Sunday, January 27, 2008

Virtulization and testing

There is a lot of interest currently in testing using virtualization. An interesting article can be found here in Information Week

Because we deliver services via the software-as-a-service model, we needed to maintain our 24/7 functionality, hosting, availability, reliability, and scalability. We also wanted to maintain our reliable disaster recovery process while adding flexibility to deploy multiple environments, including test and development, sales demos, and load-testing environments. We determined that a VMware virtual infrastructure would provide us with all of these attributes at a more reasonable cost than a new physical infrastructure.
We first thought of virtualization when considering a tiered storage strategy and a disaster recovery plan across multiple environments. We determined virtualization would help us move data quickly to the right storage source depending on our needs. We also realized virtualization would make it easier to deploy redundancy in our production environment, along with providing the horsepower to run disaster recovery and other environments.
Licensing costs were a critical factor when creating our near-real-time disaster recovery center. When a near-real-time data copy is used in disaster recovery, Oracle requires the same licensing model on both sides. We discovered that IBM p570 servers using IBM Power6 processors at the database layer would let us deploy fewer but faster processors. This let us further lower our Oracle licensing costs. The IBM p570 servers have logical partitions for which we can allocate as much memory and CPU power as we want, and we can share excess capacity across the partitions. By virtualizing the logical partitions, we can scale easier. And with the databases on shared storage, we can create extra partitions for our other production server to failover to, if necessary.
Virtualization also let us configure the disaster recovery box so that while we run test and development environments, we can also run smaller Oracle partitions. If we want to conduct load testing, we just reconfigure the development partitions for true load testing service. If we have to run a disaster recovery process, we can use the whole box to run production.

Sunday, January 20, 2008

Massive software testing conference

The largest gathering of testers to date is the recent STeP-IN, an annual conference for the software testing market place, which is now in it's fifth year. The event, which took place in India was attended by over 1,100 software testers ranging from programme test managers to performance testers and test analysts. Test tool vendors were also out in force.

The software testing market place is etimated to be over $13 billion by 2010 and it is forecast that half of this will outsourced. So there must be a fair bet that the next gathering will be bigger than this one. I am going for 2010 software testers attend the 2010 conference.

If you're interested in the keynote speech a summary can be found here.
Inaugurating the conference, on Friday, the Infosys Chief Executive and
Managing Director, Mr Kris Gopalakrishnan, characterised the special feature of
the Indian software testing community – the world’s largest – as competition
going hand in hand with cooperation: they competed with each other, which made
for better quality, even while joining hands to create a brand name for Indian
“The new differentiator is user experience,” Mr Gopalakrishnan added, “Do
they (customers) like what they see? Does the product serve novice and expert,
In his keynote address, Mr Krishna Kumar Natarajan, President and
CEO, Mindtree Consulting, felt Indian engineers should aim for at least 65 per
cent of the outsourced testing pie that would be worth $6.5 billion by 2010.
He added there was room for the ‘biggies’ like Infosys who derived up to 10
per cent of their revenues from software testing – as well as for focused,
independent test houses.
“Today the tester has won a seat on the product
management table,” he added.


Saturday, January 12, 2008

Outsourced software testing services

Top ten from when searching for Outsourced software testing services

Software testing services - Acutest
UK software testing consultancy, providing outsourced technical and business assurance services. These include performance and load testing, user acceptance ...

Crestech Software Systems - Outsourced Testing Services Corporate ...
... market leader in Outsourced Testing services providing Consulting, Resourcing, ... Functional Test Automation Service. We help you automate your business critical

Software Testing Company A1QA - Software Quality Assurance. Benefits ...
A1QA offshore software testing firm offers software QA outsourcing, software testing services including web application testing and dedicated QA team

Offshore outsourcing software testing services, Ukraine, Eastern Europe
BugHuntress QA Lab - high-quality testing of Web, WAP, mobile, wireless, ... Offshore & Nearshore Outsourcing. QA & Software Testing Services.

Outsourced Testing Services
Award-winning VeriTest software testing services from Lionbridge. ... Outsourced Testing. Infrastructure Services. Business Process Outsourcing. Technical

Outsourced testing services
Outsourced software testing services ranging from simply assignment outsourcing to managed software testing ... service for an organisation that wants to ...

Outsourcing Quality Assurance Software Testing to India
Service Oriented Architecture. Types of Software Testing ... Outsource Software Testing. Network Outsourcing Services. Clinical trials. Coding Services

EffectiveSoft - Software development company. Offshore development ...
As a leader in outsourcing software development, we provide high quality ... Custom Programming Services. IT outsourcing and Custom Software Development.

Testing services,Software testing services,Software testing training ...
... testing offers its software testing services and software ... Cover story on PureTesting by Outsource APAC in its Anniversary 2007 Issue (Vol 5 Issue 01)

Outsourced Software Testing Services
Software testing - tools and services for automated and manual testing of ... and Segue Software, providing a single point of service for your testing needs.

Saturday, January 05, 2008

Has security testing just got a whole lot harder in the UK?

A lot of people are voicing the opinion that the answer is yes - UK security testing in general will be worse off. If you've missed this furore the cause is the changes in legislation which are bans creating and distributing tools that help hackers. This post in Web Pro News succintly puts the case for no. I don't agree with the conclusion that the UK security industry is dead but it puts the case clearly:

In what could be a bad day for United Kingdom penetration testers, stress testers, and other systems security folks, the UK is getting ready to ban the creation and distribution of tools that could be used by hackers. This generally unpleasant concept could make it not only impossible to create the next nessus or nmap by anyone in the UK, it could also send them to jail for distributing the tools they make as well. This ought to set back UK computer security by decades.
The distinctions between, for example, a password cracker and a password recovery tool, or a utility designed to run denial of service attacks and one designed to stress-test a network, are subtle. The problem is that anything from nmap through wireshark to perl can be used for both legitimate and illicit purposes, in much the same way that a hammer can be used for putting up shelving or breaking into a car.
This should be quickly tested in the UK courts, the minute the ink is wet on the paper kind of legal testing. There are multiple programs, perl, c++, shell scripts in C, and other programs and tools that are made by people to do things. Dual use tools are tools that can be used for both good and evil. It will be difficult to determine the intent of the tool developer unless they leave behind incriminating e-mails saying the tool was created to rip off millions of people. Any form of distribution would also be included in the statutes, meaning the mere act of sharing a tool with your security friends could be bad for you continued security career. This is generally bad, and will hamper legitimate security workers and researchers. The state of the security industry in the UK is now dead. The hackers will win this one unfortunately, and there seems to be no way to stop this kind of legislation short of a court testing of its legitimacy.

Labels: , , ,