on delivering standalone usable functionality after every iteration.
It is always a race against time for the developers who are not only expected to do a unit testing of their code but also a peer testing for another team member’s code.
By giving this testing task to an independent validating team the developers will get a greater bandwidth for developing their modules and also reduce the pressure for them.

Better Reporting And Tracking

The main idea behind the testing process is not only to find issues but also reporting the defects to the correct teams and tracking them to closure.

A good test management service provider would help with timely and accurate tracking of the issues and bugs.
They would also be able to provide you with the right kind of metrics and statistics which will clearly indicate the quality of your product.
Yes, we now know why it is important to avail of the services of a test management company. But do not make the mistake of selecting just any test management service provider.
You could be taking a huge risk by doing that. Testing is a very important aspect of product success.
You need to be double sure about whom you want to entrust this big responsibility. The testing is one aspect that can make or break your product.
But please don’t panic. In this section, we list some very important points which will help decide the best test management service for your business.

Efficiency

Yes, as simple as it may seem, the efficiency of the testing process is the first and foremost criteria to be considered when choosing a test management service.
By efficiency, we mean not only finding the bugs but also issues that could critically impact the software or product.
They should also be able to think out of the box and suggest changes and enhancements in the product based on its actual use.
Ideally, they would think and use the product as an end customer would do.

Industry Experience

When you decide to outsource some of your work, make sure they are capable enough to handle the work.
Choose a test management company that has an industry standing of at least 5 years or more. Also, take time to look at the profiles of their clients to understand the kind of projects they would have handled.

Focused Testing Approach

For the testing to be more effective and result oriented, it needs to be planned out well.
The best test management service provider would have a focused approach to testing which is more focused on testing the KPI (Key Performance Indicators) features.
At the same time, it will also make sure the complete product is tested effectively with all the possible data flows and integration points.

Experience And Skill

The success of the testing effort is based on the skill, experience, and expertise of the testers. The more skilled your testers are in the product and domain, the better would be the testing performed.
If you are using automation tools, then expertise in automation is also needed.
Now, when you decide to select a test management service, you need to make sure that they have the right set of people who have ample knowledge and expertise in testing products or software which may be similar to your requirement.
For example, if you are developing a mobile app, then you need to make sure the service provider has testers with exposure to mobile app testing.

Hardware Requirements

In some cases, your product or software may require some extra hardware or have some specific user requirements.
Make sure these are communicated well to the service provider at the onset to make sure they can provide the right kind of testing services.
Let us again take the example of a mobile app. While testing a mobile app, one would need to make sure that the app has a responsive design. And to test that they would need access to multiple mobile devices with different screen sizes and resolutions.

Also Read: Top 10 Mobile App Testing Companies in India

On the same lines if your mobile app needs an internet connection to talk to certain backend servers and systems, then the service provider should be able to test this internet connectivity in Wi-Fi, 4G, 3G and hot spot connections for getting accurate results.
Hence the best test management service provider should be able to handle the specific hardware and other requirements needed for complete testing of the product.

Use of Latest Tools And Technologies

The best testing service provider would have access to the latest tools and technologies in the market which would include both free and open source products.
This would ensure that the testing is done with quality and also will be in line with the latest market trends. Some service providers would have only one or two tools and would try to test every product with that.
This is not the right practice. Every product should be tested with tools that are best suited for it based on the development language, platform and also based on where it will be deployed or used.
While selecting the best test management service makes sure they are using the right tools and technologies to test your product.

Speed To Market

One of the main reasons, for selecting a third party for doing the testing, is to save time. Hence it is important the service provider can help you speed up your process and reach the market or clients faster.
In today’s fast-paced world, it is not only important to create value or products which are needed by the clients but getting them to the market first is also the key.
With new products hitting the market almost daily, your speed to market becomes a paramount criterion for product success. Choose a test management service, which can help you improve your speed to market.

Real-Time Connectivity

There are times when your product and software may be to be tested out of different regions to understand how it performs.
This is also a good reason for choosing a test management service provider.

Instead of just mocking the locations on the systems and devices, the provider should be able to provide you with real-time connectivity with people and testers as per your needs across the globe.

Budget

Last but not least the money involved. Understand that when you decide to outsource the work, there is a cost involved. Quality comes with a price.
If someone is providing you this quality dirt cheap, then there are 99% chances they are not genuine or will mess up with your work.
Don’t go for very pricey providers which may not work out for you. Choose the apt one which fits in all the above points along with your pockets too.
Taking the services of the experts in every phase of manufacturing and production is the way things are being developed and produced.
With many specialized teams and companies available it can be quite a challenge to select the one that fits you the best.
The points above would help you choose the best test management service provider for your business. Best of luck.

