SlideShare a Scribd company logo

Software Quality as a Competitive Differentiator

DevOps.com
DevOps.com

While the DevOps methodology supports faster and more automated software production, it does not necessarily guarantee code quality unless specifically required for development teams. At the same time, producing reliable and secure software has become increasingly difficult for organizations. Applications are not only growing in size, they are also becoming more complex and intertwined across platforms, systems and devices. This complicated environment is forcing business executives, IT leaders and software developers to think and work differently to produce quality software at a faster pace – with the goal of increasing their competitive advantage in the digital economy. Join Maria Loughlin, VP of Engineering at CA Veracode as she discusses why software quality can no longer be a checkbox item, but rather a framework that spans throughout an organization. She will share examples of how enterprises have adopted the mentality to own the success of their code — and develop best practices within the DevOps framework to secure their application layer and produce high-quality software.

1 of 48
Download to read offline
© 2018 VERACODE INC.1 Software Quality as a Competitive Differentiator Maria Loughlin, VP Engineering @marialoughlin
© 2018 VERACODE INC.2 On This Webinar 1. Quality and Business Success 2. DevOps Promises & Gaps 3. Building a Quality System
© 2018 VERACODE INC.3 Poll: Who’s Attending This Webinar? • Quality Professional (Tester, QA Eng, SWET, Architect) • Developer / DevOps / Operations Engineer • Product Manager / UX Designer • Engineering Manager / Executive • Other
© 2018 VERACODE INC.4 Revenue and Net Promoter Score SOURCE: The Net Promoter System. Bain & Company, Inc. “On average, an industry’s Net Promoter leader outgrew its competitors by a factor greater than two times.”
© 2018 VERACODE INC.5 High Quality, High Trust SOURCE: https://cxi.today/2018-cx-trends/analytics-infographic-5-trends- shaping-cx-in-2018/
© 2018 VERACODE INC.6 Quality Productivity Predictability Employee Happiness Innovation
© 2018 VERACODE INC.7 Maria Loughlin VP Engineering, Veracode • Two decades of software engineering leadership • Waterfall to Agile to DevOps • Monolith to MicroServices • Manage development and operations for the FedRAMP instance of Veracode’s Application Security products. • Deep expertise in Secure SDLC and DevSecOps.
© 2018 VERACODE INC.8 Poll Results: Who’s Attending This Webinar?
© 2018 VERACODE INC.9 © 2018 VERACODE INC. Part II: Quality and DevOps
© 2018 VERACODE INC.10 DevOps Promise: Continuous Testing Image: https://www.parasoft.com/solutions/continuous-testing
© 2018 VERACODE INC.11 DevOps Promise: Comprehensive Testing Unit Component Integration E2E UI Shift Right Shift Left Automation throughout the stack Automation throughout the lifecycle
© 2018 VERACODE INC.12 Unit Compo nent Integrat ion End to End DevOps Reality: Inconsistent Testing • Quality investment often driven by delivery team, independent of overall strategy • All sorts of tests with almost equal priorities
© 2018 VERACODE INC.13 State of Software Quality SOURCE: GitLab 2018 Global Developer Report, https://about.gitlab.com/developer-survey/2018/ / 40% sacrifice quality to meet a deadline
© 2018 VERACODE INC.14 SOURCE: GitLab 2018 Global Developer Report, https://about.gitlab.com/developer-survey/2018/ / Testing causes delays
© 2018 VERACODE INC.15 The Change Failure Rate for high performers is 5 times lower than for low performers SOURCE: Puppet 2017 State of DevOps Report, https://puppet.com/resources/whitepaper/2017-state-of-devops-report
© 2018 VERACODE INC.16 The Mean Time to Repair (MTTR) for high performers is 96 times faster than for low performers SOURCE: Puppet 2017 State of DevOps Report, https://puppet.com/resources/whitepaper/2017-state-of-devops-report
© 2018 VERACODE INC.17 85% of applications are vulnerable35.9% 33.5% 85.1% 84.9% First Scan Latest Scan High or Very High Severity Any Severity Percent of Applications with Findings Source: Veracode SOSS Volume 9 SOURCE: Veracode SOSS Volume 9, https://www.veracode.com/state-of-software-security-report State of Software Security
© 2018 VERACODE INC.18 The percent of applications passing OWASP Top 10 Policy on first scan is consistent over time 23% 77% 13% 87% 32.3% 67.7% 38.6% Passed 61.4% Did Not Pass 30.2% 69.8% 2010 2013 2015 2016 2017 Percentage of Applications Passing OWASP on First Scan Source: Veracode SOSS Volume 9 SOURCE: Veracode SOSS Volume 9
© 2018 VERACODE INC.19 What’s The Challenge? 1. Reinvested quality process 2. Unfocused quality efforts 3. Relentless pressure to deliver 4. Complexity of software – more than ever before
© 2018 VERACODE INC.20 Challenge 1: Who’s Responsible for Quality? Dev Product Tester Designer Mgr Dev Product Tester Designer Mgr Monitoring Analytics SupportInfra- structure Dev Product Tester Designer Mgr Waterfall Agile DevOps
© 2018 VERACODE INC.21 Challenge 2: Unfocused Quality Efforts Quality can be subjective and contextual.
© 2018 VERACODE INC.22 Challenge 3: Relentless Pressure To Deliver
