January 5th, 2013 — Software Testing Jobs
This article is for freshers and experienced Software Testers who want to be effective in Software Testing Job search or who want be more successful in clearing most of the Software Testing Interviews they attend. I will touch upon some of the aspects like, what to highlight in CV / Resume, channels available to search for Software Testing jobs, interview preparation, HR interview questions, and some tips on clearing interviews successfully.
For the benefit of freshers, I would start this article by explaining importance of Software testing, how much clients value Software Testing services and later explain how to increase chances of getting a Software Testing Job as a fresher or as an experienced Software Test Engineer. The intent of this article is not to bias freshers or anybody to choose Software Testing Career but to make them understand the importance and value of Software Testing in IT Industry, so that freshers can decide for themselves.
Incase you are fresher or less experienced software testers, I would strongly recommend to read article on What is Software Testing?, which explains what software testing is all about, why software testing is required, Cost of Quality, risks associated with softwares with defects, before you continue reading this article
Software testing jobs in the past, about more than 5 years ago, was perceived as a profession that was easy to get into, boring, repetitive, lot of documentation work, more of data entry, apt for people with less IQ, job suitable for non IT graduates, and Software Testing is a stepping stone to move to development roles, Software Testing means only black box testing etc. I would say, these are all myths of the past and it’s time to provide awareness to people who still think on those lines. The reason I say so, even developers have to create documents, like high level and low level design documents, document unit test cases, log unit test defects, so even developers spend roughly about 30% to 60% of their time in documentation and testing like unit testing and component testing depending on the technology, SDLC, Process followed and complexity of the project.
Companies always like to hire freshers or experienced people who really like, understand importance of Software Testing and who want to stick to software testing career and not choose Software Testing job as a stop gap arrangement. It is imperative that during introduction or while answering to questions like “why you want to take up Software Testing Job as a fresher”, your answer should express your interest in Software Testing and highlight some of your qualities and strengths that will help you to be a good Software Tester.
Software Testing Jobs are in great demand at present, there are lot of Software Testing Job openings, at the same time there are more people willing to pursue Software Testing career than the number of Software Testing Jobs available. In the recent few years, I have seen developers choosing Software Tester roles, as they want to be experts in a particular Business domain and work in niche software testing types like Security testing or Performance testing or Usability testing etc.,
In many of the Pre-sales or client delivery visits that I have supported, clients always asked more related to Software Testing and Quality Assurance and they were eager to know more on Software Testing Capability and Software Test Process maturity of the organization, Software Testing Tools expertise, Metrics and Software Test Certifications before they decide to outsource or increase the scope of outsourced work. Below are some of the questions that are usually asked during client visits.
- What is the organizational and Project capability and Process maturity ?
- What is the Software Testing processes followed ?
- What is the Software Testing Life Cycle being followed ?
- How many software testers were certified ?
- What are the Software Test Tools organization has used or has expertise ?
- What is the capability of organization with regard to Software Test Automation ?
- Requirements traceability to ensure all the requirements are tested
- What are the Test metrics captured ?
- Organization capability to carry out different types of testing and test application built on different technologies like Web, Mobile apps etc.
Now, I would like to explain some of the topics related to Software Testing Jobs for freshers, like Campus and Off-campus recruitment options, points to highlight in CV / resume.
Software Testing Jobs
Software Testing Jobs for Freshers
Finding a Software Testing job as a fresher is really hard compared to an experienced Software Test engineer. I would strongly advise freshers to first thoroughly understand what is software testing? why Software Testing is required ?, Qualities and skills required to be a good and successful software Tester, get to know about software testing career paths, get a overview of different types of software testing and software testing tools available in the industry.
One should not blindly prefer Development or any other IT Job, just because their friends or college mates chose. I have seen people opting development blindly by following footsteps their friends or college mates and later realizing that Software Testing or other profession would have provided better career prospect for them, late realization does not help. So, you should choose Software Testing if it’s inline with your aspirations, strengths and if you want to hone skills required to take up Software Testing as your career.
Why there are few Off-Campus opportunities for freshers?
Most of the software companies go for campus recruitment rather than Off-Campus recruitment, as it is more beneficial for the company in terms of Training, meeting their recruitment targets and faster way of hiring large number of talented people.
Campus recruitment: Companies call for campus recruitment when it is targeting for hiring freshers with good grades or percentages in their academics. Candidates are expected to be good in oral and written communication (in English), good problem solving and analytical skills. Large or mid sized companies prefer Campus recruitment, as the fresher intake is high, they handle larger projects and maintain good bench strength. Also, it would be easier for them to conduct trainings for a sizeable batch. Hence, large or mid sized companies prefer campus recruitment.
Off-Campus recruitment: Companies call for off-campus recruitment when the number of intake is less. Mostly, small companies opt for off-campus recruitment than campus recruitment as their hiring numbers are usually low. Even large or mid sized companies may call-in for Off-campus recruitment when the intake numbers are less or outside campus recruitment timelines. Companies may also prefer off-campus when they do not have time or budget to train freshers. Hence, freshers who have undergone training from reputed professional institutes and finishing schools will have higher changes of getting selected in off-campus rather than a fresher who has not undergone any training.
Point to remember as fresher:
a) Qualities of good Software Test Engineer: You should choose Software Testing, if you feel you have the below qualities or you can enhance on the below qualities.
- Attitude to find faults to make things better.
- Attention to detail.
- Interested to understand business domain(s) and be a SME (subject matter expert) of one or more business domains.
- Good analytical skills.
- Programming Knowledge, required for Test Automation.
- SQL Knowledge, required for functional testing or Test Automation.