Top 10 Most Common Types of Cyber Attacks

Increasing usage of internet has also led to an increase in cyber-crimes / cyber-attacks. But how many types of cyber-attacks are you familiar with? In order to tackle cyber threats, you must be well aware of its nature. So here are the top 10 types of cyber attacks that you need to know about.

What are Cyber Attacks?

A Cyber Attack is defined as an attack originated by a digital system against another digital device, website, or any other digital system and compromises its privacy, reliability or the data stored in it.
Not only these attacks are a threat to digital individuals but are a great threat to businesses as well.
“The total volume of cyber-attacks has increased almost fourfold between January 2016 and October 2017.” – Cisco Annual Cyber-security Report

Why are Cyber-Attacks Initiated?

Before moving further to types of cyber-attacks, let us first have a look at the reasons for initiating cyber-attacks:

  • Acquiring unauthorized access to a digital network, system or its data.
  • Denial of service
  • Virus or malware installation
  • Hacking a website for unsolicited purposes
  • To get access to personal and secure information of people and businesses
  • Unauthorized use of a computer

Types of Cyber Attacks

Cyber-attacks can be of various types. You need to be aware of all those types of cyber attacks to guarantee your utmost safety and security.

1) Malware

Malware is considered as software that is intentionally developed to disrupt computer, server, client, or computer network.
Malware can be in the form of scripts, executable codes, active content, and other malicious software.
These codes can be computer worms, viruses, ransomware, Trojan horses, adware, spyware, or scare ware. Malware, as the name suggests, is designed with a malicious intent to cause damage to the website/computer user.
The most prominent damages caused by malware are:

  • As ransomware, it blocks access to key components of the network.
  • Installs harmful software/malware
  • As spyware, they can steal valuable information from your system (spyware)
  • They can damage certain hardware components of your system and make them inoperable.

2) Phishing

The main aim of Phishing is to steal restricted and private information such as credit card details, login ids, and passwords, etc.
By impersonating oneself as a reliable establishment in electronic communication. It is usually done through email spoofing or instant messaging.

They carry a link that directs users to a fake website which looks similar to the legitimate site and asks them to enter personal and secure information. It is a fraudulent activity intended to cheat users.
They bait the users by claiming to be from a reliable third group such as auction sites, online payment processors, social web sites, banks, or IT administrators.
You need to be well aware and acknowledged with such fraudulent activities to bypass any such fraud activities.

3) Man-In-The-Middle Attack

In Man-in-the-middle (MitM) the invader covertly modifies the chats and dialogues between two people who are communicating with each other.
In a Man-in-the-middle attack, the communicators are made to believe that they are directly communicating with each other without any interference from any third party.
But the truth is that the whole communication is controlled by the invader while making the communicators believe that they are talking to each other.  It is also known as eavesdropping.
The Entry Points For MITM

  • The invaders can easily take control of o private chats over an unsecured public Wi-Fi. Invaders can inset between the device and the network and can take control of the private hats in the network. The communicators without having any idea pass all the conversation to the invaders.
  • It can also be done through malware. In such cases, the invader installs software on the victim’s device to process all his information.

4) Denial-of-service attack

In denial-of-service attack (DoS attack) the offender tries to make digital assets inaccessible to its anticipated users.
The offender provisionally interrupts services of a host who is linked to the Internet. It involves overflowing the besieged machine with surplus applications to burden it from fulfilling the legitimate requests.

5) SQL Injection attack

A Structured Query Language (SQL) injection attack allows the intruders to run malicious SQL statements. These SQL statements have the power to take over the database server.
Using SQL injection intruders can overcome application security measures.
It allows them to pass through the validation and approval process of any web application.
It also allows them to recover the entire data from their database. It also gives access to intruders to add, modify, and delete data in the database.
An SQL Injection allows intruders to fiddle with various databases including MySQL, Oracle, SQL Server, or others. It is widely used by attackers to get access over:

  • Personal data
  • Intellectual property
  • Customer information
  • Trade secrets and more.

6.Zero-Day Attack

The zero-day vulnerability is a defect in the software, hardware or even the firmware.
It is hidden from the teams responsible for fixing this bug. It is referred to as zero-day as it has a zero day time gap between the time it is detected and the first attack.