© 2018 VERACODE INC.23 Challenge 4: Software Is Increasingly Complex Today’s software is • Distributed • Embedded in complex systems • Autonomously learning and evolving • Deployed to untrusted environments
© 2018 VERACODE INC.24
© 2018 VERACODE INC.25 © 2018 VERACODE INC. Part 3: Creating a Quality System
© 2018 VERACODE INC.26 Creating a Quality System Specify CI/CD across organization with recommended tools Drive Quality Strategy Quality Process Test Automation
© 2018 VERACODE INC.27 Strategy: Quality Goals ` Strategy Process Automation Is Your Customer Getting the Value They Expect? • Functional • Great user experience • Consistent, reliable • High performing Will Your Team Remain Productive? • Maintainable • Scalable • Secure
© 2018 VERACODE INC.28 Strategy: When and Where? • Pre-production – Test functionality, stability, security, customer satisfaction, compliance • Production – Test functionality, performance, resilience, stability – Experiment to test new ideas ` Strategy Process Automation
© 2018 VERACODE INC.29 Strategy: Who? Unit Component Integration E2E UI Delivery team owns the tests • Maturity of organization impacts exact staffing – Lower layers always developer • Quality mindset always present – QA architect and ever-present voice of customer ` Strategy Process Automation
© 2018 VERACODE INC.30 Process: Investment by Phase • Inspect and adapt process • Continuous production feedback • Customer data • Upper layers of test pyramid • Quality dashboards • Security testing WALK CRAWL RUN • Deployment automation, CI/CD • Unit tests and mocking code • Test infrastructure ` Strategy Process Automation
© 2018 VERACODE INC.31 Process: Definition of Done ` Strategy Process Automation Test investment
© 2018 VERACODE INC.32 Process: Metrics Internal View • Test coverage • Reopened issues Customer View • Escaped defects • MTTR • Service interruption ` Strategy Process Automation
© 2018 VERACODE INC.33 Automate Everything 1. DevOps Infrastructure ` Strategy Process Automation Unit Component Integration E2E UI 2. Tests
© 2018 VERACODE INC.34 SOURCE: Atlassian Marketplace for DevOps Apps, https://marketplace.atlassian.com/categories/devops
© 2018 VERACODE INC.35 Automation: Infrastructure ` Strategy Process Automation Infrastructure Consideration CI / CD Pipeline Reliable, repeatable Example: Jenkins Test Environments Easy to create and scale. Monitor for cost Test Frameworks Can be integrated with build pipeline, e.g. GitLab Or separate tool, e.g. Robot / TestNG Quality Metrics Transparent, consistent Example: SonarCube, Bug tracker with analytics
© 2018 VERACODE INC.36 Automation: The Test Stack Test Layer Consideration Example Tools UI Match your UI language Protractor for Single Page Apps, or Selenium, Cyprus, Jest E2E Include performance testing Selenium, Protractor, Cyprus, Jest Integration Focus on interactions between microservices and external services API: Rest Assured, Postman Component Include performance testing Mockito for mocking framework Unit Match your language primitive Junit, PyUnit UI Unit tests: Karma, Jasmine ` Strategy Process Automation
© 2018 VERACODE INC.37 © 2018 VERACODE INC. Driving Quality Across The Organization
© 2018 VERACODE INC.38 Creating a Quality Culture Break the Silos Support the Team Learn Continuously
© 2018 VERACODE INC.39 Guilds: Experts Support Each Other • Identify your leaders and practice experts • Hold regular ‘birds of a feather’ meetings • Share learnings, trends and best practices constantly • Encourage & reward participation
© 2018 VERACODE INC.40 Continuous Learning
© 2018 VERACODE INC.41 What About Security Quality? Specify Security Strategy Security Process Security Automation
© 2018 VERACODE INC.42 Strategy: Security Policy Policy defines and supports your tolerance for risk. • Requirements for remediation of vulnerable code and components • Standards for software licence usage • Recommended libraries, frameworks, embedded components
© 2018 VERACODE INC.43 Process: Security Maturity Model (SAMPLE) Activity Base Beginner Intermediate Advanced Expert Training Secure Design Security Code Review Security Testing Third Party Activity Base Beginner Intermediate Advanced Expert Training Secure Design Security is not a design consideration Security reqts are generally defined after development has started or completed Threat modeling before major components or features Security reqts are defined before major componen ts or features Threat modeling is incorporated into the story process Security reqts are defined as story Acceptance Criteria on relevant stories Security Acceptance Criteria defined for all relevant stories Security Code Review Security Testing Third Party
© 2018 VERACODE INC.44 Security Automation The best app security is invisible to developers
© 2018 VERACODE INC.45 Recap: On This Webinar 1. Quality and Business Success 2. DevOps: Promises & Gaps 3. Building a Quality System “Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution” – William A. Foster
© 2018 VERACODE INC.46
© 2018 VERACODE INC.47 © 2018 VERACODE INC. Q & A www.veracode.com
© 2018 VERACODE INC.48

