Testing, Deployment & QA

Testing, Deployment & QA
What are your thoughts on SaaS management platforms (SMP)?

Top Answer :

Related Tags
Business Application Development
Architecture & Strategy
Requirements & Design
Testing, Deployment & QA
Mobile Development
Selection & Implementation
Business Analysis
Applications Vendor Landscapes
Data Center
Public and Hybrid Cloud
Business Applications
Crisis Management
Data & Business Intelligence
Artificial Intelligence
Business Intelligence Strategy
Data Management
Enterprise Integration
Machine Learning
Data Lake
Big Data
Data Warehouse
Disruptive & Emerging Technologies
Virtual Reality
Digital Innovation
Augmented Reality
End-User Services & Collaboration
Collaboration solutions
End User Equipment
End-User Computing Devices
Endpoint management
Productivity tools
Document Management
End-User Computing Applications
End-User Computing Strategy
Voice & Video Management
Continuous Integration
Technical Product Management
Continuous Deployment
Quality Assurance
Customer Relationship Management
Enterprise Content Management
Customer Success
Enterprise Information Management
Enterprise Resource Planning
Marketing Solutions
Human Resource Systems
Product Recommendation
Risk Management
SOX Compliance
Governance, Risk & Compliance
Infrastructure & Operations
Cloud Strategy
I&O Finance & Budgeting
Operations Management
Network Management
DR and Business Continuity
Server Optimization
Attract & Select
Cost & Budget Management
Manage Business Relationships
Organizational Design
Program & Project Management
Train & Develop
Talent management
Performance Measurement
Organization Structure
Manage & Coach
Availability Management
Financial and Vendor Management
Service Desk
Management Tools
Enterprise Service Management
People & Process
Process Management
Asset Management
Project & Portfolio Management
Portfolio Management
Project Management Office
Confidentiality, Integrity, Availability
Secure Cloud & Network Architecture
Endpoint Security
Data Privacy
Identity and Access Management
Security Operations Center
Security Strategy & Budgeting
Security Vendor Landscapes
Threat Intelligence & Incident Response
Threat & Vulnerability Management
Vendor Management
Infrastructure Vendor Landscapes
Strategy & Operating Model
Business Continuity
Architecture Domains
Tool Recommendation
DevOps Perceptions and AdoptionDevOps Perceptions and Adoption

What are tech leaders’ perceptions of DevOps as a deployment strategy?

At your organization, how much regression testing for new app features is done manually vs. how much is automated?

Top Answer : Hmmm, we do 100% automated except in a few places where it is not possible.  We are starting to deploy robot arms and so advice mobile testing capabilities to shrink those parts.  Still a little catch up work on a few legacy technologies.  We test too often for it to be manual.

What’s the top priority: securing your code or your infrastructure?

Top Answer : There are multiple solutions for both separately, but more and more people are trying to create a single solution set to solve both problems simultaneously.

How do you prevent your hardware from containing any unintended loopholes or access points upon shipment?

Top Answer : We're doing the same basic stuff everybody else is doing as far as code testing. And we do basic apps security, penetration testing code reviews, we get someone to look at it and do background, etc., so I think everyone feels comfortable with the code itself. The issue is that we have such a narrow focus on whether the CI/CD pipeline is good. If you're just looking at that then what happens when you don't have any dev/prod segmentation or something? That's more the issue I see: "The code is great and we pushed it to dev and then it sat there. But the dev systems are not segmented from prod and now port 22 is open to the world because someone didn’t put a rule in to close it."

As Shadow IT is exacerbated by low-code, how do the most successful security teams get ahead of the risks involved?

Top Answer : If you have a certified platform to build low-code applications, then the central enterprise architecture team and security architect can coordinate and incorporate the relevant security policies into that particular platform. The danger lies in people using standalone low-code tools and then building applications here and there. Even writing an Excel macro can be treated as a Shadow IT application. The other issue with the Shadow IT applications is there's no maintenance. If someone writes a Shadow IT application that is not part of the corporate standard or deployment guidelines, and then that person leaves the organization, then it's an issue. Now nobody knows how to maintain that code. We have to find the source codes and figure out how to enhance it. That's where building things outside the standard corporate guidance becomes an issue in addition to the security issues involved. Having a good platform will solve most of these issues and standardize the way individual groups build applications and make it part of the enterprise architecture—a standard bill system, standard deployment system, as well as documentation of most Shadow IT applications and their capabilities.

Do Quality Assurance testing models fall short when it comes to Artificial Intelligence / Machine Learning software?

Top Answer : It's a human factor. In my mind, you can't have a machine validate a machine because you'll run into the same issue. You need to have that diversified, unbiased view asking questions: is this leaning towards one way, or the other? What if? Why? And that is a human factor. 20 or even 40 years from now the only job that we’ll have is validating whether or not the output of all of these automated systems is just, ethical, correct, or otherwise. It's a very tough question.

Can UX be more important than security in the SaaS development cycle?

Top Answer : In her book, The Pentagon’s Brain, Annie Jacobsen tracks the life cycle of the internet and the source of some of our current problems. She maps it back to its original purpose, which was to be a place of trust. Once you met a complex set of requirements and gained access, you could traverse all over the internet because it was designed to facilitate trust between the US government, the Department of Defense (DOD) and universities. Today we have subscribed to user experience. It’s so critical now that we bypass security. And then when your Peloton is sharing data because the API is not configured correctly, we wonder why. So I question whether we’ve learned that lesson. We were so focused on the outcome that we put aside fundamental components of security by design, which leads to compliance by design, which leads to privacy by design.