7. Cross-Site Scripting

In Cross-Site Scripting (XSS) attacks the malicious scripts are embedded to reliable websites.
The intruders send malicious code to different users by embedding them into a trusted website usually as a browser side script.
The web browser cannot recognize this malicious script and has no idea that it is unreliable, and hence it executes the script as it comes from a trusted source. But alas these malicious scripts have powers to access any session tokens, cookies, or any other secret information that is used by that site.

8. Credential Reuse Attack

With almost every personal account asking for Ids and passwords, we tend to reuse them for various accounts.
Though it is a big NO, we tend to reuse one id and password for many accounts. Reusing the same password can be a big threat to your security.
The intruders can steal your usernames and passwords from a hacked website and they get a chance to log in to your other account using the same id n passwords.
And if you have reused them they get a golden opportunity to peek into your private accounts including your bank account, email, your social media accounts, and many others.
And we really do not need to tell you how hazardous it could be! So follow password security best practices and avoid using the same id and password for multiple accounts. You can use Password managers to manage the various IDs you use.

9. Password Attack

Passwords are the main gateways to securely enter into your personal accounts. Getting access to these passwords is an age-old and most convenient way to intrude into someone’s private account.

Our passwords are usually connected to our life’s incidents, people and places and hackers take benefit of such details. They can even sniff into the network to gain access to unencrypted passwords.
Attackers can use either of the below given two approaches to get hack your passwords:

  • Brute-force

Brute force is just like any other guessing game where you apply your wits and logic and expect that one of your guesses might work.

  • Dictionary attack

In such attacks, attackers use a dictionary of common passwords to intrude into the user’s computer and network.
The attackers copy encrypted file having the list of passwords, and use it to a dictionary of frequently used passwords. They then compare the results to take hold of the user’s password.
The account lockout policy is the best method to evade such risks as it locks your account after a few wrong attempts and hence securing your accounts.

10) Drive-By Download Attack

Drive-by –download attack is a common method used by hackers to spread malicious scripts or codes on user’s systems.
Attackers embed a malicious script into an insecure website’s pages. Whenever you visit such websites, the scripts will automatically install on your system or might redirect you to a website that is controlled by the attacker.
These attacks can occur by visiting a website, a pop-up window or an email message. Drive-by downloads do not require users input to get activated.
It does not require you to download/open any malicious attachment. It uses an operating system/ web browser with inadequate security features.
To avoid the risk of drive-by download attack you should:

  • Keep operating systems and browsers up to date
  • Avoid suspicious websites.
  • Try to use known websites as much as possible.
  • Don’t download unnecessary programs and apps.
  • Keep minimal plug-ins.

10 Major Cyber-Attacks of 21st Century

Now when we have learned about various types of cyber-attacks and we are sure about their ugly existence. Cyber-attack can happen to any digital user at any time and at any place.
Some might be harmless or might cause just a little damage. But there are a few types of cyber attacks that had caused significant damage and had taken entry in the list of most significant cyber-attacks.

And Here are 10 Major Cyber-Attacks on 21st Century..

1. Cyber-Attack on Yahoo!

types of cyber attacks
One of the most prominent internet giant, Yahoo suffered a big blow when the security of their 3 billion user accounts was put on stake.
The names, dates of birth, email addresses, passwords as well as security questions and answers of 3 billion users were put on stake. The attack took place in 2013-2014.
The attack had severely affected the company; the Yahoo group that was once valued at $100 billion was finally sold off to Verizon for only $4.48 billion for its core Internet business.
The name of the company was later changed to Altaba, Inc. after the sale.

2. eBay Cyber-Attack

types of cyber attacks
Another cyber-attack that shook the entire world was the user’s database hacking by the intruders.
The e-commerce giant was subjected to a major cyber-attack in May 2014 when hackers intruded into the user’s database using their corporate employee’s accounts.
The hackers had complete access into their network for about 229 days. The breach compromised the sensitive information like names, dates of birth, addresses, and encrypted passwords of around 145 million users.
But as per the company, the financial data of the customers was safe at it was stored in a separate database and was not compromised. The beach resulted in widespread criticism of the company and incurred great loses.

Recommended Read: Major Cyber Attacks on India (Alarming News)

3. Equifax Cyber Attack


Equifax one of the US largest credit bureaus, faced a major blow when the data of its 143 million costumers was hacked.
The customer’s sensitive information including birth dates, Social Security Numbers, addresses, and drivers’ license numbers was hacked by the intruders.
The attack did not end with hacking only the personal information, even the credit card information of around 209,000 consumers was stolen too.
According to the company, the application vulnerability on their site resulted in the data attack. The attack was exposed on July 29, 2017, but was suspected to have started in mid-May the same year.

