What is Penetration Testing?

Penetration testing contributes to being the security exercise in which the cybersecurity professionals try to detect and exploit different vulnerabilities present within a specific computer system. This kind of testing's ultimate objective is to recognize different weak spots present in the system's defenses. It is possible to execute this kind of testing manually or with automation with different software applications.

This testing process involves the collection of information about the target prior to the test, followed by the identification of different entry points, through which the intruder tries to break in. After this, the tester needs to provide the report about the findings. The ultimate objective of this kind of testing involves the identification of different security weaknesses. It is possible to test this kind of testing to test the business enterprise's security policy, the adherence to different compliance needs, and the security of the employees.

Visit here: Penetration Testing on Cloud Environment

This kind of testing helps test the business organization's capabilities in recognizing and responding to different security incidents. The kind of information about different security weaknesses is exploited or recognized through penetration testing. It is offered to the network system and IT managers of the business enterprise. It allows them to make different strategic decisions, thereby giving priority to different remediation efforts.

Advantages of penetration testing

Performing penetration testing regularly is considered to be the key to facilitate the security posture. Execution of penetration testing regularly provides visibility into different real-world security threats to the business enterprise. Penetration testing provides the suitable choice in finding different gaps and errors in the security, with the exploitation of different vulnerabilities. In this step, you will seek information about the different benefits of penetration testing:

Ensuring the continuity of the business

To ensure that the business operations are running every time, you require 24*7 communication, network availability, and access to different resources. Every disruption is going to have a negative effect on the business.

Learn More about: Penetration Testing for Retail Business?

 Penetration tests play an integral role in revealing different potential threats. Besides this, it assures that the business operations do not suffer from any sort of accessibility loss, unexpected downtime. Penetration testing is worth mentioning in this regard as it assures business consistency.

Testing the cyber-defense capabilities

Penetration testing provides the capabilities to adequately detect different attacks and respond correctly in due course of time. With the detection of the intrusion, you need to begin the investigations, after which you need to determine the intruders, thereby blocking them. Penetration testing is worth mentioning in this regard as it plays an integral role in improving the defense.

Exhibiting different real risks

Penetration testing plays an integral role in exploiting different kinds of identified vulnerabilities. So, they will be capable of understanding what the attackers will be doing in the real world. They should seek access to sensitive data, thereby performing different operating system commands. Only penetration testers are capable of showcasing various real risks after the performance of such kind of analysis.

Visit here: Penetration Testing Guide

Revealing different kinds of vulnerabilities

Penetration testing plays an integral role in exploiting different weaknesses present in the network infrastructure, application configurations, and system. The staff's habits and actions will result in malicious infiltration and data breaches, which are being researched during the execution of different penetration tests. Penetration testing plays an integral role in bringing an improvement in the overall security.

Penetration testing techniques

There are different kinds of penetration testing, which include

Internal testing

In this kind of testing, the tester, having application access behind the firewall, will be simulating the attack.

External testing

This type of testing involves testing the targets of the company assets, which are predominant on the web. The ultimate objective lies in seeking access and extraction of the crucial data.

Visit here: Security Testing Tools

Blind Test

In this kind of testing, the software tester procures the specific business enterprise's name, which is already targeted. It offers the real-time look of the security personal into how the original application assault will occur.

Double-blind testing

In this kind of testing, the security personnel do not possess any prior knowledge of the simulated attack. They will not possess the time for shoring the defenses before the intruder tries to intervene.

Targeted testing

In this type of scenerio, both the security personnel and the tester will be working together, thereby keeping one another aware of different movements. It is considered a valuable training exercise, which offers honest time feedback to the security teams from the hackers' point of view.

 Penetration testing tools

Penetration testers make the best use of different automated tools for uncovering different standard application vulnerabilities. The penetration test is responsible for scanning the code to recognize the malicious code present in the applications, which might lead to the security breach.

Such tools are responsible for the examination of different data encryption techniques. They are responsible for the recognition of different hard-coded values, like the passwords and usernames, which helps in verifying different security vulnerabilities present within the system.

While choosing the penetration testing tool, you should ensure that they can scan the system at ease without any challenges. Besides this, you need to ensure that these tools are ideal in deploying, using, and configuring at ease. These kinds of tools help in categorizing different vulnerabilities, following the severity. The penetration tools, as mentioned above, procure the suitable opportunity to automate the validation of different vulnerabilities.

A wide assortment of penetration testing tools are available in the market, which are available at absolutely free of cost. They provide the capabilities to the testers in modifying and adapting the code, catering to the needs. Few of these tools are inclusive of Wireshark, Nmap, Rapid7, John the Ripper, to name a few. Penetration testing is performed on a wide scale in different business organizations as it offers more security against hackers. You are sure to confer the ultimate security to the business organization as you opt for Penetration Testing Services.

Conclusion:

Information security has become the prime concerns for organizations today with the increase in the number of security breaches. Any breach of security can result in negative branding and legal repercussions. It is a mandate to perform frequent security audits to avoid greater security challenges in future. To avoid such situations, Indium software has its own comprehensive security testing approach designed based on OWASP 10 standards.