Recommended

Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator
DevOps.com
 
Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator
DevOps.com
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to Continuous
Parasoft
 
Parasoft Case Study: Wipro
Parasoft Case Study: WiproParasoft Case Study: Wipro
Parasoft Case Study: Wipro
Erika Barron
 
The Quality Assurance Checklist for Progressive Testing
The Quality Assurance Checklist for Progressive TestingThe Quality Assurance Checklist for Progressive Testing
The Quality Assurance Checklist for Progressive Testing
Cygnet Infotech
 
Qa focus 2015 2020
Qa focus 2015 2020Qa focus 2015 2020
Qa focus 2015 2020
anuvip
 
Predictive Test Planning to Improve System Quality
Predictive Test Planning to Improve System QualityPredictive Test Planning to Improve System Quality
Predictive Test Planning to Improve System Quality
TechWell
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service Virtualization
Parasoft
 

Recommended

Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator
DevOps.com
 
Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator Software Quality as a Competitive Differentiator
Software Quality as a Competitive Differentiator
DevOps.com
 
Better Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to ContinuousBetter Software East 2016: Evolving Automated to Continuous
Better Software East 2016: Evolving Automated to Continuous
Parasoft
 
Parasoft Case Study: Wipro
Parasoft Case Study: WiproParasoft Case Study: Wipro
Parasoft Case Study: Wipro
Erika Barron
 
The Quality Assurance Checklist for Progressive Testing
The Quality Assurance Checklist for Progressive TestingThe Quality Assurance Checklist for Progressive Testing
The Quality Assurance Checklist for Progressive Testing
Cygnet Infotech
 
Qa focus 2015 2020
Qa focus 2015 2020Qa focus 2015 2020
Qa focus 2015 2020
anuvip
 
Predictive Test Planning to Improve System Quality
Predictive Test Planning to Improve System QualityPredictive Test Planning to Improve System Quality
Predictive Test Planning to Improve System Quality
TechWell
 
ABC's of Service Virtualization
ABC's of Service VirtualizationABC's of Service Virtualization
ABC's of Service Virtualization
Parasoft
 
Testing in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future PossibilitiesTesting in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future Possibilities
TechWell
 
Best Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility TestingBest Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility Testing
Perfecto by Perforce
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
Perfecto by Perforce
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 
5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success
Cigniti Technologies Ltd
 
Neev Independent Testing Services
Neev Independent Testing ServicesNeev Independent Testing Services
Neev Independent Testing Services
Neev Technologies
 
Digital Assurance Center of Excellence
Digital Assurance Center of ExcellenceDigital Assurance Center of Excellence
Digital Assurance Center of Excellence
Ira Agarwal
 
Software Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance CompanySoftware Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance Company
Qentelli
 
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, CheaperTesting in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
TechWell
 
5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam
Adam Sandman
 
Cutting Costs and Managing Quality
Cutting Costs and Managing QualityCutting Costs and Managing Quality
Cutting Costs and Managing Quality
Sriram Rajagopalan
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software Compliance
Parasoft
 
All about cigniti
All about cignitiAll about cigniti
All about cignitiCigniti Technologies Ltd
 
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
RapidValue
 
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance. DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
Shagun khanna
 
Testing Services - Software Quality Assurance
Testing Services - Software Quality AssuranceTesting Services - Software Quality Assurance
Testing Services - Software Quality Assurance
CCS Technologies (P) Ltd.
 