4. Target Stores Data Breach


End of December 2013 gave a big blow to Target stores when they discovered that a data breach into their system had compromised the Credit/debit card details and/or contact information of around 110 million people.
The hackers penetrated into their private network by exploiting their vulnerability through a third-party vender for HVAC system to POS payment card readers. The cyber-attack cost them around $162 million.

Know about : What is Data Breach? How to Prevent Data Breach

The CEO and CIO of the company had to resign after this major cyber-security issue.

5. Uber Cyber-Security Breach

types of cyber attacks
Data breaches are common events in the current digital world. How the companies deal with it, also play an equally important role. Uber was subjected to a data breach in late 2016. The company was not much criticized as its take on this attack was.
The breach resulted in compromising names, mobile phone numbers and email addresses of 57 million Uber users and 600,000 Uber driver’s driver license numbers.
The company discovered of the breach in late 2016 but made it public almost after a year. Not only that the company offered the hackers an amount of massive $100,000 to destroy the data without verifying they actually did.
The breach had resulted in the loss of both the reputation and finances of the company. The company was in negotiation to sell its stakes to Softbank, at the time the breach was announced. The breach lowered the value of the deal from $68 billion to $48 billion.

6. JP Morgan Chase Data Breach

types of cyber attacks
JP Morgan; one of the finest bank of the USA suffered from a cyber-attack which compromised the contact information – names, addresses, phone numbers and email addresses of 6 million households and 7 million small businesses.
There were no monetary losses. The hackers gained privilege over 90 bank servers. July of 2014 would really have been tough for JP Morgan to have a deal with all such critical issues.

7. US Office of Personnel Management – The OPM Data Breach

types of cyber attacks
USA was taken off when the Chinese hacker intruded into their OPM through a third-party contractor.
The attack started in 2012 but was discovered only on March 20, 2014. A second hacker again hacked into their OPM system in May 2014 but was discovered only after almost a year.
The attackers hacked the sensitive information including security clearance data and fingerprint information of over 22 million current and past federal workers.

8. Cyber Attack on Sony PlayStation Network


One of the biggest data breaches in the gaming industry of all times happened on the Sony PlayStation Network. April 20, 2011, is a date that will always be remembered in the gaming industry for the biggest data breach in the gaming industry.
The hackers hacked 77 million Network accounts. These accounts had 12 million accounts that had unencrypted credit card numbers.
The hackers hacked full names, e-mails, credit card numbers, passwords, purchase history, PSN/Qriocity logins and passwords, and home addresses.
Sony incurred losses of an estimate of $171 million. It resulted in an initial $15 million reimbursement in a lawsuit over the breach.

9. RSA Security Attack

types of cyber attacks
March 2011, is a date that is still in debates for the cyber-security breach of the mighty security giant’s SecurID authentication tokens of the company RSA.
The hackers successfully managed to perform phishing attack on RSA employees and impersonated as individuals and intruded into the network of the company. The attack is estimated to have stolen 40 million employee records.

10. Adobe Cyber Attack

types of cyber attacks
Another big cyber-attack that shook the IT giant Adobe happened in October 2013.
The attack compromised the personal information including customer names, IDs, passwords and debit and credit card information of over 38 million users.
The company paid $1 million as legal fees to resolve prerogatives of violating the Customer Records Act and biased business practices.
When market biggies like Yahoo, eBay, Equifax, etc. can get trapped in the trap of cyber-attacks, you too can! So be aware and follow all cyber-security safety measures religiously and BE SAFE!

Response on Cyber Attack

Even after taking precautions cyber-attacks can knock your digital doors. In such cases your initial responses should be:

  • It the attack real or just a prank
  • If you can access your data; take a backup.
  • If required approach legal authorities
  • If employees misuse their rights take appropriate actions
  • If services are denied, the website traffic should be diverted to other servers.

Prevention of Cyber Attacks

Though there is no guarantee to debar cyber-attacks completely, you can take as many precautions as you can to avoid them. Some of the steps you can follow to safeguard you are:

  • Use a good anti-virus that can detect various malware and can stop them from getting inside your system.
  • Use a good firewall. Use a good quality third party firewall apart from your default firewall.
  • In a corporate computer network, assure that no Plug and Play is supported in any system.
  • Corporates should use good network traffic analyzer to track any strange usage behavior from any system.
  • To protect yourself from DDoS attacks, mitigate your website to different servers and even better to use cloud service.
  • To prevent high-grade attacks seeks the expertise of a security testing company. Their vulnerability assessment report will be extensive and will tighten all the loose ends of the digital products and windows of your company.