Indium’s end-to-end security testing services follow the OWASP security guidelines, latest industry standards and security testing methodologies.

Our certified ethical hackers have vast experience in helping clients across diverse industry verticals and organization sizes.

Indium Software | Top Pen Testing Companies

what are test automation tools

Once the business organization decides to launch a quality application or software into the market, it is necessary to opt for continuous and agile integration and DevOps methodologies. In this regard, test automation plays an integral role. 

It involves the execution of different software and applications, which will perform the test cases execution without challenges. It aids in generating the results of the test without any sort of human interruption.

Test automation is effective in saving an ample time and effort. As you opt for automation testing services, there will be fewer chances of errors and bugs. It is possible to perform automated testing several times for testing the similar application, thereby reducing the manual and redundant work. A test automation tool contributes to software that provides the prerequisite choice to the potential audience to define different software testing tasks.

If you want to procure success during the execution of the test automation project, it includes recognizing the prerequisite tools. A wide array of commercial and open-source automation tools is available in the market.

Continue reading for an in-depth look at the test automation tools executed on the low code automation platform.

QMetry Automation Studio

QMetry Automation Studio is considered to be a popular software automation tool that is developed on Eclipse IDE. 

This tool stands second to none in offering reusability, efficiency, and structure to different automation efforts. It will help if you keep in mind that the studio supports the advanced automation strategy and coded automation. In addition to this, manual software can move to automation without any challenges with the aid of script-less automation techniques by choosing these tools.

Katalon Studio

Katalon Studio has gained high prominence as a test automation tool useful for Desktop, Web, API, and mobile testing. 

This software automation testing tool is equipped with many features, such as the generation of test cases, recording different actions, performing different tests, creating test scripts, and reporting different results. Business organizations love this software automation tool for its versatility. Besides this, you can use this tool to test different Android and Apple applications. It is possible to integrate this tool with many different tools, like Slack, Git, Kobiton, to name a few.

TestProject

TestProject contributes to being the community-powered and cloud-based software test automation platform, which provides the suitable choice to the potential audience to test different Apple and Android applications on different operating systems. You can opt for this software automation testing tool to collaborate with the team, with Appium and Selenium's aid, which assures speed along with quality. It has become the prime choice of QA testers as it does not need any complicated configuration and setups.

Subject7

Subject7 is recognized as a no-cloud and cloud-based platform that offers support to end automation to perform security, load, mobile database, accessibility, mobile, web, and testing. It boasts the interface, allowing the non-coder to perform different test flows and the least training and support. This software testing tool plays an integral role in scaling a bunch of steps. In addition to this, it offers support for tracking, collaboration, and project management. It offers an ideal choice to perform high scale parallel testing in the private, public, and hybrid cloud.

LambaTest

It is another worth mentioning name in the list of automated software testing tools. It provides the suitable choice to the potential audience to conduct automated compatibility testing of the web applications and the website. This tool is regarded as a suitable choice to perform cross-browser automated testing on a plethora of operating systems and browsers. This automation testing performs live interacting testing via VM, which is hosted on LamdbaTest Cloud.

Testsigma

Testsigma is another notable name in the list of the leading Automation testing tools. It allows you to make the right use of simple English for the automation of different complicated tests, thereby accomplishing delivery requirements. This automation software tool offers the test automation ecosystem along with different elements, which are necessary to execute continuous testing. This software testing tool allows you to automate API services, mobile and Web applications.

Qualibrate

Qualibrate has earned a high reputation as a software testing tool, which offers the suitable choice for creating training documentation for the different potential audiences. By choosing this tool, it is possible to access test automation for different non-technical users. In addition to this, it offers advanced and robust functionalities for different software testers. This software testing tool comes with easy to use interface, which offers a helping hand in recoding different Business Processes in no time.

Watir

Watir happens to be an open-source automation testing tool that offers support to IE, present on the Windows. Ruby happens to be the scripting language. You can make the right use of it to connect with different read flat files, databases. A wide array of software testers prefer to use this tool to test the code, which can be repeated across different test scripts.

TestComplete

It happens to be a user-friendly and powerful functional automation tool that is beneficial for performing different automation tests across the different web, mobile, and desktop applications. You will be amazed to know that this software testing tool offers support to different scripting languages, such as Python, VBScript, and JavaScript. It will also support different types of software testing techniques like data-driven testing, keyword-driven testing, distributed testing, and regression testing. The record and replay are other prominent features of this software automation testing tool, which allows you to come up with complicated automated test scripts without the need to write even one line of code.

Summary

A variety of test automation software tools are available in the market. Owing to this, choosing the appropriate tool might be challenging. If you are looking for a suitable software testing tool that can be used to perform software test automation, you can refer to the tools mentioned in this article without giving it a second thought.