- Good oral and written communication.
- Good people skills.
b) Choose right Software Testing Job: If you have options to choose among multiple Software testing jobs, prefer the one that provides at least basic training covering Fundamentals of Software Testing or Software Testing Process or Software Testing Tools (QTP or Loadrunner or RFT) or provides an opportunity to learn popular Business domains like Banking or Telecom or Insurance or latest or niche Technology like Mobile application Testing or Security Testing or Usability Testing.
c) Software Testing Trainings: If you are searching for off-campus Software Testing Jobs, then it is very much required for you to get trained from a reputed institute on Software Testing and Software Testing tools etc., reputed institutes like NIIT or APTECH etc. that provide best Software Testing trainings.
d) Highlight achievements and strengths: Highlight your achievements and strengths which are required to be a good Software Tester (refer to point (a) for list of qualities) in your resume / CV. Also be prepared for follow-up questions that might be asked to provide citations that would prove your achievements and strengths. If you had completed development or testing project as part of your academics, highlight on the different types of testing performed, Software testing tools used etc.,
e) Be flexible on pay: I would personally advise freshers to be little flexible on the Salary part over learning aspect, while choosing between multiple Software testing job offers.
How to effectively search for Software Testing Jobs as a Fresher ?
a) Job portals: Submit your CV in all the job portals irrespective of whether they are popular or not. Also, submit your CV in job portals that are exclusively for freshers like FirstNaukri and FreshersWorld.
b) Job placement by Training Centers: As mentioned people who undergo software testing trainings are preferred in Off-campus recruitment, good training centers also provide placement services.
c) Apply for internships: Actively seek for internship roles in a company, internship provides window to fresher to learn and demonstrate his/her capabilities. Usually, internship pay is not lucrative (with some companies as exception) compared to on payroll jobs but provides industry relevant experience for a fresher. Internship will help candidates to get into payrolls of the same company or gain experience that would help to get jobs in other companies on regular payrolls. In simple words, internship is a stepping stone to on-payroll jobs!!!
d) Learn Software Testing Tools: Download some of the Trial Software Testing tools like Loarunner, QTP or RFT and highlight your knowledge of these tools in your CV / Resume.
e) Software Testing Concepts: Understand software testing basic concepts and should be able to define them in own words, terms like Blackbox testing, whitebox testing, Testing Automation, test scenario, test case, defects, defect report, test bed, Unit testing, integration testing etc.,
f) Database concepts: Understand database concepts and should be able to define them and write SQL queries when asked, terms like Relational database, Object relational database, View, index, Joins, DDL, DML, synonym, PL/SQL etc.,
Software Testing Jobs for Experienced
Unlike freshers, experienced software testers need not have to be worry about your grades and percentages of their academic years with an exception of very few companies that still consider academic grades while hiring experienced people, I do not want to mention names of such companies here though ?. However there is lot of preparation that an experienced candidate needs to do before applying for Software Testing Jobs or attending Software Testing interviews.
How to be more successful in getting Software Testing Jobs ?
a) Prepare for technical interview: In most of the software testing interviews for experienced, interviewers expect candidate to be through in software testing concepts, defect reporting, database concepts and SQL queries.
- Experience or good understanding of one or more popular domains like (Banking, Telecom, Insurance, Retail or Mobile applications).
- Experience or training or self learning in niche areas of Software testing like Usability Testing , Security Testing , Performance testing, mobile application testing, adds weight to CV / resume.
- Understanding of how to writing better test cases, test scenarios and good bug report. During interview candidate may be asked to write test scenarios for pen , test cases for login page , test cases for ATM etc. So, it’s better to be prepared for such common questions.
- Test case techniques (like Boundary Value Analysis , Equivalence Partitioning and Error Guessing ) and sound understanding of software testing methodologies .
- Good understanding of Software Test Plan and Software Test strategy .
- Understanding of Entry and Exit Criteria for Software Testing Phase.
- Importance and experience in creating and maintaining Traceability Matrix .
- Good understanding of Test metrics and formula’s related to Defect Removal Efficiency , Defect Density , CPI (Cost Performance Index) and SPI (Schedule Performance Index).
- Experience or knowledge of one popular Functional test automation tools like QTP or RFT or Robot.
- Experience and good knowledge in at least one test management software like HP Quality Center or IBM Rational Quality Manager.
- Experience or knowledge of one popular performance testing tool like HP Loadrunner or IBM performance tester.
- Should be able to write SQL queries that involves Joins and should be able to write queries related to inner join, outer join, self join, left join.
- Should be able to explain syntax or with examples for some of the popular Unix or Linux commands like GREP command , FIND command, CAT command , PS Command and CHMOD command .
b) Work on presentation: Being knowledgeable does not necessarily that mean one can present effectively. I have seen people who are very knowledgeable but unable to answer questions straight to the point, they either beat around the bush or they often seem to be at loss of words and unable to express what they want to tell. So, it is very important to prepare and rehearse for answering Interview questions. Best thing to do would be to prepare and answer questions on Software Testing forum which would serve as rehearsal. More rehearsal would increase your confidence level, confidence and correct answers are required to clear interview successfully.
c) Be thorough with your Resume/CV: At least 30% to 40% of the interview questions would be asked from candidate’s CV/resume. So, read your CV at least 2 to 3 times, each and every line of your CV and jot down probable questions that can be asked based out of your resume and rehearse for the questions. Candidates are outright rejected if they cannot answer even 1 or 2 questions that were based on their resume/CV.
d) Highlight Trainings, Certifications and Achievements in your CV/Resume:
- CV/Resumes are screened and filtered even before candidates are called for interviews. So it’s imperative that you highlight Certifications you have completed in your CV/Resume which is visible, probably on header or during initial part of the document. I would suggest highlight professional or industry acknowledged certification(s) like CSTE, CSQA, ISTQB, CSTP, CSQE, ISEB etc., that you hold and any other certifications, even though it is not industry acknowledged.
