You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

API Testing

  • Objective: 
    • Validate that data updates are processed as expected, based on system requirements
    • Validate any business logic encoded in the API, based on system requirements
    • Validate that negative test cases have been adequately covered
       
  • Tools:
    • Python scripts
    • Gazoonta tester: Java application uses XML input to make JSON requests to a REST API and  SQL commands to database.
    • Integrate API tests with Travis to run API tests at build time.
       
  • When: 
    • Ideally, the API tests are written as the API becomes available in the Dev and Test environments

Performance Testing

  • Objective: 
    • Ensure average response times are consistent with product owner expectations.  
    • Create test scripts based on relevant user scenarios.
    • Calibrate load testing based on system requirements.
       
  • Tools: 
    • Blazemeter, JMeter, New Relic
       
  • When: 
    • Application is available in Test environment

Regression Testing

  • Objective:
    • Validate that set of defined use cases perform as expected
       
  • Tools:
    • Selenium WebDriver, Python
       
  • When:
    • During requirements definition, so that system requirements can be written as test case scenarios.
    • We see highest Return On Investment when automated regression tests are written during application development.  Developers can use the scripts to test that new development does not have unintended consequences for existing code.
       
  • Consult with Release Engineering Team as to whether automated regression tests make sense for your project.  Factors to consider:
    • Are BA or product owner resources available to define test cases and validate that automated test scripts cover the needed functionality?
    • Ability to maintain a set of stable data against which to test or to seed data for the tests
    • Identification and maintenance of authorizations needed in order to run the automated tests
    • Are manual test scripts already available?  (not a hard requirement; consider re-using them if they exist)
    • Can we make a rough estimate of the benefits of automated regression tests?  Will the automated tests replace significant time spent on manual testing?  Will more efficient regression tests enable the development team to make more frequent releases for bug fixes and enhancement requests?

Security Testing

  • Objective:
    • Detect and mitigate security vulnerabilities within the application
       
  • Veracode:
    • IS&T has a license for Veracode security platform.  Leverage Veracode to detect security vulnerabilities early and receive suggestions for mitigation.
    • For Java applications, upload the .war file for scanning by Veracode
    • For non-Java applications and APIs consult with Veracode support team
       
  • When:
    • During development phase
    • For Java applications, Veracode can be integrated into Eclipse

 

 

  • No labels