Conclusion

Indium Software is a Specialist QA & Quality Assurance Services provider. Our comprehensive suite of testing services covers Test Advisory, Functional and Non-Functional testing specializing in Automation, Digital, DevOps, Agile, Web, Mobility, IOT, Big Data and Artificial Intelligence to name a few. 

Indium Software is helping clients globally transform their Software QA services function to achieve zero production defects, reduce QA cycle times up to 80% and lower overall QA costs up to 60% with its Next-Gen Testing Solutions, Modern Testing Approach, Skilled Teams and Global Delivery Model. We are also an ISO 9001:2008 & ISO 27001:2013 certified company.

 

Software testing principles

Machines are dominating the world of technology and it’s the software which controls the behavior of these machines. Software testing offers the prerequisite solution to the different problems in which the machines behave. As you learn about the principles of software testing, you will get a deep knowledge about the importance of software testing.

Software testing contributes to being the process in which a software product is verified and validated. Through software testing, you can test if the specific software testing can accomplish different technical and business needs which guide the development and design. The success rate of the software application offers a helping hand in controlling business growth. Software testing services plays a crucial role in developing different software products and applications.

Principles of software testing

Software testing is conducted to achieve optimum efficiency while making the process efficient and minimizing cost and saving time.

In this article, we look at the seven basic principles in the software testing.

Software testing reveals defects and bugs

It is necessary to perform software testing properly before the launch of a product or application. The product needs to pass through various phases such as user acceptance testing, system integration testing, beta testing. Different defects which are present in the product will be revealed through software testing.

After the process of software testing, the tester will find if the product has accomplished different needs of the business. In the software testing sector, the testers will never say that the software is completely free from all the defects.

 It is completely true as through testing; it is not possible to prove that the software is free from defects and errors. The objective of testing is finding different hidden defects through various methods and techniques. Software testing helps in finding various undiscovered defects.

Can you perform exhaustive testing?

It is not feasible to perform the testing of different functionalities with the aid of invalid and valid input data combinations during real testing. Hence, it is necessary to conduct the testing with few combinations through various techniques. Through exhaustive testing, limitless efforts are necessary. Majority of such efforts are not effective.

In addition to this, the project timeline may not provide the opportunity to test with such an excessive number of combinations. So, another primary principle of software testing is that it is not feasible to conduct testing of different combinations for every input type.

Early testing

It is a prerequisite to conduct early testing in the earlier phase of Software Development Life Cycle (SDLC). Hence, you should make sure to identify the defects, present during documentation defects and requirement analysis phase. As you go for early testing of the software, the costs which are involved in resolving these errors defects are lesser than in the later phase of testing.

Defect clustering

While performing software testing, it is noticed that most of the defects present in the software are in a smaller number of the modules. Several reasons might be responsible for this. It is referred to as the Pareto Principle of Software testing, in which it is possible to find 80 per cent of the errors, involved in 20 per cent of the modules.

Fallacy - the absence of errors

You will be surprised to know that the software, which is 99 per cent free from errors, might not be suitable for use. Such conditions occur once the tester performs the testing of the software for the wrong requirements.

Software testing is not only about finding the errors and defects in the system. Instead, it is also about checking and ensuring that the software, which is developed during the software testing process, accomplishes the needs of the business. The absence of error is regarded as a fallacy. Fixing and finding the defects is not useful if the built system is unusable and fails to fulfill the requirements of the user.

Pesticide Paradox

In case the same type of tests is performed timely, and again, the test cases will be no more useful in detecting the new bugs. For overcoming this problem referred to as Pesticide Paradox, you should make sure to perform a review of different test cases regularly. You should make sure to write various tests for exercising various parts of the system or software for finding other potential defects.

Software testing is context-dependent

It is worth mentioning the principle of software testing which indicates that there are multiple fields, like commercial websites, eCommerce websites, to name a few. There is a specific way for testing the eCommerce and commercial websites as each application boasts of its functionalities, features and requirements. For checking such kind of application, you should make sure to take the assistance of different types of testing, approaches, techniques, and methods. Hence, software testing relies on the app context.

Software testing is an indispensable part of the SDLC or Software Development Life Cycle. Once it is performed effectively and correctly, it offers amazing results. To complete the right objectives of testing, it is important to implement the maximum testing principles in software development.

It is possible to achieve the same when every member of the team is well versed with the principles of software testing. It is essential to find as many defects as possible before the release of the software. To accomplish this, it is a must for the software testing company, offering QA services to perform testing to find the errors, defects in the software testing.

Summary

If you want to conduct software testing efficiently and effectively, it is essential to gain an understanding of different principles of software testing, as mentioned above. It would help if you keep in mind that they are the pillars of software development. If you want to make the project of software development a grand success, you should make sure to implement the software testing principles, mentioned in this write-up. 

Problems of stress testing of components of billing systems

Problems of testing in general and stress testing in particular is well known among software vendors (software). It is known that, in contrast to the functional and regression testing, which focuses on testing the completeness of coverage of all branches of the algorithm of the subsystems (applications) and the backward compatibility of the functional testing services with older versions, a "headache" departments exercise testing is precisely the perspective of the approximate simulation to the reality of the load relatively few resources (both hardware and human), as well as finding bottlenecks in the functioning of the whole system.