- Every organization wants to hire trained or experienced resources. However, some of the trainings can be quite expensive, training on Software Testing tools, Usability, Security Testing etc., Highlight the trainings that you have undergone in current organization or externally.
- Every organization wants to hire best talent in town, highlighting your achievements or the value you have created for current and previous organization on top section of your CV will help in getting your CV short listed for skill interview.
e) Prepare for Technical Interview: Usually first round of interview would be Technical round, prepare for every possible Technical Interview question on Software Testing, types of Software Testing, Test Automation, Testing Tools, Defect, Metrics and Business domain on which you have worked. Go through exhaustive list of Software Testing Interview Questions available on this site.
f) Prepare for Interview with management: Usually second round of interview would be with leadership team like senior manager or director or CEO or CIO etc., depending on the position candidate is being considered for. Interview with leadership very very crucial as the candidate’s designation gets decided and flagged to HR. Leadership team always looks at 4 areas (in following order), Value created for past organization(s), candidate’s Potential to operate one level higher, Achievements and experience.
g) Prepare for HR interview: HR interviews are perceived be pretty simple and quick, however candidates may be asked few tricky questions as well like “what are your 3 weaknesses?” or “what are the 3 things that you don’t like about your current company?” etc.,. HRs usually assess candidates on stability, people skills, genuineness, retention factor and Salary expectations of the candidate. Go through HR Interview questions, prepare and rehearse by answering the questions to best of your knowledge.
How to effectively search for Software Testing Jobs with experience ?
a) Job Portals: Submit your CV in all job portals, keep an eye on the new jobs being posted on the job portals, and apply for job openings. Most of the companies do post job openings on job portals. Keep updating/saving your CV in job portal every 15 days or at least once a month, as recently uploaded or updated CVs are usually listed on top, infrequent updates will lead to listing of your resume at the bottom of the list, which means lesser visibility to recruiters and HRs looking for candidates on job portal.
b) Make most of Social Network: Employee referral is one of the most reliable channels for any company. Companies believe that their employees can influence talented, like minded and experienced friends, ex-colleagues and acquaintances to join the company. On an average 25% to 30% of the company’s recruitment needs are fulfilled through employee referral. Plus referrer will earn a referral bonus!!! So it’s time to socialize, expand your professional & friendship network, get to know more people, share knowledge so that they would in turn help you at some point of time in future, when you need help in finding a Software testing Job or help with a particular tool or domain etc. Remember “A friend is need is a friend in deed”. Do you like this post? Then share it with your friends, peers or ex-colleagues or on social networking sites, remember what I said “Expand your network and make it stronger”, also “sharing is caring and sharing is being social“. share this article with people whom it would help and socialize.
c) Contracting or body shopping agencies: There are quite a few contracting or body shopping agencies that hire experienced candidates on their payrolls and place them on contract with other IT companies. Over a period of time, depending on the contracting agency policies and contracts, they allow contractor to employee conversion. Contracting companies is a faster employment option; when somebody is desperately look out for a job. Most of the larger companies have at least 15% to 30% of their workforce on contract in Indian companies, as it helps them for a quick ramp up or ramp down based on the project or companies growth needs. Percentage of contract depends on skill and geography. Contractor to employee percentage is in countries like USA, UK and countries in Europe compared to Indian companies, like if contractor to employee % in US or UK is (60% to 80%), in Indian companies it would be .1 to .3 (i.e. 10% to 30%)
We are very grateful to our guest author Hari Iyer for contributing a detailed and useful article that would help fresher and experienced people in searching for Software testing jobs. Hari, is working as software Test Manager in one of the reputed Software companies in Bangalore (India). We are positive that this article will help freshers and experienced people alike in Software Testing Job search and preparing for Software testing interviews. Wishing Good Luck to all of our blog readers on their software testing job search and for interview preparation!!!
Other Interesting Articles:
April 15th, 2012 — software testing, software testing interview questions
Below is an exhaustive list of questions asked during Manual Software Testing Interviews. These interview questions are submitted in our Software Testing Forum as well, click on “Answer” link against any of the questions listed below to answer the question to best of your knowledge or read answers submitted by others and provide your inputs.
1. What is Software engineering ? Answer
2. What is Test Case ? Answer
3. What is the difference between Continue reading →
Other Interesting Articles:
September 1st, 2013 — software test engineer, Team building
Team of Software Testers or Software Testing Team ?
Every Test Lead and Test Manager wishes to lead a Successful Software Testing Team rather than a Team of Software Testers. Most of the Test Leads and Test Managers desire to be given a high performance software test team rather than building a high performance and successful Software Testing team.
If you are a Test Lead or Test Manager or aspiring to become a successful Test Lead or Test Manager in future then I would share the methods I employed in building a high performing and successful Testing team.
So, let’s see the factors that contribute towards building a high performing software testing team.
Identify and staff best Software Testers: Ground rule is, always hire testers or new comers who are interested in testing and want to peruse Software Testing as a career, never hire people who treat Software Testing Job as a stop gap arrangement to move to software development or do not have respect for software testing. When you get chance to hire or staff somebody on to your testing team, always look for, find and take best Software testers. In most of the cases, test leads or test managers hire software testers who are readily available rather than waiting to get good software tester. Test Leads and Test Managers should always expand their network to identify best Software Testers available with-in and outside their company; this would help them in hiring the best talent quickly when required. Hiring best software testers not only helps to make the testing project successful, it would also reduce most of the project delivery pressure off from Test Lead and Test Manager.