Conclusion
Cyber-attacks are a sad reality of the digital world. Proper legislative rules are now laid down to protect the users from these hazardous attacks. Cyber-attacks are much more than just gaining unauthorized access to other’s systems.

They can be very hazardous. And can lead to loss of money, brand name and can even be a big blow to your integrity. So being a digital user, it is just for you to know about all these types of cyber attacks and take proper measures to avoid them and take proper steps in case you are fallen a victim to them.

What is Monkey Testing? Features, Types With Examples

Monkey testing is a crucial testing method that is done to authenticate the functionality of the product application. Monkey testing is done to ensure that the specifications given by the client are properly addressed in the software.
Monkey testing is a kind of black box testing. This testing is done when the tester is the time deficit in order to write and execute the function.
monkey testing
There are many names given to this testing pattern as Random testing, Monkey Testing, Fuzz Testing, and the technical name is Stochastic Testing.
This testing works well in case of androids, desktops, web and other mobile applications.
In this testing, there is no predefined strategy or algorithm and hence the testing works on tester’s gut and mood. Monkey testing is more efficient while doing stress testing.

ORIGIN OF MONKEY TESTING

It was first used in 1983 to test the software on Mac. These programs were Macwrite and Macpaint. The original Mac had the scarcity of memory.
monkey testing
After the program was completely initiated, there was a lesser amount of memory left than required to perform the test. So Macwrite and MacPaint used buffers those were quite larger than the size of the screen of the desktop. So it became essential to create some testing method that acquired lesser memory.
So Steve Capps used Monkey program to enter random inputs to Macwrite and Macpaint. The Monkey functioned parallel to the other programs, data entry running in the system.
This would perform faster than a regular user as if a monkey was showing the swiftness in him. Hence the team decided to set up commands, window events, menu clicks so that it can target the requirements of the tester.
The term monkey testing was first seen in the book ‘The Art of Software Testing’ written by Glenford J. Myers in 1979. It is a very famous technique among software engineers.
Monkey testing is a software testing technique in which the operator provides the software with some random inputs in order to analyze the behavior of the software.

It also finds out whether the system or application will work properly under such conditions or crash. The testing is usually used by the tester at the beginner’s level.

FEATURES OF MONKEY TESTING

Listening to the term Monkey Testing gives the vision of monkeys thumping on the keys of the keyboard and working as a computer expert, writing functions and other content.
All the random thrust on the keyboard may result in brilliant work as it may hit all possible combinations. It all may sound good. Going deeper into this theory, let us understand monkey testing.
Monkey testing is an automated test, which is done without any specification in mind. The main purpose of the test is to find out errors and bugs in the software to ensure the complete development of the product.

There are Some Other Features of Monkey Testing:

  • There is no specification while performing this test.
  • It focuses on crashing the system by hitting random inputs so that the security can be ensured once the product is complete.
  • The testing is done in the system where the errors are not identified at regular intervals.
  • The time and effort that is required are comparatively lesser in this kind of testing.
  • It ensures the reliability and efficiency of the system.

Example/Types of Monkey Testing

In this process of testing the tests are chosen independently from the test domain and are performed depending upon the tester’s requirement.
After the test, the team tries to replicate the error, once the issue is detected and fixed.
Monkey testing is categorized into three major kinds. Each of these focuses on different aspects of the programs and clears bugs from that particular genre.
monkey testing

1. DUMB MONKEY TESTING

Dumb monkey testing technique or ignorant monkeys, as the name specifies, inculcates a tester who has no knowledge of the application, its features, functions, working behavior or bugs.
They do not have any clue if the provided inputs are valid or invalid. It is the simplest testing which does not require the tester to know about the characteristics or qualities of the software or of the test flow.
The dumb monkey does not know the flow of work or the type of data being fed to the application or the system.
This determines fewer errors as compared to Smart monkey test. This test can catch the bugs that are harder to identify but are critically important too.

2. SMART MONKEY TESTING

Smart Monkey testing is another variant of monkey testing in which testing is performed by testers or group of testers who has a deep understanding of the workflow of software/application
The smart monkey test is aware of the locations of test and is well aware of the page they will be redirected to.
In this type, the tester is more focused on breaking an application and when they find an error, they are aware enough to report the bug.
This is an ample example of load testing. The impressive part is that this type of test gives the tester quicker results than that of its counterpart.