All compounded by the fact that the process of issuing new versions or patches of errors in relation to billing systems, looks a little different than any other software. Here, the traditional process of "Staging - Development - SoftwareTesting Services- Implementation - Support comes in a very large number of relatively small components (subsystems). Since the billing system - a product of a living, constantly changing, the number of subsystems produced per day can be measured in tens.

Attempt to "integrate with" business-process software release identified a number of conflicting objectives, where it is necessary to seek a compromise.

First, each scenario is the use of billing separately (in the image and likeness, as is done at the customers) for stress testing is impossible to recreate (the number of clients is steadily growing volumes of data to be processed grows geometrically). On the other hand, make a universal stand on which to try to fully test the load all the functionality of billing and not simply because there is mutual exclusion as the algorithms within the same subsystem and the mutual exclusion of subsystems as a whole.

Second, as practice shows, the complexity of the preparations for the load testing, in contrast to the functional (regression), estimated totally different scale. By the degree of complexity of preparation for exercise testing, the software can be divided as follows:

·         "Light". Subsystems are loaded with the stream of input data (pre-filled table, a set of files, etc.). In this case, often preserved continuity tests (once prepared the input data, and then you can use them by simply changing the version of the application on the newer ones). Of course, if the format of the input data is changing (increasing), this leads to an alteration of the script. But this usually does not happen very often. Most often, the category of "light" fall batch jobs and background processes of billing systems that run directly on the server (or database or application servers).

·         "Average." Subsystems have the user interface. In this case, the client application is written "properly" - so that there is no logic in the client application is not concentrated - "light" client. In this case, the initial preparation for the stress testing can be very serious. To simulate the mass of customers, using special software tools, such as Rational Perfomance Testing services and Mercury LoadRunner, you want to create scripts from the context-related scripts written in a special language. But at the same scripts themselves are fairly simple, because contain only calls to server-side logic. In addition, in the future, the same script can be used again as a changed server-side logic (or have expanded the functional, not affecting the existing one).

·         "Heavy". Typically, these are supplements that contain the logic on the client site. Simulate the mass work with clients in such an application (especially if the tests claim accuracy) are either very difficult or impossible. For example, in the used Rational Perfomance Tester language VU Language simply does not provide floating-point operations. Ie, any such "client" the calculation involves, at least, the establishment of special libraries (DLL), allowing to make the appropriate calculations on floating point numbers, to pass a string. Thus, the tester should be in a certain sense also a good programmer! Not to mention that without the source code analysis of the simulation of such an application is simply not possible.
Thus, not every problem can be tested under load without serious "artillery preparation", and what, alas, will just have to close my eyes …

Third, a separate task is profiling loads. It is no secret that every application can work well individually. However, in view of "interprocess" correlation, the results of groupware applications, can be very unpredictable. Hence - the more accurate the profiling done loads for each of the applications, the better will stress test, and as a consequence, the conclusions drawn. There is also an application can be divided into "light" and "heavy." By the light, in terms of profiling, include those whose input flow measure (for example, the number of processed records for some period), or, if it comes to client workstations, a set of operations leading to the appearance of a certain amount of information per unit time . By "heavy" in terms of profiling, are those applications whose work poses a serious burden and, thus, leaves no "footprints" of their "life" (for example, the work «Call Center» - a group of users, giving information on telephone and, accordingly, only viewing information). Another example is a batch job (or set), process the data generated by other processes. Here, for example, there may be an avalanche effect, where due to imbalances in any of the grounds, the subsystem does not behave like in a real operation.

Currently, the group exercise testing "Peter-Service", based on the developed test methods of billing system «PETER-SERVICE BIS», was seeking answers to a rather narrow range of issues. Among the tasks we have set, such as the answer to the question of raising / lowering the productivity of key business flows billing with the upgrade version of ORACLE with the existing (9 Release 2) to the new (10 Release 2) or a comparison of hardware from different vendors at the same load scenarios. And to answer such questions today is quite simple. However, fully integrate into the business process of software production is not yet possible because of the complexity of solving the problems voiced above. Nevertheless, we are looking forward with optimism.

 Visit: Software Testing Companies

The introduction of automated software testing at the project level

Given the growing interest in test automation tools and implementation of automation projects, there is increasing demand for training and consulting in the field of quality assurance projects.

The article is devoted to recommendations on the most painless option introduction of test automation at the project level, if this trend in general is not developed in the company - software vendors.

Sure, test automation has a lot of advantages when implementing a balanced and debugged the software development process.

·         Are you interested in test automation projects, but have no experience and specialized professionals in this field?

·         How painful will be the introduction of automation in your project or department?

·         What is the effectiveness and benefits from the introduction of test automation?