Retain best Software Testers: Retaining best talent is even tougher than identifying them. As a Test Lead or Test Manager or as senior management, one should be liberal in appreciations, rewards and making the best resources feel their work and talent is recognized and rewarded. Awards and recognition may not always necessarily be associated with monetary benefits. Individuals feel recognized even in cases when supervisor or senior management sends out an appreciation email copying development, testing and other stake holders. Awards and recognition should not be targeted only for the particular areas of work like defects, instead it should be across different aspects of software testing and test management like “Team player of month”, “Effective Reviewer of month”, “KT session of Month” etc.
Set Objectives and provide feedback: Setting Objectives for every member of the team is the key to success of the team and organization as a whole. These objectives have to be reviewed time to time at least once in 3 months or when a team member gets promoted or entrusted with more responsibilities. Setting objectives ensure resources are clear about the expectation of the supervisor and the organization. Objectives set should be measureable in nature than being generic e.g. ensure 100% of Sev1, Sev2 defects, 95% of Sev3 defects and 85% of Sev4 defects are identified and reported during QA phase. Similarly other objectives can be related to Knowledge sharing, obtaining certification or evolving as subject matter expert etc.
Providing regular feedback is equally important as compared to objective setting. Its very important to provide feedback to resources and ensure they take it in right sense rather than start feeling insecure and not being wanted in the team.
Most of the bigger organizations already have a well defined appraisal framework for Objective setting and feedback documentation. However, following the framework in the right sense is most important. Incase a well defined appraisal framework does not exist in the organization you are working currently, then its time to setup a appraisal framework for your team.
Motivate team members: Building good professional relationship with your subordinates is the one of the biggest motivational factor for your subordinates. This can be a challenge when your team is large e.g. team size is more than 20 team members, however it is necessary to spend at least 15 to 20 minutes with each resource to build good professional relationship. Best way to do this is, take each member for coffee or breakfast each day, by doing so, you don’t have to dedicate separate time to mingle with your team and build good professional relationship. During Objective setting, as a supervisor one needs to find out what motivates each and every individual in your team. Every team members is unique and their motivational factors can be different. One team member may be motivated when he/she is given more responsibility, for somebody it could just the monetary benefits etc.
Enhance knowledge of Team: Encourage your testing team to increase Domain knowledge and learn automated testing tools. For tracking purpose, you could use the appraisal framework, where you define one or more objectives related to learning and knowledge management. Constant learning is one of the motivational factors for high performers at the same time it also helps to delivery more and adds value for the project. As a Test Lead or Test Manager, its your job to identify learning needs of the software testers on your team and to bridge any existing knowledge gap.
This article is contributed by our guest author Vishwajit Singh, this is his first article on our blog. He has 9+ years of experience in Software Testing and 4 Years in Test Management. We whole heartedly thank Vishwajit for his sharing is secret recipe of build a successful software testing team.
Other Interesting Articles:
July 10th, 2013 — software testing types
Read this article on User Acceptance Testing (UAT) if you want to understand importance of UAT, clients or end user expectations from UAT, how UAT is planned and to understand UAT best practices. Continue reading…
What is Acceptance Testing?
Acceptance testing is applicable for various engineering disciplines. Acceptance Testing is more rigorous and consistently followed in IT industry as every software or business solution to be delivered is unique. However, in this article, in this article, we will be focusing on Acceptance Testing in IT industry. Acceptance testing is the last stage of software testing. Acceptance Testing is usually performed by clients or end users who would be using the software once software is deployed in production environment. Acceptance testing is performed in a “Pre-Production” environment that closely mimics production environment i.e. in terms of hardware, configuration, external services etc.
What are the different forms of Acceptance Tests?
Below are the different forms of Acceptance Tests, based on the nature and type of user base, complexity of the software, one or more types of testing can be applicable.
- UAT (User Acceptance Testing) or End User Testing
- Alpha Testing
- Beta Testing
- Operational Readiness Testing (ORT)
Why UAT is needed ?
UAT (User Acceptance Testing) is conducted for below reasons.
a) Evaluate Business benefits: – Before software is rolled out to production environment, clients or End users have to validate the software to check if the business requirements are implemented as required and software can deliver intended business benefits. Clients or end users usually run key end-to-end business scenarios. However, it does not mean that they will not report minor or cosmetic defects they come across while performing UAT. Extent to which UAT is carried out depends on number of critical business requirements being implemented, complexity of the requirements, number client or end users available to perform UAT and duration of UAT phase as well.
b) Ensure requirements are implemented correctly:- Functional requirements tend to change and evolve across different phases of SDLC or over several iterations like Agile development approach. UAT becomes very necessary as clients or end users validate software to ensure most latest requirements are implemented before software is rolled out to production environment.
c) Official Signoff:-UAT phase helps to obtain official signoff and go-ahead from Clients or end users to deploy the software into production environment. UAT signoff does not mean that clients or end users take responsibility of any defect leakage. Remember, objective of UAT team is to find out whether software meets business needs or not and changes implemented are acceptable for end users. Software Testing and development teams are primarily responsible for any defect leakage.
Remember, success of software depends on business benefits it delivers and acceptance of the software by its users. Incase software does not satisfy one of these criteria then it’s bound to be a failure.
UAT Test process
UAT like any other phase of SDLC requires great deal of planning and execution. Point to be noted is that significant amount of effort is required from clients or end users as well. UAT test process can be outlined as below.