3. BRILLIANT MONKEY TESTING

The brilliant word suggests an advancement to the word smart. This is also true in case of these techniques, the brilliant monkey testing is an advancement in the smart monkey testing technique.
A tester or a team of testers is assigned for the task, ensuring that they have complete knowledge about this software domain and its functionalities.
Example: The tester who has sufficient knowledge of the banking sector may be asked to enter the banking domain’s data.

  • The tester knows well about the usage of the program and also the way other users handle it. So they carry out the testing from the user’s perspective.
  • It is an extension of the smart monkey testing technique.
  • It can also help in determining other bugs that may occur in the future span of its functioning.

Also Read: Black Box Testing – Techniques, Examples and Types 

ADVANTAGES AND DISADVANTAGES 

Monkey testing caters to the needs of an organization in chasing the out-of-the-box errors. It has both advantages and disadvantages as like every other entity.
Here are a few to add up to its advantages:

  • Usually, the software testing that is performed is ad-hoc but monkey testing can also help the tester to unwind the burden under the stress testing condition. Also if the tester does not have much knowledge about the application, this testing can rescue.
  • The deep-rooted randomness can sometimes save the system from complete breakdown by identifying the major bugs.
  • Being easy to follow monkey testing caters another advantage. Smart monkeys can help find unique bugs if set up with proper and accurate state model, quickly.
  • It has a great advantage that it can be accessed by anyone, one who may have knowledge of the file or who do not. Evidently, they will not be able to understand the appropriateness of the result, but still, they will not face any problem to perform it.
  • In an unintended way, it also allows the domain tester to judge the response of the program. But as the test pattern is unplanned the software may come under stress and will affect the server.
  • The cost-effectiveness makes this software more advantageous than others.
  • In case of a time crunch, if all the other test have been performed, the tester can opt for monkey testing that will allow quick fixing of the bugs.


There are Several Disadvantages that can Overshadow its Positive Points:

  • The test input values provided in monkey testing are so random that it becomes very difficult to reproduce the bugs and errors.
  • The occurrence of unexpected bugs makes it more difficult to analyze and resolve the bugs.
  • It may run for a long time before the commencement of the test, which reproduces unnecessary bugs which may again be time consuming and irrelevant.
  • It comprises accuracy as it is not able to recreate the same environment of the test.
  • The smart monkey can be efficient when provided with the state model but it also becomes expensive in that case.

Difference Between Monkey Testing and Ad-hoc Testing

  • The main difference between ad-hoc testing and monkey testing is that the former is carried out without any documentation or planning.
  • It focuses on breaking the system into subparts and finding out the bug in that particular subpart and resolve it. So that the functionality could be maintained. This is opposite to the functioning line of Monkey testing.

Difference Between Monkey Testing and Gorilla Testing

  • The other difference can be seen in gorilla testing and monkey testing. Here the former is performed on limited features and modules to analyze their functionalities, whereas the latter focuses on breaking down of a complete system to identify the bugs.

MONKEY TESTING TOOLS:

There are many tools which make it possible to perform the automated test efficiently.
They are developed to generate random data so that all the faults and flaws can be reported in the application. The generation of monkey testing tools requires some good amount of efforts but once they are done, they perform efficiently with automation.

1. For Android- MonkeyRunner Tool:

  • MonkeyRunner android tool is designed to work aptly with androids.
  • The tester can easily install and execute an android program, send it data files and store them in the computer using the Python program.
  • The tester can also control and access to the Android device by using an application program interface(API) provided by the tool.
  • As the MonkeyRunner tool is used to perform the framework level of testing and functional test, it can also be used to random testing test suites.

2. On android – U/I Application Exerciser Monkey:

  • This application is quite different from the MonkeyRunner tool, which controls the android device from exterior to the android code while U/I Application exerciser monkey runs inside the emulator.
  • It can also be used to develop the system and user events in the quasi random stream.

CONCLUSION

Monkey testing evidently, has differences with regard to the working of a monkey as it can completely analyze the function and will not do anything improper or irrelevant with the system.

The end user who uses any application or software is not expected to have the functional knowledge of the same. So by this testing, we can ensure the fulfillment of the needs of the user and decrease the probability of the awful breakdown of the software and system.
We can say that as it is not always possible to regenerate the bugs, it becomes almost difficult and sometimes impossible for us to reproduce the same found bug. It is very time-consuming work that requires a lot of effort, therefore we cannot recommend Monkey testing in the initial stages of the testing.
Later when the other test is done it can be opted to find the other issues such as the software and hardware issues, fault lines and memory leaks which are difficult to find in normal testing.
So we can say that one could opt for this particular kind of test if they lack in time and have performed other required test. Also one needs to ensure that the application is highly stable and can be reproduced as it focuses on the crash of the entire system.