Quality Assurance Guidelines
Quality Assurance GuidelinesQuality Assurance Guidelines
Quality Assurance Guidelines
Tim Stribos
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Susmitha Vakkalanka
 
Software Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companiesSoftware Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companies
gnareshsem
 
Software Testing Services
Software Testing ServicesSoftware Testing Services
Software Testing Services
ScienceSoft
 
Enabling Agility Through DevOps
Enabling Agility Through DevOpsEnabling Agility Through DevOps
Enabling Agility Through DevOps
Leland Newsom CSP-SM, SPC5, SDP
 
The quality assurance checklist for progressive testing
The quality assurance checklist for progressive testingThe quality assurance checklist for progressive testing
The quality assurance checklist for progressive testing
Maitrikpaida
 

More Related Content

What's hot

Testing in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future PossibilitiesTesting in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future Possibilities
TechWell
 
Best Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility TestingBest Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility Testing
Perfecto by Perforce
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
Perfecto by Perforce
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 
5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success
Cigniti Technologies Ltd
 
Neev Independent Testing Services
Neev Independent Testing ServicesNeev Independent Testing Services
Neev Independent Testing Services
Neev Technologies
 
Digital Assurance Center of Excellence
Digital Assurance Center of ExcellenceDigital Assurance Center of Excellence
Digital Assurance Center of Excellence
Ira Agarwal
 
Software Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance CompanySoftware Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance Company
Qentelli
 
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, CheaperTesting in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
TechWell
 
5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam
Adam Sandman
 
Cutting Costs and Managing Quality
Cutting Costs and Managing QualityCutting Costs and Managing Quality
Cutting Costs and Managing Quality
Sriram Rajagopalan
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software Compliance
Parasoft
 
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
RapidValue
 
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance. DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
Shagun khanna
 
Testing Services - Software Quality Assurance
Testing Services - Software Quality AssuranceTesting Services - Software Quality Assurance
Testing Services - Software Quality Assurance
CCS Technologies (P) Ltd.
 
Quality Assurance Guidelines
Quality Assurance GuidelinesQuality Assurance Guidelines
Quality Assurance Guidelines
Tim Stribos
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Susmitha Vakkalanka
 
Software Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companiesSoftware Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companies
gnareshsem
 
Software Testing Services
Software Testing ServicesSoftware Testing Services
Software Testing Services
ScienceSoft
 

What's hot (20)

Testing in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future PossibilitiesTesting in an Agile World: The Current State and Future Possibilities
Testing in an Agile World: The Current State and Future Possibilities
 
Best Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility TestingBest Practices for Shifting Left Performance and Accessibility Testing
Best Practices for Shifting Left Performance and Accessibility Testing
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
 
5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success5 QA Initiatives for Digital Success
5 QA Initiatives for Digital Success
 
Neev Independent Testing Services
Neev Independent Testing ServicesNeev Independent Testing Services
Neev Independent Testing Services
 
Digital Assurance Center of Excellence
Digital Assurance Center of ExcellenceDigital Assurance Center of Excellence
Digital Assurance Center of Excellence
 
Software Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance CompanySoftware Testing Company | Quality Assurance Company
Software Testing Company | Quality Assurance Company
 
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, CheaperTesting in a Continuous Delivery Pipeline: Faster, Better, Cheaper
Testing in a Continuous Delivery Pipeline: Faster, Better, Cheaper
 
5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam5 Principles to Managing Your Application Lifecycle with SpiraTeam
5 Principles to Managing Your Application Lifecycle with SpiraTeam
 
Cutting Costs and Managing Quality
Cutting Costs and Managing QualityCutting Costs and Managing Quality
Cutting Costs and Managing Quality
 
Rx for FDA Software Compliance
Rx for FDA Software ComplianceRx for FDA Software Compliance
Rx for FDA Software Compliance
 
All about cigniti
All about cignitiAll about cigniti
All about cigniti
 
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
Live Webinar- Making Test Automation 10x Faster for Continuous Delivery- By R...
 