- Plan UAT : Scope, resources, timeline
- Identify UAT Test Scenarios
- Document UAT Test Scenarios
- Identify UAT Test Data requirements
- Execute UAT Tests
- Verify UAT defect fixes
- Report UAT results
- Go/No Go Call
- UAT Sign off
Delay in UAT completion:
Below are some of the key issues that put UAT phase behind schedule in most of the projects.
- Delay in UAT environment setup.
- Some of the external interfaces are down or not available during certain part of the day due to routine maintenance that cuts into UAT test hours.
- Test Data issues in UAT environment.
- More defects being discovered during UAT phase.
Cost associated with UAT
Many people think that UAT phase does not have any associated cost as UAT is performed by clients or end users but that’s not true. Though UAT is performed by client or end users, below are the costs associated with UAT phase.
- Cost of developers and Testers supporting UAT phase
- Cost of setup and dedicated maintenance of Test environment for UAT phase.
- Cost of diverting clients or end users to perform UAT instead performing their business tasks. Of course this cost does not impact company developing the software, however, UAT schedules usually gets squeezed due to this cost, which means long working hours for teams supporting UAT phase.
Entry Criteria for UAT
Below is the list of Entry Criteria for starting UAT.
- Business and functional requirements are frozen and no further changes are anticipated.
- Unit, Integration and System tests are completed.
- Functional testing is completed and there are no Open Sev1 Defects and Sev2 defects. Incase they are some Sev3 or Sev4 defects open then a pre-approval is sought out from client to proceed with UAT with an understanding that pending Sev3 and Sev4 defects will either be fixed during UAT phase or fix is deferred to future releases or fix would be done within the warranty period.
- UAT test environment is setup and external services are integrated and working.
- Test Data required for UAT phase is setup in UAT environment as per specifications provided by clients or end users.
- Test Closure report is prepared by Test Lead and approved by Test manager.
- UAT test scenarios are identified and documented by clients or end users.
- Development team and functional test teams are available to provide required support during UAT phase.
Exit Criteria for UAT
- All the UAT scenarios are executed; defects found during UAT are fixed and closed.
- Any open defects are with the permissible or contractual agreement.
- UAT Lead sends an official sign off email to indicate satisfactory completion of UAT phase.
Best practices related to UAT
- Plan for UAT during earlier phases of SDLC. Ensure Test Scenarios created by testing team have been reviewed by end users so that any missing scenarios are identified during design or development phases itself, which result in less number of UAT defects.
- Most of the UAT defects logged are usually related to Test Data setup issues. Hence, it’s always advisable to get formal Test Data setup request from UAT lead much in advance. So that Test data can be setup in UAT environment and data setup can be validated by Testing team before UAT starts. This reduces number of issues related to test data setup and delay in waiting for correct test data to be setup.
- Test environment coordinator role is very crucial for success of UAT, when UAT environment setup is complex or involves several third party/external services. Since UAT phases are usually planned for short duration, it is imperative to have Test environment functional during entire UAT phase. In complex information systems, there are chances that one or the other external services do undergo scheduled maintenance that can lead to downtime, resulting in delays and increase frustration of clients or end users.
- Have UAT test scenarios executed by Testing team in advance. Testing team can request for UAT scenarios that the clients or end users would be testing, by doing so, testing team can proactively run those UAT scenarios, find probable UAT defects during testing phase itself and rather than allowing those defects to be discovered by clients or end users during UAT.
- Testing and development teams to work in shifts to 24X7 provide support during UAT phase and to prevent any backlog of defect fix and retesting.
- Defect fixes detected during UAT phase always needs to be retested by Testing team before they are actually tested by client or end users performing UAT. It is very critical that defect fixes are 100% successful, otherwise team will end up losing credibility.
- Publish list of open defects to UAT team, so that there are not duplicate defects logged.
Tools for UAT
Tools required by UAT team are more on Test Management tools like Quality Center or Clear Quest to record test scenarios and document UAT results and map them to defects. Use of automated testing tool would be an over kill as UAT phases are usually short duration and UAT team do not intend to run multiple cycles of UAT.
Other Interesting Articles:
May 4th, 2013 — Security Testing
Security testing is one of the most important types of software testing that focuses on finding out vulnerabilities or weakness in the information system. Objective of Security testing is getting vulnerabilities identified and getting them plugged before they are exploited by unauthorized users or malicious programs.
Information system includes all the software, hardware, Operating system, network, Database, configuration and most important “data”.
Security testing is not just about finding security holes in the software application alone; instead it is about testing entire information system as a whole for vulnerabilities or weakness that can be exploited.
Security can be implemented using one more combinations of security measures like Security Policy, Physical, mechanical, electronic or through Software. Security testing would mean testing each of these security measures finding weakness and making it more robust.
Implementing Security measures :
Implementing Security measures starts with a proactive approach of identifying probable security risks, preparing threat profile, identifying preventive measures and applying appropriate security systems to prevent, monitor, detect and neutralize security threats. Once the Security systems are in place, monitor, detect and neutralize threats on an on going basis. IT security usually relies on automated systems and is usually sophisticated as the threats are more of virtual than physical.
1) Prevention – Identify Security risks and build threat profile.
2) Monitoring and Detection
3) Neutralize Threats
4) Upgrade Prevention measures or security policies over period of time.
What is vulnerability?
Vulnerability is a weakness or security hole in information system using which an attacker can gain access, damage, misuse, modify or disrupt part of or entire information system. Focus of Security Testing would be to identify all the vulnerabilities and get them plugged.
Vulnerability window refers to the time duration for which security hole existed i.e. from the time it was introduced till the security hole was plugged and security threat was neutralized. Greater the Vulnerability window, greater is the probability of attackers exploiting the security hole.