This is not an exhaustive list of issues that concern the company planning to implement test automation for their projects. Before thinking about the introduction of test automation services, you must ensure that the process of quality control on your projects built, documented and works like a clock. Remember that the introduction of automation - is not a craze, and the task, designed to translate the quality control on your project to the next level. Purpose - to improve efficiency Software QA services project, rather than more headaches.

The second step is to appeal to professionals who can help you deliver the automation process in a professional manner and in a short time. Sure, you can try to develop the direction of its own, but without experienced this process is likely to result in significant time will pass by trial and error will affect a larger budget and, ultimately, it can and does discourage you wish to apply automated testing.

Modern methodologies of automated testing allows the use of consultants minimum, receive high returns from cooperation with them and successfully on their own to develop this area in your company.

When implementing projects to automate testing from scratch, we are in most cases, we recommend the development by the framework based on principles Keyword Driven approach, along with the training that will allow your team to refine their own framework and develop automated tests coverage. To date KeyWord Driven frameworks are the most technologically advanced solution in terms of price / Work / efficiency.

The advantage of this by the framework include:

·         Maximum reusable code: actually created only one script, which manages the implementation process;

·         This technology does not preclude the application of methods of Data Driven, which adds to it all the advantages of Data Driven Approach;

·         All operations are presented in the form of an Excel spreadsheet or in any other format;

·         All user interface objects are stored in external files;

·         All test scenarios (test cases) and packages start (test suites) are also described in external files (typically used Excel), allowing you to easily manage your startup;

·         The framework has the maximum flexibility: you can easily add, delete, edit existing test scripts and packages starting at this for a given task does not require additional training, only need the ability to work with the framework;

·         The system can be easily updated with new transactions or edit existing, with no need of any complex action, you should only write a new function. This allows you to easily and painlessly expand the framework itself;

·         If necessary, switch to another tool for automation, processing to be a minimum of code, test scripts will remain in the same form.

·         For many departments of software testing this solution may not be a panacea, because the results of the development framework and conduct a brief training to work with him, the requirements for qualification, covering a system Auto-test, is significantly reduced, enough skills with MS Excel.

How to build the implementation process?

As practice shows - best to carry out three steps:

·         Analysis of a set of tasks and technologies used to develop applications. According to the analysis selected the best automation tool (for a fee or free). Based on planned objectives and specific project plan for implementation and necessary process-documentation, made the necessary adjustments to the curriculum, practical exercises are based on the selected tool.

·         The second stage - the training of specialists, who must acquire the necessary theoretical knowledge of the process, organization and methods of automation, the skills of working with the tools to learn how to create test cases, combine them in a script to automate, develop basic library for building frameworks and organizations run the script.

·         The final stage - the introduction of direct knowledge in practice. At this stage, experts on the basis of the working draft, together with the consultant to plan the coverage of automated test applications, developing a framework, conducting the planned automation of the set of functional systems, develop suitable mechanisms to execute scripts and collecting results.

As a result, this should happen:

·         Fully ready infrastructure for the development of automation in the project;

·         Feature set of scripts that cover the planned amount of functional testing services with a given depth;

·         Trained, capable of independently developing automation development project;

·         Rules for the test automation;

·         Description framework and scripts for the software product on which the implementation took place.

Duration of work on such a project may (but need not) meet the following framework:

·         Analysis of problems in the introduction: "1 - 2 weeks;

·         Education (depending on the program): ~ 4 - 10 working days;

·         The introduction of an active project (depending on the amount of work scheduled): ~ 3 weeks - 1.5 months.

Outsourcing software development

Now, one of the most popular term in the business is “outsourcing“. Specialized software testing companies are now bought a variety of projects ranging from developing information technology strategy, completing the development of applications and this is due to certain advantages.

At first, giving a solution of their problems to companies that specialize in certain kind of activity (eg, application development), we can improve the quality and reliability of the solution of these problems, as well as the predictable result. Secondly, outsourcing of non-core activities will not divert its own staff for activities not relevant to their professional aspirations.

Third, a subcontractor who specializes in certain jobs, has extensive experience and has packaged solutions for common problems, which reduces the cost and accelerate their solution. Fourth, it is a company specializing in one form or another IT services, have the most advanced technologies, since they use these technologies is a key success factor. Finally, the outsourcing of application development will not have the IT department staff of developers, thus avoiding the problems associated with managing them. 

Of course, among managers and owners of companies have already appeared the first proponents of the IT-outsourcing, and is used primarily by outsourcing software development due to high cost of their own team.
Nevertheless, the outsourcing of software development has some specific characteristics, while they differ significantly in cases where the client company is not engaged in software development (software), and when the client company itself specializes in software development.

However, despite the attractiveness of outsourcing software development costs, however, aware of and possible negative consequences of the decision to transfer work on the development of software to another company. First, giving to the side of software development, the company will inevitably trust another company a certain percentage of their secrets, exposing themselves to the risk of leakage of confidential data. Sometimes it turns out that the organization of outsourcing must take extra effort to hide from the partner in charge of developing, information about the full application architecture and features of key business processes.

