Welcome!

Recurring Revenue Authors: Elizabeth White, Pat Romanski, Liz McMillan, Yeshim Deniz, Xenia von Wedel

Related Topics: Containers Expo Blog, @CloudExpo, Cloud Security

Containers Expo Blog: Blog Post

Relationship Between Risk & Continuous Testing By @Parasoft | @CloudExpo

Continuous Testing Q&A with Parasoft's Wayne Ariola

Stickyminds' Cameron Philipp-Edmonds recently interviewed Wayne Ariola (Parasoft Chief Strategy Officer and co-author of Continuous Testing) about how Continuous Testing provides a real-time, objective assessment of the business risks associated with an application under development and allows both business and technical managers to make better trade-off decisions between release scope, time, and quality.

The interview covered topics such as:

  • The relationship between risks and Continuous Testing
  • Common misperceptions about Continuous Testing
  • Who should care about Continuous Testing
  • How we are all in a new era of testing
  • Why now is the best time in the history of software to be a tester

The following is a brief excerpt from the interview...

"There are basically four major points associated with continuous testing. One, is the business expectations associated with that application need to be defined. So the business risk associated with the application, the team, or the release candidate needs to be very well defined. When those business expectations are defined, we are able to act upon them.

The second thing is defects associated with those business objectives or business expectations are automatically prioritized versus those business drivers. We understand what errors have been injected. We have very distinct isolation techniques to isolate the defects at any particular point in time and when one of those defects are found, basically the priority of them are automatically categorized so they don't just slip away.

The next thing that we need, and this is point three, is there needs to be a very distinct ownership associated with workflow and defect remediation. So today when a potential defect is found, you go through a huge iterative process associated with can you recreate it, can you define it, can you have an environment associated with recreating the error. Can development recreate it and can you fix it. And today we have mechanism to collect the information, but we don't have very distinct clear paths for ownership and remediation. That is one of the biggest areas where we can actually collapse the remediation cycle time and save a lot of time.

This leads to the last point, which is when we do find that there are trends associated with defects that are found, we need this feedback loop for defect prevention. Let’s say an organization is exposing more security issues than they would like. We should look at that pattern, understand that pattern, and then create defect prevention strategies to eliminate those classes of errors in the future. These priorities will obviously shift versus the business expectations.

When you ask the question, can you do more? I don't think the question is, "do more?" I think the issue is more about putting this idea of testing better in line with the business. Delivering information in which the business can make better trade off decisions associated with an application or its release versus extending time or scope. With that being said though, a lot of people say well, we do manual testing, we can't be continuous. It doesn't matter, you can have a continuous testing mindset and be a 100 percent manual testing organization as long as you're achieving the business demands associated with the organization. This is something we always try to think about because we think that everything needs to be automated. Automation is great by the way—automation gets us there a lot faster, by the way, without necessarily relying on humans who can inject errors as well. But if the business demand or the application demand itself has a very strong kind of environment in which manual testing achieves the goal, then manual testing is it. What we want to do, is we want to fit the practices to the business not what we have been doing in the past, which was to make sure to fit the tool into the business. We want to make sure the practices meet the business demand."

...

During the interview, Ariola and  Philipp-Edmonds also chatted about topics such as:

  • Is there a law of diminishing returns for continuous testing or is it "a more the merrier" approach?
  • How does Continuous Testing apply to teams that perform only manual testing?
  • What are some emerging trends in software quality?

To hear what they had to say, read (or listen to) the complete The Relationship between Risk and Continuous Testing interview at Stickyminds interview (no registration required).

More Stories By Cynthia Dunlop

Cynthia Dunlop, Lead Content Strategist/Writer at Tricentis, writes about software testing and the SDLC—specializing in continuous testing, functional/API testing, DevOps, Agile, and service virtualization. She has written articles for publications including SD Times, Stickyminds, InfoQ, ComputerWorld, IEEE Computer, and Dr. Dobb's Journal. She also co-authored and ghostwritten several books on software development and testing for Wiley and Wiley-IEEE Press. Dunlop holds a BA from UCLA and an MA from Washington State University.

IoT & Smart Cities Stories
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...