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance. DELIVER SUCCESSFUL APPS WITH 360° Assurance.
DELIVER SUCCESSFUL APPS WITH 360° Assurance.
 
Testing Services - Software Quality Assurance
Testing Services - Software Quality AssuranceTesting Services - Software Quality Assurance
Testing Services - Software Quality Assurance
 
Quality Assurance Guidelines
Quality Assurance GuidelinesQuality Assurance Guidelines
Quality Assurance Guidelines
 
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
Automate Salesforce Releases with DevOps: Crawl, Walk, Run!
 
Software Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companiesSoftware Testing Services | Best software testing consulting companies
Software Testing Services | Best software testing consulting companies
 
Software Testing Services
Software Testing ServicesSoftware Testing Services
Software Testing Services
 

Similar to Software Quality as a Competitive Differentiator

Enabling Agility Through DevOps
Enabling Agility Through DevOpsEnabling Agility Through DevOps
Enabling Agility Through DevOps
Leland Newsom CSP-SM, SPC5, SDP
 
The quality assurance checklist for progressive testing
The quality assurance checklist for progressive testingThe quality assurance checklist for progressive testing
The quality assurance checklist for progressive testing
Maitrikpaida
 
Developing a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDeveloping a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps Success
DevOps.com
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
Arthur Hicken
 
Maximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
Maximize Your Enterprise DevOps Efforts and Outcomes with Value StreamsMaximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
Maximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
DevOps.com
 
Integrated Agile and DevOps: DevOps 2.0 and Beyond
Integrated Agile and DevOps: DevOps 2.0 and BeyondIntegrated Agile and DevOps: DevOps 2.0 and Beyond
Integrated Agile and DevOps: DevOps 2.0 and Beyond
DevOps.com
 
Ravi Lakkavalli - World Quality Report.pptx
Ravi Lakkavalli - World Quality Report.pptxRavi Lakkavalli - World Quality Report.pptx
Ravi Lakkavalli - World Quality Report.pptx
QA or the Highway
 
[India Merge World Tour] Coverity
[India Merge World Tour] Coverity[India Merge World Tour] Coverity
[India Merge World Tour] Coverity
Perforce
 
The Anti-Transformation transformation @DevOps Summit Amsterdam
The Anti-Transformation transformation @DevOps Summit AmsterdamThe Anti-Transformation transformation @DevOps Summit Amsterdam
The Anti-Transformation transformation @DevOps Summit Amsterdam
Mirco Hering
 
How to build confidence in your release cycle
How to build confidence in your release cycleHow to build confidence in your release cycle
How to build confidence in your release cycle
DiUS
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
Perforce
 
SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'
WHSZachJones
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
DianaGray10
 
Quality at the speed of digital
Quality at the speed of digitalQuality at the speed of digital
Quality at the speed of digital
rajni singh
 
Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation Success
XebiaLabs
 
HPE ALM Octane | DevOps | Agile
HPE ALM Octane | DevOps | AgileHPE ALM Octane | DevOps | Agile
HPE ALM Octane | DevOps | Agile
Jeffrey Nunn
 
End-to-End Quality Approach: 14 Levels of Testing
End-to-End Quality Approach: 14 Levels of TestingEnd-to-End Quality Approach: 14 Levels of Testing
End-to-End Quality Approach: 14 Levels of Testing
Josiah Renaudin
 
Success with APIs: A Checklist
Success with APIs: A ChecklistSuccess with APIs: A Checklist
Success with APIs: A Checklist
CA Technologies
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
DevOps.com
 
DevOps Winners and Losers
DevOps Winners and LosersDevOps Winners and Losers
DevOps Winners and Losers
Lance Knight
 

Similar to Software Quality as a Competitive Differentiator (20)

Enabling Agility Through DevOps
Enabling Agility Through DevOpsEnabling Agility Through DevOps
Enabling Agility Through DevOps
 
The quality assurance checklist for progressive testing
The quality assurance checklist for progressive testingThe quality assurance checklist for progressive testing
The quality assurance checklist for progressive testing
 
Developing a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps SuccessDeveloping a Testing Strategy for DevOps Success
Developing a Testing Strategy for DevOps Success
 
DevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuousDevOps 2017 Conf: evolving from automated to continuous
DevOps 2017 Conf: evolving from automated to continuous
 
Maximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
Maximize Your Enterprise DevOps Efforts and Outcomes with Value StreamsMaximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
Maximize Your Enterprise DevOps Efforts and Outcomes with Value Streams
 
Integrated Agile and DevOps: DevOps 2.0 and Beyond
Integrated Agile and DevOps: DevOps 2.0 and BeyondIntegrated Agile and DevOps: DevOps 2.0 and Beyond
Integrated Agile and DevOps: DevOps 2.0 and Beyond
 
Ravi Lakkavalli - World Quality Report.pptx
Ravi Lakkavalli - World Quality Report.pptxRavi Lakkavalli - World Quality Report.pptx
Ravi Lakkavalli - World Quality Report.pptx
 
[India Merge World Tour] Coverity
[India Merge World Tour] Coverity[India Merge World Tour] Coverity
[India Merge World Tour] Coverity
 
The Anti-Transformation transformation @DevOps Summit Amsterdam
The Anti-Transformation transformation @DevOps Summit AmsterdamThe Anti-Transformation transformation @DevOps Summit Amsterdam
The Anti-Transformation transformation @DevOps Summit Amsterdam
 
How to build confidence in your release cycle
How to build confidence in your release cycleHow to build confidence in your release cycle
How to build confidence in your release cycle
 
[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing[Europe merge world tour] Coverity Development Testing
[Europe merge world tour] Coverity Development Testing
 
SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'SAST in the SDLC: Building a plan for 'going left'
SAST in the SDLC: Building a plan for 'going left'
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Quality at the speed of digital
Quality at the speed of digitalQuality at the speed of digital
Quality at the speed of digital
 
Metrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation SuccessMetrics That Matter: How to Measure Digital Transformation Success
Metrics That Matter: How to Measure Digital Transformation Success
 
HPE ALM Octane | DevOps | Agile
HPE ALM Octane | DevOps | AgileHPE ALM Octane | DevOps | Agile
HPE ALM Octane | DevOps | Agile
 
End-to-End Quality Approach: 14 Levels of Testing
End-to-End Quality Approach: 14 Levels of TestingEnd-to-End Quality Approach: 14 Levels of Testing
End-to-End Quality Approach: 14 Levels of Testing
 
Success with APIs: A Checklist
Success with APIs: A ChecklistSuccess with APIs: A Checklist
Success with APIs: A Checklist
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
DevOps Winners and Losers
DevOps Winners and LosersDevOps Winners and Losers
DevOps Winners and Losers
 

More from DevOps.com

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
DevOps.com
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
DevOps.com
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
DevOps.com
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
DevOps.com
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
DevOps.com
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
DevOps.com
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
DevOps.com
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
DevOps.com
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
DevOps.com
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
DevOps.com
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
DevOps.com
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
DevOps.com
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
DevOps.com
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
DevOps.com
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
DevOps.com
 

More from DevOps.com (20)

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 

Recently uploaded

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 

Recently uploaded (20)