Test Management Process: A Complete Guide

Test Management is very important to ensure high-quality software delivery and to ensure all-inclusive and high-end testing, a proper test management system is required. It ensures that the testing process proceeds in a correct manner.
Let us have a deep insight on Test Management.

What is Test Management?

Test management as its name signifies is the process of managing the testing process. There are various tools that are deployed for Test management. They help in the management of both automated and manual tests that are already specified by a test process.
To sum this up;  Test Management is a method of

  • Organizing and controlling the Testing process.
  • Warranting traceability, visibility, and control of the testing process to deliver high-quality software

Why do We Need Test Management?

Test management ensures the delivery of high-quality products that completely suffice on customers’ requirements.
It assists in the delivery of software within tighter deadlines, allowing collaboration among developers and testers.
In short leveraging test management process efficiently enhances:

  • Customer satisfaction
  • Smoother and more consistent projects
  • Timely product delivery

Let us move ahead and read more about it.

Who is Responsible for Test Management?

Though complete testing team along with the developers play a vital role in the process; the test Manager/lead is in charge. He acts as test support and is involved in resource planning & management, and resolving issues that create a hindrance in the testing effort.
The Test Lead / Manager are responsible for:

  • Leading the Test Team.
  • Outlining testing scope.
  • Dedicating and managing test resources.
  • Applying test metrics.
  • Scheduling, installing and handling the testing effort.
  • Thorough understanding of his role within the organization.

Test Management Process

Test Management is very important to enhance software development and delivery process. But the benefits of can only be availed if the complete process is carried out in a proper and systematic manner.
test management
The complete test management process can be divided into two parts:

  1. Planning

  2. Execution

They are again divided further into sub-processes:

1. Planning

  • Risk Analysis
  • Test Estimation
  • Test Planning
  • Test Organization

2. Execution

  • Test Monitoring and Control
  • Issue Management
  • Test Report and Evaluation

1. Planning

The first phase is planning, where all the planning for the complete test cycle takes place.

  • Risk Analysis and Solution 

Risks are the probable problems that might result in the SDLC.
It is the very first step in test management. The test manager starts working on it even before the beginning of the project. Software is susceptible to risk and early detection of risks help evade possible loss & save on project cost.

  • Test Estimation

Test estimate calculates the time and the efforts that any task would require to complete. It is one of the most important tasks in Test Management.
Benefits of Correct Test estimation:

  1. Correct test estimations result in superior planning, execution, and monitoring of tasks.
  2. It also results in more precise test scheduling.
  3. It helps apprehend results in more assertively.
  • Test Planning

Test planning is very important for carrying out all testing activities smoothly and efficiently. The test plan creation is the main aim of test planning. A test plan defines the approach, scope, resources, and calendar of proposed testing activities.
A Test Plan thoroughly defines:

  1. Test Strategy
  2. Test Objective
  3. Exit /Suspension Criteria
  4. Resource Planning
  5. Test Deliverables
  • Test Organization

When all the planning is being done and everything is in its place it’s time to organize an efficient testing team. A skilled team is very important to execute testing effectively.

2. Execution

The second phase is test execution, where testing is actually executed to find testing results.

  • Test Monitoring and Control

What if you find your test resources are falling short of and your schedule has just messed up? You will need to Monitor and Control Test activities to take back control of the project. Test Monitoring and Control keeps a check on test metrics to make sure that project is on time, within the budget and is proceeding well.

  • Monitoring

During monitoring, the test team assembles, records, and reports relevant details on on-going project activities.
The test manager is accountable for the following activities in this phase:

  1. Outlining project goal
  2. Observing the project performance
  3. Comparing planned vs. actual performance
  4. Recording and reporting of identified defects
  • Controlling

The main aim of this phase is to manage any up and downs in the testing process and to bring back the performance of the process as planned. It is done using the data received from test monitoring. In Test control, any deviations in the project are adjusted to as planned in the test plan.

  • Issue Management

We have already discussed risk management, but if at times we fail in risk management and these risks convert into the issue, we have to make sure that these issues are efficiently dealt with so that the final build is bug–free.
Software projects are highly prone to unexpected problems. But these issues need to be efficiently dealt with. If they are not properly catered they can cause huge loses to your business. These issues could be related to tight deadlines, improper resources, etc.  Ensure proper management of the issues in your project.

