Test Data Management – the best services to choose

One of the main components of proper testing is data. As such, it stands to reason that without good data, good testing just isn’t possible. You may have a test plan full of comprehensive scenarios but unless you have the appropriate data to run the scenarios, what you have is only a plan that can’t be executed. The best data is in production, since it’s the real world data that the application will use. However, depending on your business, the live data may also have privacy and legal concerns associated with using it.  To keep yourself and your business safe from expensive lawsuits, it’s best to forgo the practice of using raw production data.

QA Mentor’s Test Data Management (TDM) Service has been designed to help you with data creation, management, and protection to keep your business compliant with all legal regulations without sacrificing expediency or quality. With the help of Test Data Management from Micrxcel Technologies, your business can have test data on-demand for all of your testing needs in any test environment.  Following our practices, your testing team won’t have to incorporate time consuming, manual test data creation into their test plans, saving you both time and money.

To start off, the team of Micrxcel Technologies will meet with yours to determine the project timeline and objectives. From there, we’ll evaluate your entire QA process, including application profiles and tools used. They will identify the data that you commonly use in testing, how it’s acquired, where it’s stored, and how it is maintained. It’s at this point that they can pinpoint gaps in your process, potential compliance issues with data handling, and possible ways to streamline. After this evaluation, they’ll have a plan of attack specific to your QA challenges.

The Test Data Management service doesn’t stop there. We can help you implement archiving and purging to save you money on storage and infrastructure, as well as performance.  When data is obsolete or redundant, it should be purged from the environment to decrease the risk of false defects. Identifying this data can be time consuming on its own.  With the help and expertise, they can help you use manual or automatic processes to perform complete system checks. These checks can identify obsolete or redundant data based on predefined criteria and can be automatically or manually removed at regular intervals.

Your tests are only as good as the data used to run them. Don’t overlook this vital component of safe, comprehensive, and professional QA processes. With our years of experience and expertise, let QA Mentor be your guide in Test Data Management.



Security Testing Methodology – get the best from the best

As the use of web and mobile applications grows, vulnerabilities increase as well. Valuable client information and consumer trust can be lost in the blink of an eye if proper precautions aren’t taken. Good security starts with mitigating risk at the early stages of development and goes on with a continuous process throughout the life of the application. Periodic assessments must be done and security training never ends. The methodologies involved with software security are extensive, complex, and require specific expertise. Developers tend to neglect security due to its complexity, so it’s important that specialists are either contracted or made part of the team before, during, and after the application development. Prior to development, security specialists review and adapt security requirements and architecture. During development, Security Testing Methodology are executed and reviewed until the security is assessed to be sufficient. Once the application is in production, security service and response processes are put into place along with a continuous security review at appropriate intervals. QA Mentor uses one of three different security testing methodologies depending on the application, development status, and development methodology.



Agile security testing

Web application testing inherently benefits from iterative and adaptive methodologies, such as Agile.  Security Testing Methodology is no exception.  This method of testing is driven by iterations in which security requirements are translated into automated security test cases.   By promoting test driven development in this way, security tests are created before the system even exists.

Step 1: Obtain Security Requirements
Security requirements are identified by creating Abuser Stories and Misuse Case models – a take on the Use Case and User Stories. By creating these models, testers can pull security requirements from the scenarios and create appropriate reference points for requirement tests.  These scenarios are developed by determining how a malicious user might misuse or abuse the system.  Doing this step as a team, which is common in Agile methodology, makes it easier for the whole team to relate to security issues and determine the best way to handle them.

 Step 2: Employ Testable Architecture
Most web applications have three or more layers of architecture involved.  Creating a testable architecture involves adding at test layer on top of each of the application layers.  This makes it possible to employ various security testing techniques throughout the development lifecycle.  Testing can be carried out on each layer, and combinations of all layers.  Since many developers and architects don’t often consider security, creating test layers that interact and directly test the layers brings developers and architects into the security testing. This increases their security knowledge and gives them insight into how to develop secure system as well as how to remedy security issues.

Step 3: Automate Security Tests
To fully benefit from Agile, automation must be employed as much as possible. There are many security tools out there to make security testing automation easier.  Automating the security tests not only speeds up testing, but it increases confidence in the system. Depending on the application and architecture, QA Mentor utilizes tools such as HP Fortify Software Security Center, HP WebInspect, IBM Rational AppScan, and Beyond Security.



Static Testing – the objectives and benefits

Many people, even some testers, don’t realize that testing can and should start before a line of code is ever written. Static testing is that process, and it continues even after coding has started, but execution of the code isn’t necessary in static testing. By thoroughly reviewing requirements, design documents, design specifications, and prototypes, static testing can unearth defects early in the SDLC where it’s more cost effective to fix them. Missing or incomplete requirements, poor design, or inconsistent interface specifications are contenders for the first round of issues. Even code reviews are considered a form of static testing, as they can reveal inconsistencies or lack of adherence to coding standards.

The primary objective of all static testing is to find errors as early as possible in the SDLC and thereby improve the quality of the end-product with the least amount of cost.  Both formal and informal reviews of documentation, prototypes, code, or test cases are generally performed for thoroughness and appropriateness of the end goal of the product.  Nearly half of production defects could have been found during proper static testing cycles.

QA Mentor’s Static Testing and Inspection Service can help you perform walkthroughs, technical reviews, or formal inspections.  For each document type, QA Mentor provides thorough checklists to ensure nothing is missed, and we provide you with a comprehensive report with all defects and findings attributed and mapped to a specific verification point within the corresponding checklist document. We look for document completeness and coverage to help you achieve lower production defect rates, shorter development and testing cycles, and a higher ROI.

Benefits of Static Testing

  • Increased ROI
  • Decreased number of production defects
  • Better quality code for system and user acceptance testing environments
  • Higher quality end-product
  • Reduced time-to-market



Database Testing – the advantages

Database testing involves many layers. From the UI, to the data access, to the actual database. Data stability and security is absolutely critical for every business which makes database testing a step that shouldn’t be skipped.  This kind of testing can ensure that databases are durable, scalable, and consistent. For the most efficiency and effectiveness, database testing is performed by a team independent from the developers.

In database testing, the data validity, integrity, database performance, procedures, triggers, and functions are all exercised and tested. Correct data updates, such as inserts and deletes, are ensured. Incoming and outgoing data is verified using decision coverage, condition coverage, and statement coverage techniques. Whether automated or manual, the goal of database testing is to validate the integrity of the storage and transfer of your company’s most important resource.

QA Mentor’s Testing Execution On-Demand Service and Test Design On-Demand Service has a rotating team of quality assurance professionals who are ready to work on your project immediately with automated or manual tests. For the fully manual project, our Manual Test Design and Execution Service is available to work with your developers and DBAs to go over functional specifications, build a comprehensive test plan, rapidly execute the tests, help remediate defects, and retest until the project is satisfactorily completed. 

Benefits:

  • Offers security in knowing your database is stable
  • Scalable, dedicated resource effort available
  • Reduced time-to-market
  • Improved quality