You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

API Testing

  • Objective: 
    • Validate that data updates are processed as expected, based on system requirements
    • Validate any business logic encoded in the API, based on system requirements
    • Validate that negative test cases have been adequately covered
       
  • Tools:
    • Python scripts
    • Gazoonta tester: Java application uses XML input to make JSON requests to a REST API and  SQL commands to database.
    • Integrate API tests with Travis to run API tests at build time.
       
  • When: 
    • Ideally, the API tests are written as the API becomes available in the Dev and Test environments

Performance Testing

  • Objective: 
    • Ensure average response times are consistent with product owner expectations.  
    • Create test scripts based on relevant user scenarios.
    • Calibrate load testing based on system requirements.
       
  • Tools: 
    • Blazemeter, JMeter, New Relic
       
  • When: 
    • Application is available in Test environment

Regression Testing

  • Objective:
    • Validate that set of defined use cases perform as expected
       
  • Tools:
    • Selenium WebDriver, Python
       
  • When:
    • Ideally, while the system requirements are being defined, requirements are written as test case scenarios.
    • Application is available in the Test environment
       
  • Considerations when creating automated regression scripts:
    • BA or product owner resources available to define test cases and validate that automated test scripts cover the needed functionality
    • Ability to maintain a set of stable data against which to test or to seed data for the tests
    • Identification and maintenance of authorizations needed in order to run the automated tests
    • Can we make a rough estimate of the benefits of automated test scripts?  What is our estimate of how much time will be spent on creating the scripts

Security Testing

  • Objective:
    • Detect and mitigate security vulnerabilities within the application
       
  • Veracode:
    • IS&T has a license for Veracode security platform.  Leverage Veracode to detect security vulnerabilities early and receive suggestions for mitigation.
    • For Java applications, upload the .war file for scanning by Veracode
    • For non-Java applications and APIs consult with Veracode support team
       
  • When:
    • During development phase
    • For Java applications, Veracode can be integrated into Eclipse

 

 

  • No labels