Secondly, there is another problem faced by customers of outsourcing software development. It is the need to invest in dive staff artist at the specifics of their business processes. Starting a project with the use of outsourcing, we have to expend some effort to ensure that partner is able to perform assigned tasks, for example, provide descriptions of business processes, and sometimes straighten on training courses on this or other technologies (particularly, it concerns the specific branch of technology ).

Ultimately, it may be that such an implicit training partner costs for the client company is expensive, and more profitable it would be these assets to invest in their employees. You have to understand that IT employees - companies are learning from project to project, and for the money the customer and the staff is not your company.

However, some of these risks can be reduced through appropriate administrative, legal and organizational measures (such as the conclusion of Executive confidentiality agreement and the requirement for a performer of a trade secret with a reference on reference to a commercial secret detention contract work). However, the conflict with the performer can lead to disastrous consequences if you do not calculate the risks of a possible change of executor and not to define the activities or ways of doing the work prevents it.

How to Report Bugs Effectively

Anyone who wrote a program for public use, has received at least one bad bug report. Messages that are not talked about anything ("It does not work"); messages that did not make sense, the messages that were not given sufficient information, the messages that were given incorrect information. 

Reports of problems that turn out user error, reports about problems that turn a defect in someone else’s program, reports of problems that turn network failures. 

Learn more about software testing services

There is reason to believe the work of technical support, which is disgusting to do, and the reason - bad error messages. However, not all error messages are repulsive: I support the free software when you do not earn a living and sometimes I get a wonderful, clear, informative posts.

In this essay I will attempt to articulate what makes a good error message. Ideally I would like to see everything in the world to read this essay before you tell anyone about the error. Of course, I would like to see everyone who reports an error to me, read it.

In short, the purpose of error messages - to allow the programmer to see ourselves as the program fails. You can either show it in person, or to give precise and detailed instructions on how to make the program broke down. If they can make it fail, they will try to gather additional information until yet know the cause. If they can not make it fail, they should ask you to collect this information.

In the error messages, try to clearly define what is the actual facts ("I was at the computer and this happened"), and that - assumptions ("I think the problem may be in this"). Lower the assumption, if you wish, but do not immerse the facts.

When you report an error, you do it because you want that the error was corrected. It makes no sense to blame the programmers, or knowingly assist them: this may be their fault and your problem and you can be angry at them, and you may be right that get angry at them, but will be fixed faster if you help them by providing all the information they need. Also remember that if the program is free, the author gives it to you out of kindness, so if too many people are too rough with him, he may cease to be good.

"This is not working"

Believe me - the programmers have some rudiments of intelligence: if the program actually does not work, they probably would have noticed it. And since they have not noticed, they should work. So, either you’re doing something wrong as they are, or your system is different from them. They need information; supply this information - this is the purpose of the error message. More information is almost always better than less.

Many programs, particularly free ones, publish lists of known bugs. If you can find a list of known bugs, it is worth to read it to see if the error you have just found a well-known or not. If it is already known, probably not worth it to report, but if you think you have more information than the error message in the list, you can still connect to the programmer. They will be easier to correct a mistake if you can give them information that they already have.

In this essay, many of the rules. None of them is not absolute. Different programmers prefer different ways of reporting errors. If the program comes with its own set of rules error messages, read them. If the rules that come with the program consistent with the rules in this essay, follow those that come with the program!

If you do not report an error, but just ask for help in using the program, you should tell us where you are looking for the answer to your question. ("I looked in chapter 4 and section 5.2, but could not find anything that would tell me if this is possible) This will allow the programmer to find out where people expect to find the answer, so he can make the documentation more user-friendly.

"Show me"

One of the best ways that you can report a bug - it’s demonstrate its programmers. Put them in front of your computer, run the program and show what is going wrong. Let them see how you turn the machine to see how running a program to see how you interact with it and see how that program is doing in response to your input.

They know the program inside out. They know which parts they trust and what parts might be defective. They intuitively know what to look for. By the time the program will do something obviously wrong, they can already notice something subtle wrong and this may give them a clue. They can understand everything that the computer does during the test automation services run, and they can draw from this are important to them part.

This may not be enough. They may decide they need more information and ask you to show them the same thing again. They may ask you to tell the startup procedures so that they can reproduce it for yourself as many times as they want. They may try to change the procedure several times to see whether the problem occurs in only one case of a family of related cases. If you’re unlucky, they may need to spend a couple of hours with a set of developer tools and start to really understand. But most importantly - to make the programmer looked at the computer when it works properly. When they see taking place before their eyes a mistake, they will be able to take it and try to fix it.

"Show me how to show yourself"

This is the era of the Internet. This is the era of global communication. This is the era in which I can send the program to someone in Russia at the touch of a button, and he can send me comments as easy. But if he has a problem with my program, he can not do it so I stood in front of his computer when it crashes. "Show me" well, when it can be done, but often this is impossible.

If you need to report bugs to programmers who can not attend personally, the purpose of exercise - to enable them to reproduce the problem. You want the programmer has launched its own copy of the program, did the same thing and broke it the same way. When they see as there is in front of them, they can deal with it.