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 

Software Quality as a Competitive Differentiator

  • 1. © 2018 VERACODE INC.1 Software Quality as a Competitive Differentiator Maria Loughlin, VP Engineering @marialoughlin
  • 2. © 2018 VERACODE INC.2 On This Webinar 1. Quality and Business Success 2. DevOps Promises & Gaps 3. Building a Quality System
  • 3. © 2018 VERACODE INC.3 Poll: Who’s Attending This Webinar? • Quality Professional (Tester, QA Eng, SWET, Architect) • Developer / DevOps / Operations Engineer • Product Manager / UX Designer • Engineering Manager / Executive • Other
  • 4. © 2018 VERACODE INC.4 Revenue and Net Promoter Score SOURCE: The Net Promoter System. Bain & Company, Inc. “On average, an industry’s Net Promoter leader outgrew its competitors by a factor greater than two times.”
  • 5. © 2018 VERACODE INC.5 High Quality, High Trust SOURCE: https://cxi.today/2018-cx-trends/analytics-infographic-5-trends- shaping-cx-in-2018/
  • 6. © 2018 VERACODE INC.6 Quality Productivity Predictability Employee Happiness Innovation
  • 7. © 2018 VERACODE INC.7 Maria Loughlin VP Engineering, Veracode • Two decades of software engineering leadership • Waterfall to Agile to DevOps • Monolith to MicroServices • Manage development and operations for the FedRAMP instance of Veracode’s Application Security products. • Deep expertise in Secure SDLC and DevSecOps.
  • 8. © 2018 VERACODE INC.8 Poll Results: Who’s Attending This Webinar?
  • 9. © 2018 VERACODE INC.9 © 2018 VERACODE INC. Part II: Quality and DevOps
  • 10. © 2018 VERACODE INC.10 DevOps Promise: Continuous Testing Image: https://www.parasoft.com/solutions/continuous-testing
  • 11. © 2018 VERACODE INC.11 DevOps Promise: Comprehensive Testing Unit Component Integration E2E UI Shift Right Shift Left Automation throughout the stack Automation throughout the lifecycle
  • 12. © 2018 VERACODE INC.12 Unit Compo nent Integrat ion End to End DevOps Reality: Inconsistent Testing • Quality investment often driven by delivery team, independent of overall strategy • All sorts of tests with almost equal priorities
  • 13. © 2018 VERACODE INC.13 State of Software Quality SOURCE: GitLab 2018 Global Developer Report, https://about.gitlab.com/developer-survey/2018/ / 40% sacrifice quality to meet a deadline
  • 14. © 2018 VERACODE INC.14 SOURCE: GitLab 2018 Global Developer Report, https://about.gitlab.com/developer-survey/2018/ / Testing causes delays
  • 15. © 2018 VERACODE INC.15 The Change Failure Rate for high performers is 5 times lower than for low performers SOURCE: Puppet 2017 State of DevOps Report, https://puppet.com/resources/whitepaper/2017-state-of-devops-report
  • 16. © 2018 VERACODE INC.16 The Mean Time to Repair (MTTR) for high performers is 96 times faster than for low performers SOURCE: Puppet 2017 State of DevOps Report, https://puppet.com/resources/whitepaper/2017-state-of-devops-report
  • 17. © 2018 VERACODE INC.17 85% of applications are vulnerable35.9% 33.5% 85.1% 84.9% First Scan Latest Scan High or Very High Severity Any Severity Percent of Applications with Findings Source: Veracode SOSS Volume 9 SOURCE: Veracode SOSS Volume 9, https://www.veracode.com/state-of-software-security-report State of Software Security
  • 18. © 2018 VERACODE INC.18 The percent of applications passing OWASP Top 10 Policy on first scan is consistent over time 23% 77% 13% 87% 32.3% 67.7% 38.6% Passed 61.4% Did Not Pass 30.2% 69.8% 2010 2013 2015 2016 2017 Percentage of Applications Passing OWASP on First Scan Source: Veracode SOSS Volume 9 SOURCE: Veracode SOSS Volume 9
  • 19. © 2018 VERACODE INC.19 What’s The Challenge? 1. Reinvested quality process 2. Unfocused quality efforts 3. Relentless pressure to deliver 4. Complexity of software – more than ever before
  • 20. © 2018 VERACODE INC.20 Challenge 1: Who’s Responsible for Quality? Dev Product Tester Designer Mgr Dev Product Tester Designer Mgr Monitoring Analytics SupportInfra- structure Dev Product Tester Designer Mgr Waterfall Agile DevOps
  • 21. © 2018 VERACODE INC.21 Challenge 2: Unfocused Quality Efforts Quality can be subjective and contextual.
  • 22. © 2018 VERACODE INC.22 Challenge 3: Relentless Pressure To Deliver
  • 23. © 2018 VERACODE INC.23 Challenge 4: Software Is Increasingly Complex Today’s software is • Distributed • Embedded in complex systems • Autonomously learning and evolving • Deployed to untrusted environments
  • 25. © 2018 VERACODE INC.25 © 2018 VERACODE INC. Part 3: Creating a Quality System
  • 26. © 2018 VERACODE INC.26 Creating a Quality System Specify CI/CD across organization with recommended tools Drive Quality Strategy Quality Process Test Automation