IT (Information technology) and Security
Security requirements in IT (information technology) can be broadly classified as “Application or Software Security”, “Data Security”, “Information Security”, and “Network Security”.
Application or Software Security:
Application Security focuses on different stages of SDLC (Software Development Life Cycle), process, tools and deliverables that can lead to application or software vulnerability or weakness.
Data Security focuses on policies and methods that will help prevent intentional or accidental damage, access or misuse of data by authorized or un- authorized users or programs. Data Security primarily focuses on “Backup”, “encryption”, or “masking” of data.
Data may be or may not be in human readable or understandable form, like Binary data that cannot be understood by human being. Where as “information” is summary and presentation of data in a way that can be read, understood by a human and that helps in decision making.
Information security focuses on protecting information from unauthorized access, misuse, modification or damage. Information security is usually thought as an alternate name of IT Security. However, Information Security is applicable for IT and Non IT as well, you might recollect seeing documents or files labeled as “Top Secret”, “Secret” or “Confidential”.
Three principals of Information security are Confidentiality, Availability and Integrity.
refers to level of access, access rules are defined and access restrictions are in place. E.g. Top Secret information is accessible to VP and above.
means information is available when needed and is accessible for authenticated and rightful users.
means information presented is correct and consistent through out.
most of the information systems are accessed over network be it internet or intranet. Network security refers to monitoring and preventing unauthorized use or misuse, neutralizing threats on the network. Most of the network security issues are due to hackers or bots or worms and malicious software that try to intrude into the network.
Who is responsible for Information Security?
Every stakeholder who is involved in any of the SDLC (Software Development Life Cycle) phases right from conception phase till Decommissioning of the information system is responsible, this includes end users using the information system as well. However organization’s Information system security department and CSO (Chief Security Officer) are accountable for information system security. They are the ones who make the policies, identify security risks and prepare mitigation plan, propose adoption of industry security standards for the organization, educate users and stake holders of the organization about security policies and security measures adopted by providing appropriate trainings etc.
Why Security Testing is required?
Security Testing might seem like one of the software testing types that does not add value to end users and hence less important OR a type of investment with less or no ROI (Return on Investment). In reality, Security Testing is the key to existence and success of any Business.
Security testing is needed for most of the applications; however the extent of Security testing required depends on the security risks, complexity of the software, exposure to threats and accessibility. All applications related to finance or military domain or web applications are usually at high risk and these applications have to be rigorously tested for Security flaws.
In the last two decades, organizations have realized importance of Security testing as Governments have brought in regulations to ensure organizations provide required confidentially, security and privacy to customer data.
US federal and state legislators have brought in certain regulations related to information security like Sarbanes-Oxley, HIPAA (Health Insurance Portability and Accountability Act), Payment Card Industry Standard (PCI), and FISMA (Federal Information Security Management Act).
Below are some of the reasons why security testing is important.
1) Downtime: Most of the security flaws lead to service downtime and loss off revenue. Think about a popular Telecom website going down for about 1 day, it can lose revenue, customers, credibility and breach of SLAs which in turn can lead to penalties.
2) Legal Issues: Security issues can lead to legal issues and complications. Think about an insurance system being hacked and SSN (Social Security Number) of company’s customers being posted on a forum. Customers are going to sue the company for such incidents. Such incidents can lead to legal issues and penalties.
3) Brand Damage: With frequent downtime or leakage of confidential information reputation of the company can be damaged severely and can lead to loss or shutdown of business.
4) Cost: Cost of every security issues exploited is several folds greater than the cost identifying and fixing them during development and Software Testing phases.
Seven attributes of Security Testing
identification of a person or user or a program before accessing information system. Authentication can be implemented by using various means like User id & Password or Secret Questions and answers or biometric authentication or Token (e.g. RSA SecureID token) or even one time/temporary password sent as SMS. Some of the application may use one or more combinations of authentication methods.
once a user or program is authenticated, information system should limit access as per the privilege or permissions set for the user or program. Authorization is usually implemented with a Access control list OR by Categorizing users into groups and define privileges and restrictions for each of the groups OR granting or revoking privileges for individual users.
refers to information system’s ability to protect information or data from Un-authorized or less privileged users.
Information system should protect confidentiality of the information at all the stages of information processing, storage and display.
Confidentiality in an information system is enforced by defining User Groups, privileges, restrictions and usage of encryption. e.g. sensitive information like passwords, SSN (Social Security Number) etc., that are stored in database should be encrypted and should not be stored as plain text because confidentiality of the data or information needs to be protected. Database administrators or developers having access to database should not be able to see information or data to which they are not authorized to view.
availability of information system may not seem to be related to security testing, however exploited systems can face huge downtime and also security patch upgrades should be confined to minimal downtime. Downtime can be due hardware and natural disasters as well. Availability refers to accessibility of the information system and its services when required to be used by authorized users. Most of the information systems usually have primary and fail over sites, when a primary site is down, then service requests are re-directed to fail over site, there by service are provided even when primary site is down or when it’s being patched. E.g. if a website is being used by customers across many countries then the expected availability would be 24X7. Similarly, a trading site is expected to be available for particular time of the day for public use, say 9 AM to 3:30 PM.
refers to reliability, consistency and accuracy of the information presented by the information system to its users. Information presented to users should be as per user groups, privileges and restrictions.
means confirmation sent by receiver to sender that the requested services or information was successfully received as Digital confirmation e.g. Digital Certificates, this not only serves as acknowledgement but also helps to validate both sender and receiver is genuine.
refer to resistance to attacks; resilience can be built into information system using encryption, using SSL, extended authentication like use of one time password, 2 layer authentication or token.
