Category Archives: CS443

Testing and Testing (One of them is a Fake).

 Hello!

This week in class we’ve been discussing testing using fakes, more specifically with Stubs. Our first assignment this week told us about the different kinds of fakes used in testing, which I found a little confusing at first, since I would have liked to have seen a more literal example of all the different variants. That is why, for the sake of improving my knowledge on the subject going forward, since this is something we’ll be talking about, I decided to do some reading on stubs and mocks, from a blog post written by Raphael F. on Medium. 

The article spoke at length about the differences between mocks and stubs, and gave some meaningful examples of both. I appreciated the use of diagrams in the article, as it shows what each of them interacts with and how (i.e. A stub doesn’t interact with a database, and is instead a hard-coded value to be grabbed for testing). That wasn’t something that was immediately obvious to me in the assignments, and during our assignment on Stubs specifically it began to make more sense, but I appreciate the way the article laid out the concept in plain text, and made it easier to understand. I also liked that the blog post went over real world applications for each of the fake types, such a using stubs for read/write actions to keep the code and files separate, or using mocks for API testing. Admittedly I am still a little hazy on mocks, but I think by the time we go over it in class, it will all make sense.

 In closing, I really do value stubs as valuable pieces of testing equipment, since they allow me to test code without having to have every intricate detail finished. It makes sense for confirming methods got used, and that a specific path through the program is being followed. Stubs can’t do everything, you can’t really test complex operations on a piece of code that doesn’t work, but for basic probing and testing, I could see myself using stubs a lot more often. It feels like one of those things that I could have used before without thinking about it, which makes sense, as I am the kind of programmer who likes taking things one step at a time, and making sure one piece works before moving on to the next. But now that I have a name connected to the action, I really appreciate it as a tool that will play a big role in my programming career going forward.

 

 Link to the blog post in question: https://medium.com/@fideraphael/a-comprehensive-guide-to-stub-and-mock-testing-unveiling-the-essence-of-effective-software-testing-7f7817e3eab4

 

 

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test Test Test Redux

 Hello!

 

I’m still Camille and this is still my blog, I guess!

 

CS443

From the blog Camille's Cluttered Closet by Camille and used with permission of the author. All other rights reserved by the author.

Test

testing

From the blog Mikes CS Journey by Michael St. Germain and used with permission of the author. All other rights reserved by the author.

The Basics of Security Testing

Security testing is a very important aspect of software development aimed at verifying that software systems are free from design or configuration flaws that could compromise a software’s security. It involves evaluating systems throughout the software development lifecycle to ensure that services and information remain available to authorized users and protected from unauthorized access or tampering.

The main goals of security testing include identifying digital assets, classifying security vulnerabilities, assessing potential consequences of exploitation, reporting findings for remediation, and providing recommendations for addressing vulnerability. Basically, the primary goal of security testing is to determine the security status of an information system.

Security testing ensures that a software complies with security standards, which enhances software quality, and promotes user trust. Continuous security testing is essential because of the constant evolving threat landscape and the potentially devastating costs of cyberattacks.

When data is not securely protected, it’s vulnerabilities can be exploited resulting in data breaches. A case study involving Marriott International shows the significance of security testing in safeguarding such sensitive data to preventing costly security breaches. Marriott experienced two major data breaches in 2014 and 2020, exposing the personal information of millions of guests. Furthermore, statistics show that the average cost of data breaches reached a record of 4.45M in 2023. Such a financial blow could result in the end of many companies (Chavarria).

The key principles of security testing include comprehensiveness, realistic tests, continuity, and collaboration between development, operations, and security teams. This means that security testing needs to be logical, but also applied in a practical enough manner that can be adapted and used by multiple different operations in the program system.

To conduct security testing effectively, the security of a software should be a planned activity in every software development project. Developers should be proactive in addressing vulnerabilities and implement solutions as soon as possible. Automated testing should be integrated into continuous integration and delivery pipelines to ensure that all code complies with security policies.

Security testing is something that I have not learned much about, but this was a good introduction to why it is important and the principles by which it is implemented. In the world of business and competition, good code is not just clean, effective, and efficient code, but it must also be secure code. As I start to work more with things that deal with logins and user information, I will need to pay more attention to how my code is keeping this data secure, so not to have the data be vulnerable to data breaches.

Overall, security testing is important for identifying and mitigating security risks throughout the software development process, which ultimately enhances the security of software systems and protects valuable digital assets.

Source: Security Testing Fundamentals by Jason Chavarria

From the blog Stories by Namson Nguyen on Medium by Namson Nguyen and used with permission of the author. All other rights reserved by the author.