Thus, tell them exactly what you’re doing. If this is a graphical program, tell me what buttons and in what order you pressed. If you run a program by typing the command, show them precisely what command you typed. Wherever possible, provide a verbatim transcript of dialogue, showing what commands you typed, and that the computer gives you the answer.

Give the programmer all the input data, which you might think. If the program reads the file, you will probably need to send a copy of the file. If the program communicates with another computer on your network, you probably will not be able to send a copy of this computer, but you can at least say what is a type of computer, and (if you can) what software it is running.

"Works for me. So what’s wrong? "

If you give the programmer a long list of input and action, and they have launched their own copy of the program and nothing wrong happened, it means that you have not given them enough information. Perhaps the fault does not happen on every computer, their system and yours may be something different. Perhaps you do not understand what the program should do, and you’re both looking at exactly the same conclusion and think that it’s wrong, but they think it is correct.

Thus, also describe what happened. Describe exactly what you saw. Describe why you think that something that you saw is wrong; better describe exactly what you’d expect to see. If you say "and then she did it wrong, you omit important information

If you see an error message, tell the programmer to precisely and accurately what it was for the message. This is important! At this stage, programmers do not try to fix the problem: they are just trying to find her. They need to know what went wrong, and these error messages - the best way to describe it. Record the error messages if you have no easier way to remember them, but do not tell that the program generated an error message with no description of what it was for the message.

Especially if the error message contains a number, let the programmers know them. Do not assume that they do not make sense just because you can not see it. Numbers contain all kinds of information that can be read by programmers, and they often contain key information. The numbers contained in the messages because the computer is unable to report the error in words, but doing the best that can be done to provide you with important information.

At this stage, programmers effectively do the work of a detective. They do not know what happened, and they alone can not get close enough to see how it happens, so they are looking for clues that this prompt. Error messages, incomprehensible strings of numbers, and even unexplained delays are just as important as fingerprints at the crime scene. Keep them out!

If you use Unix, the program can produce a core dump (core dump). Core dumps - an important source of evidence, so do not throw them away. C on the other hand, most programmers do not like getting a giant dump files via email without warning, so ask before you send them to someone else. Also, keep in mind that the dump contains a record of all states of the program: any "secrets" (probably the program contains a private message or has to deal with sensitive data) may be contained in the dumps.

"Then I tried it…"

There are many things you can do when an error occurs. Many of them will make the problem worse. My friend at school deleted by mistake all my files Word, and before you call a knowledgeable person for help, she reset the Word, and then tried to run the derangement. None of this helped to restore the files, and this is mixed a disc to such an extent that no file recovery program in the world could not recover anything. If she had just left it as is, she had a chance.

Users like this are like the mongoose cornered: leaning back against the wall and staring death in the face, he vehemently attacked, because doing something would be better than doing nothing. It is not well suited to the type of problems that happen with your computer.

Instead of being a mongoose, be an antelope. When an antelope is facing something unexpected or frightening, it freezes. She stands perfectly still and tries not to attract attention, while she stands, she thinks and works out the best solution. (If antelopes had technical support line, they would call back at this moment.) Then, when it decides what can be done more safely, it does.

When something goes wrong, immediately stop doing whatever it was. Do not touch any buttons at all. Look at the screen, notice all the unusual and remember or write it down. Then, perhaps, begin pressing «OK» or "Cancel", depending on what appears to be safer. Try to develop a reflex - if your computer does something unexpected - freeze.

If you have coped with the release of a problem, either by closing the program or reboot your computer, it would be good to try to make sure that this problem occurred again. Programmers like problems that they can reproduce more than once. Happy programmers fix bugs faster and more efficiently.

"I think the tachyon modulation must be badly polarized"

Not only non-programmers write bad bug. Some of the worst mistakes I’ve seen are written by programmers and even good progammistami.

I once worked with another programmer who finds errors in your code and tried to fix them. Also, quite often he discovered the mistake he could not fix it and called me for help. I asked, "What happened?" He replied by telling me your opinion about what should be corrected.

This works well when his opinion was correct. This meant that he had already done some work and we can finish it together. It was helpful and efficient.

But quite often he was wrong. We worked for some time, trying to figure out why some particular part of the program produced incorrect data, and in the end, discovers that she has not done that for half an hour, we explored an excellent piece of code, but the real problem was somewhere else.

I am confident that with the doctor he would not have done. "Doctor, I need a recipe Gidroyoyodina." People know that it is not necessary to speak to the doctor: they say the symptoms, its discomfort, pain, rash and fever, and you let the doctor make a diagnosis that is the problem and what to do with it. Otherwise, the doctor declares you are a hypochondriac or crazy, and it will be correct.

It’s the same with programmers. Sometimes it is useful to inform their own diagnosis, but has always set out for symptoms. Diagnosis - is an optional extra and not an alternative to the provision of symptoms. Equally, make code changes to fix the problem is a useful addition to the error message, but no adequate substitute for it.