Security Testing process:
Below are the broad steps involved in Security Testing planning and execution for any given information system.
- Understand business objective and security goals of the organization. Organization might have planned to achieve PCI compliance etc., so these have to be factored in your security test plan.
- Understand requirements of the application.
- Understand how information system is setup like hardware, Operating Systems, technology used for development of Software and Network.
- Identify Security Risks and vulnerabilities.
- Prepare Threat profile.
- Prepare Test Plan to address test Security risks, vulnerabilities and threats identified.
- Prepare traceability matrix for each of the risks, vulnerabilities and threats identified and to be tested.
- Identify Security testing tools required. All the security tests cannot be done manually, so usage of security testing tool might become a necessary. Also, usage of tools will help to execute Security Tests faster and more reliably.
- Document Security tests.
- Execute Security Tests and retest defect fixes.
- Execute Regression Tests.
- Prepare Security Test report detailing risks, vulnerabilities and threats contained and the ones which are still open.
Type of tests to perform during Security Testing ?
Below is the list of different types of Tests carried out a part of Security Testing.
Usually application takes input from user on GUI and builds SQL query at run time.
Port scan is done to check if there are any port open with need, port scan alone does not expose vulnerability, however it is the starting point for further tests like vulnerability Scan.
means scanning information system (software, OS, Database, application server, web server, Network etc.) for weakness and know security bugs that can be used to gain access or disrupt services or destroy data. Vulnerability Scan usually includes port scanner, Network, Database and web application vulnerability scanners. Vulnerability Scanners are usually automated; these programs could be written by ethical hackers or can be off the shelf software.
Session ids created should be Random and long alphanumeric string that is hard to guess rather than just incremental numbers. Sequential session ids or Simple session id format results in weak session management.
Application should be designed not to store sensitive information in browser cache. Like your Bank account details or SSN (Social Security Numbers) etc., as these information can be viewed by simply viewing browser history in “Offline” mode.
Getting access to Database is usually the primary goal for most of the hackers as they know that most of the information they are looking for is stored in the database.
- Confidential data stored in the database should always be masked or encrypted like SSN, Credit Card numbers, Passwords, Salary etc.
- All the passwords of default database user ids should be changed. Most of the hackers start looking for User ids that have default passwords when they want to hack databases.
- IP restrictions to connect to database should be enforced. E.g. only application servers and IPs of administrator PCs should be allowed to connect to database. This will restrict unauthorized users from trying to connect to database directly over internet or intranet.
Classification of Hackers:
Hackers are classified based on their type, motive and experience. Hacking itself cannot be considered to be bad, what makes it bad is the motive behind hacking.
also referred to as white hat hackers, are the ones who are interested to break into a information system to expose the weakness or vulnerabilities and they do not have any intention of misusing or causing damage. Security testers are indeed ethical hackers.
are the most experienced and skilled people, who exploit, misuse or even destroy information systems for their personal gain (usually for money). Most of the Black hats usually end up getting involved in cyber crimes.
is a word derived from two words “Hacking” and “Activist”, these are people who do not hack information systems for money or personal gain, they hack information system because of their ideology or religious beliefs or for a social cause. They usually try to bring down the information system or alter website content to post their message or try to make it temporarily unavailable.
Script kiddies or script junkies:
are hackers who are less knowledgeable in hacking and they mostly rely on scripts or software’s written by other experienced hackers. Most of the script kiddies try hacking for fun.
are programs written by experienced hackers which try to invade information systems and steal information and upload data to another server maintained by hacker.
Other Interesting Articles:
March 19th, 2013 — manual testing
Different people have different perception about Manual Testing. No matter how people perceive manual testing, importance of it will always remain the same.
What is Manual Testing ?
Manual Testing is the process of executing software to validate it against software requirements and to find defects / bugs.
Manual testing, as the name suggests, testing is done by a human being without using automated testing tools.
Manual testing can be Continue reading →
Other Interesting Articles:
March 12th, 2013 — Software Testing Jobs
Increase your chances of getting Software Testing Job, is the theme of this article. If you want to understand secret behind people who are successful in getting software testing jobs, then this is the article that you need to read. Being successful in getting Software Testing Jobs is all about the preparation, approach and attitude that makes some people more successful in getting Software Testing Jobs of their liking.
“Take away” from this article for you, is to find out what are the things you are already doing right and what other areas you should focus in order to increase changes of getting a Software Testing Job in a good Software company.
I have spoken to many freshers and experienced software testers and enquired them on the reasons they think due to which they were not successful in getting Software Testing Job in a good company. Most of the answers provided by them were biased and they did not want to acknowledge their faults or shortcomings, which is a human tendency. However, when I analyzed from a neutral point of view. I could figure out below reasons that were the root cause for most of them which were preventing them from clearing software testing interviews and not being able to get a Software Testing Job of their liking. So what are those root causes?
- Click on the above image to see image in full scale.
1) Lack of Software Testing Knowledge: Most of the freshers and experienced software testers don’t enhance their knowledge on Software Testing and Testing Tools on a regular basis. If you don’t agree to this, then pause for a moment, ask the below questions to yourself
a) How many software testing books have you read in the past 1 year?
b) How may software testing tools have you learnt in past 6 months?
c) What are the business domains you have understood in past 1 year?
d) For how many years have you have been thinking of taking up software testing certification or learning a testing tool?
e) How many different types of software testing have you explored in the past 1 year?
f) What are the different software test estimation techniques you have tried in past 1 year?
Click on the above image to see image in full scale.