  • Test Report & Evaluation

When you are all happy that your project is completed, it’s time to take out a little time to prepare and test report and evaluate the test data.

Test Management Responsibilities

There are a few tasks that are expected to perform, some of them are:

  • The most important role and responsibility is to improve the quality of the software.
  • It is also responsible for the creation and upkeep of product metrics.
  • It empowers developers to ensure that less design or coding errors are inserted in the code.

Test Management Tools

Test management requires a lot of planning. The test manager needs to select an efficient team, assign them various responsibilities based on their capabilities and so on.
One of the major decisions to be taken by the test manager is to select the best test management tool for the complete process.

Functions of The Tools

  1. Automatic generation of the required test matrix (RTM) that indicates functional coverage of the product
  2. Testware management
  3. Test scheduling
  4. The logging of results
  5. Test tracking
  6. Incident management
  7. Test reporting.

Tools Selection Principles

You should not just randomly pick any test management tool. Choice of test management tool depends on your requirements and its functionalities.

Also Read: All Info About Software Development Engineer in Test(SDET)

Take time to analyze what you expect from this tool and then patiently study various features and pick the correct one for your project.
Here are the Main Questions that you should ask before finalizing the Test Management Tool for your Project:

  • How capable is the test management tool to manage your projects and your team?
  • Does this tool support develop test cases, test plans, test scenarios or user stories?
  • Does this tool supports test runs, managing the testing process, usability, and efficiency?
  • Is it capable of creating test reports?
  • Is bug tracker available in this tool and what its speed is?
  • Check out for some other features availability like import/export, incorporation with other systems, crash analytics, etc.

Test Management Tools

Some of the best test management tools are

  • TestRail
  • TestLink
  • EasyQA
  • PractiTest
  • JIRA
  • qTest
  • TestCollab
  • TestLodge
  • QA coverage
  • TestCaseLab
  • Zephyr

What are the Challenges in Test Management?

  • Insufficient time for testing
  • Lack of testing resources
  • Budget and schedule constraints
  • Lack of testing documents.
  • The complexity of the requirements to test and validate

Test Management Best Practices

  1. Make Sure you Start Testing Activities at the Earliest Possible:

Starting testing at the early stages of SDLC is very beneficial. But many of us even after being aware of it does not follow it. This leads to the detection of bugs at later stages resulting in the additional cost of rectifying them. This also delays the whole process as it will increase the time to rectify it and to retest it.

  1. Execute Iterative Tests:

Iterative testing approaches are highly beneficial and hugely recommended. Such approaches help in the creation of testing assets and help save a lot of time.

  1. Reuse Test Assets

Reusing test assets like test automation scripts, test procedures, test cases, etc. can save a lot of time and effort. So try and reuse test assets whenever possible. You can leverage these skills to foresee which assets can be reused or not.

  1. Try to Improve the Time Spent:

Always be on a trail to improve product quality and efficiency of the team. It can save you a lot of time and effort.

  1. Deploy Requirement Based Testing and Testing Strategies:

Different types of testing processes require different types of test approaches. It is always suggested to use a test approach based on your test requirements.
Such practices can help you get better testing results and promises you faster delivery of a quality product that enhances your customer experience.  Such an approach also reduces test efforts and time to test.

  1. Ensure Coordination Among Co-Located Testing Resources:

Ensure that the co-located testing resources are effectively coordinated. This coordination helps control issues related to testing resources, enhance productivity, and mend timelines; thus resulting in better ROI.

  1. Utilize Malleable Testing Processes

Every project has different requirements and hence needs to be tested differently. A flexible test management process is the need of the day to create an automated workflow.
This process should be able to repeat itself and should also permit optimization and modification of prevailing workflow as per the need.

  1. Utilize DevOps:

With more competitive business, new testing processes are now ruling the industry. DevOps is an approach that focuses on the close collaboration of developers, testers and operation’s team.
This approach helps in maintaining uniformity in forthcoming releases, decreasing defects, speedy and iterative development of software, speeding up business growth, etc.

  1. Communication is the key to successful Test management

The proper test management also depends on proper communication of all appropriate data such as goals, status, etc.  To the stakeholders in the apt format, and at the right time.

  1. Wise Automation can bring Huge Benefits

Accomplishing these tasks requires a lot of time and efforts. Using automated management tools can save you a lot of time and efforts while promising you for effective and efficient test results.

Conclusion

Test management is a very important process of software testing. It assures the better testing results and timely delivery of the final product. Make sure you follow the best test management practices and assure 100% customer satisfaction.