If a programmer asks you for additional information not invent it! One day someone told me about the error and I asked him to try the command, about which I knew she was not working. The reason that I asked him - I wanted to know which of the two error messages it displays. Knowing which email program generated - was key. He did not try to do it, he just wrote me, "No, it will not work" It took awhile to convince him to try.

Excellent that you have the intelligence to help the programmer. Even if your deductions are wrong, programmers will thank you for what you have at least tried to make their lives easier. But please also symptoms, and then instead you can make their lives more difficult.

"It’s funny, it did so a moment ago"

Say "intermittent fault" to any programmer and see how pogrustneet his face. The easy problems are those for which the play is enough to perform a simple sequence of actions. The programmer can repeat these steps in a well-observed test conditions and detailed look at what happened. Too many problems so do not do: it is programs that sboyat once a week or very rarely, or never sboyat when you’re trying to do it in front of a computer programmer, but always sboyat when you have a suitable deadline for the delivery of the work.

Most unstable failures are not truly stable. Most of them have some logic. Some might occur when the memory ends, some may occur when another program tries to modify a critical file at the wrong time, and some can only occur in the first part of each hour! (I actually saw this.)

Also, if you can reproduce the error, and the programmer can not, it may be because your computer and his computer into something different and this difference leads to an error. Once I had a program that is folded into a small ball in the upper left corner of the screen and sat there and sulked. But she did it only at a resolution of 800×600; everything was fine on my 1024×768 monitor.

Programmer wants to know everything that you can find out about the problem. For example, try on another machine. Try two or three times and see how often it fails. If an error occurs when you are doing serious work, but does not occur when you are trying to demonstrate the cause could be a great time to start or large files. Try to remember as many details of what you did with the program when it zasboila and if you see any patterns, mark them. Anything you can tell, can help. Even if it’s only assumptions (such as "There is a tendency to the fact that it falls more often when running Emacs»), it can not provide direct clues to finding the cause of the problem, but it can help the programmer reproduce it.

Most importantly, the programmer wants to make sure whether he has to deal with this unstable failure or a failure, characteristic of the machine. He wants to know many details about your computer, so that can make a conclusion about how it differs from his computer. Many of these parts depends on the particular program, it’s one thing you should definitely be ready to announce - the version number. Version number, version number, operating system and, possibly, the version numbers of other programs related to the problem.

"Then I loaded the CD into your Windows…"

It is essential that an error had been written clearly. If a programmer can not understand what you meant, you might as well have nothing to say.

I get error messages from all over the world. Many of them are from people for whom English is not native, and many of them apologizing for his poor English. Generally speaking, error messages, with apologies for bad English is actually very clear and helpful. Most ambiguous messages coming from the people for whom English is native, who believe that I understand them, even if they do not make any effort to be clear or accurate.

·         Be specific. If you can do something in two ways, specify how you used. "I chose the Load" might mean "I clicked on the button Download" or "I pressed Alt + W". Tell me what you did. Sometimes it matters.

·         Be verbose. It is better to give more information than less. If you say too much, the programmer can ignore some parts. If you say too little, he should go back and ask more questions. One of the error messages that I received, consisted of one sentence. Every time I asked for more information, the reporter said to me in one sentence. Obtaining a useful amount of information took me a few weeks, as was adding each time one small suggestion.

·         Be careful with pronouns. Do not use words like "this" or "box" when it’s unclear what they mean. Consider this: "I launched the application Foo. It kicked up a warning window. I tried to close it, and it fell. " It is unclear what the user tried to close it. Did he close the window with a warning or an application Foo entirely? This is a big difference. Instead, you can say "I launched the application Foo, which kicked up a warning window. I tried to close the warning window, and the application Foo fell. It is longer and with repetitions, but also clearer and harder to misunderstand.

·         Read what you wrote. Themselves, read the message and see whether you consider yourself, it is clear. If you bring a sequence of actions leading to the crash, try it yourself to make sure that you have not missed any step.

Summary

·         The first task of the error message - let the programmer see the failure with their own eyes. If you can not be with him, to reproduce the crash in front of a programmer, give detailed instructions so that he could reproduce the crash itself.

·         If the first task fails and the programmer can not see the crash itself, the second problem is the error message - to describe what went wrong.

·         Describe everything in detail. Identify what you saw. Also determine what you’d expect to see. Record the error messages, especially if they have the numbers.

·         If your computer does something unexpected, freeze. Do not do anything as long as you do not calm down and not do anything that you think might be dangerous.

·         Of course, try to diagnose the fault, if you think you can do it, but even in this case, you should also report symptoms.

·         Be prepared to provide additional information if needed to the programmer. He would not ask if it was not he needs. He is not intentionally annoying (inconvenient) Let the version numbers will be at your fingertips, because they probably need it.

·         Write clearly. Say what you have in mind and make sure that it can not be interpreted correctly.

·         First of all, be specific. Programmers like precision.

Click here to know more here : Software Testing Companies