  • 27. © 2018 VERACODE INC.27 Strategy: Quality Goals ` Strategy Process Automation Is Your Customer Getting the Value They Expect? • Functional • Great user experience • Consistent, reliable • High performing Will Your Team Remain Productive? • Maintainable • Scalable • Secure
  • 28. © 2018 VERACODE INC.28 Strategy: When and Where? • Pre-production – Test functionality, stability, security, customer satisfaction, compliance • Production – Test functionality, performance, resilience, stability – Experiment to test new ideas ` Strategy Process Automation
  • 29. © 2018 VERACODE INC.29 Strategy: Who? Unit Component Integration E2E UI Delivery team owns the tests • Maturity of organization impacts exact staffing – Lower layers always developer • Quality mindset always present – QA architect and ever-present voice of customer ` Strategy Process Automation
  • 30. © 2018 VERACODE INC.30 Process: Investment by Phase • Inspect and adapt process • Continuous production feedback • Customer data • Upper layers of test pyramid • Quality dashboards • Security testing WALK CRAWL RUN • Deployment automation, CI/CD • Unit tests and mocking code • Test infrastructure ` Strategy Process Automation
  • 31. © 2018 VERACODE INC.31 Process: Definition of Done ` Strategy Process Automation Test investment
  • 32. © 2018 VERACODE INC.32 Process: Metrics Internal View • Test coverage • Reopened issues Customer View • Escaped defects • MTTR • Service interruption ` Strategy Process Automation
  • 33. © 2018 VERACODE INC.33 Automate Everything 1. DevOps Infrastructure ` Strategy Process Automation Unit Component Integration E2E UI 2. Tests
  • 34. © 2018 VERACODE INC.34 SOURCE: Atlassian Marketplace for DevOps Apps, https://marketplace.atlassian.com/categories/devops
  • 35. © 2018 VERACODE INC.35 Automation: Infrastructure ` Strategy Process Automation Infrastructure Consideration CI / CD Pipeline Reliable, repeatable Example: Jenkins Test Environments Easy to create and scale. Monitor for cost Test Frameworks Can be integrated with build pipeline, e.g. GitLab Or separate tool, e.g. Robot / TestNG Quality Metrics Transparent, consistent Example: SonarCube, Bug tracker with analytics
  • 36. © 2018 VERACODE INC.36 Automation: The Test Stack Test Layer Consideration Example Tools UI Match your UI language Protractor for Single Page Apps, or Selenium, Cyprus, Jest E2E Include performance testing Selenium, Protractor, Cyprus, Jest Integration Focus on interactions between microservices and external services API: Rest Assured, Postman Component Include performance testing Mockito for mocking framework Unit Match your language primitive Junit, PyUnit UI Unit tests: Karma, Jasmine ` Strategy Process Automation
  • 37. © 2018 VERACODE INC.37 © 2018 VERACODE INC. Driving Quality Across The Organization
  • 38. © 2018 VERACODE INC.38 Creating a Quality Culture Break the Silos Support the Team Learn Continuously
  • 39. © 2018 VERACODE INC.39 Guilds: Experts Support Each Other • Identify your leaders and practice experts • Hold regular ‘birds of a feather’ meetings • Share learnings, trends and best practices constantly • Encourage & reward participation
  • 40. © 2018 VERACODE INC.40 Continuous Learning
  • 41. © 2018 VERACODE INC.41 What About Security Quality? Specify Security Strategy Security Process Security Automation
  • 42. © 2018 VERACODE INC.42 Strategy: Security Policy Policy defines and supports your tolerance for risk. • Requirements for remediation of vulnerable code and components • Standards for software licence usage • Recommended libraries, frameworks, embedded components
  • 43. © 2018 VERACODE INC.43 Process: Security Maturity Model (SAMPLE) Activity Base Beginner Intermediate Advanced Expert Training Secure Design Security Code Review Security Testing Third Party Activity Base Beginner Intermediate Advanced Expert Training Secure Design Security is not a design consideration Security reqts are generally defined after development has started or completed Threat modeling before major components or features Security reqts are defined before major componen ts or features Threat modeling is incorporated into the story process Security reqts are defined as story Acceptance Criteria on relevant stories Security Acceptance Criteria defined for all relevant stories Security Code Review Security Testing Third Party
  • 44. © 2018 VERACODE INC.44 Security Automation The best app security is invisible to developers
  • 45. © 2018 VERACODE INC.45 Recap: On This Webinar 1. Quality and Business Success 2. DevOps: Promises & Gaps 3. Building a Quality System “Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution” – William A. Foster
  • 47. © 2018 VERACODE INC.47 © 2018 VERACODE INC. Q & A www.veracode.com