In order to be successful on the current job, as well as to be successful in getting a new job, one has to keep upgrading their knowledge on a regular basis and not just try to learn something before attending interviews. Develop a habit of learning something new related to Software Testing, Software Testing Tools or popular Business domains like Banking, Telecom, Insurance or Retail on regular basis etc., One has to define and set short term and long term learning objectives in order to succeed in this competitive world.
One of my close friends who is experienced in manual testing, has been planning to learn QTP since last 2 years, even today he has not learnt a bit about QTP. So, just having ambition of learning is not enough, one should plan and track the progress. Like my friend, there are many software testers out there who have ambition of learning something new but who don’t put efforts in accomplishing it.
Take Away: I would request you to identify and document your Short term and long term “Learning Objectives”. Create a “Learning Plan” based on your learning objectives and check progress on a regular basis. If you implement this idea documenting learning objectives and tracking it, then I will consider that my article achieved its objective.
2) Poor Professional and Social Networking: It may be hard to accept this fact for some people but it’s true. Larger is your professional and social network, greater would be success of getting a Software Testing Job when you are looking for one. Maintain good relationship with your colleagues, friends and keep expanding your social network on a daily basis. Your social network grows not just by knowing more people but keeping in touch with them on regular basis, internet applications like facebook, Google Circle, twitter has made the task of being connected much easier. Most of you are already using facebook but how much time do you use it for fun than to exchange knowledge related to Software Testing or Testing Tools? You may be good in socializing but how many of your contacts are related to Software Testing profession? That’s what matters when you are searing for a Software Testing Job. It’s not just enough to know more people, what matters most is, how many in your social circle will extend their help when you are looking for a Software Testing Job.
- Click on the above image to see image in full scale.
Take Away: I would request you to use Social networking sites to build your professional network as well. Include seniors and experienced people in your social network, it helps. Believe me; if you act on this suggestion, you will be very thankful to me at some point of time in future.
3) Not trying through all channels: In most of the companies recruitment teams makes use of from various channels like Employee referrals, Job portals, external recruitment agencies and contracting agencies to source candidate profiles. Employee referral is the most preferred channels by recruitment teams because every company aims at hiring talented people. Hence candidates referred by employees are considered to be equally or more talented than the person referring them. Don’t forget to make most of the employee referrals. Below is the list of channels listed in the order of preference of recruitment teams for sourcing candidates.
- Click on the above image to see image in full scale.
a) Employee Referral : Candidates are considered to be good and trust worthy as they are referred by their employees.
b) External Recruitment agencies: Agencies may charge fees for placing candidates in companies, these agencies usually get to know about openings in different companies on regular basis.
c) Job Portals: Post your profile in most popular job portals. Update or Save your CV at least once a week, so that your CV stays on the top of the search list.
d) Contracting Agencies: If you are desperately looking for a software testing job, then this is the option you should try. As contracting agencies hire people on their payrolls and place them on contract in good companies in a short span of time. Most of the contracting agencies also provide option of “contractor to employee conversion” in the company to which contractors are deputed.
Take Away: Make best use of your social network and employee referrals. Refer your friends and ex-colleagues when they are looking for a job and in turn they would help you at some point of time in future. Help and be helped!!!
4) Not being Interview Ready: Most of the candidates do not clear interviews because they are not prepared for the interview. Just like academic exams, knowing the subject is one aspect and writing the answer that will convince the person evaluating answer paper and getting maxim marks is another aspect that matters the most. Hence preparation for interviews always plays a pivotal role. Most of the candidates have good understanding of software testing and related concepts but it’s even more important to explain in simple, precise manner and sometimes answering with an example. Preparing for interview would mean going through the list of all possible interview questions and writing mock answers. Prepare for interview on regular basis and be “interview ready” at any point of time. As you will not know at what point of time you would get an interview call after you have floated your CV in various channels ( Job portals, employee referral or consulting agencies). At any point of time if you feel you are not prepared for interview, request for postponement of interview date. It’s always better not to attend interview than to fail because you are not prepared.
- Click on the above image to see image in full scale.
Take Away: “Be ‘interview ready’ at any given point of time”. Use this forum to prepare for interviews by providing mock answers.
5) Not using good CV Template: CV is the first selling point of any candidate. Time spent in preparing CV and making it more sellable is worth the time spent. First impression of the candidate is built on their CVs and the basis for calling for interview. Most of the companies do screening of CV before they call for skill interview. Most of the interview questions would come from your CV, so its very important to prepare for probable questions that would be based on what you have written in your CV. On the other hand , don’t try to fake your experience in CV, otherwise you can get blacklisted.
- Click on the above image to see image in full scale.
Use a good CV template which highlights sections like
2) Awards & Recognitions
4) Value you created for the clients/companies you wanted for.
5) Trainings you have undergone, the ones you have taken or that were provided by your current or previous companies.
6) Experience in niche areas of testing like usability testing, security testing, mobile application testing etc.
7) Experience in Software Testing Tools that you have used. As on today, there is a great demand for experienced Performance Test Engineers and especially for loadrunner.
Take Away: CV is your selling point. Ensure your CV highlights all the positive aspects like achievements, certifications, awards and trainings.
6) Not searching Job at right time: Most of the people search for jobs in desperation when they are facing issue with their boss or peers or when the company is not doing well and at verge of closing or when they are waiting for projects on bench for a long time. Ideally, one has to start searching for new job when the career growth in the current company has reached saturation point or when they want to work on the latest technology or to work on latest software testing tools etc. Also, remembers when a person is out of job then he/she will have to compromise on designation or pay package. So, don’t wait till your company closes down or till you’re out of Job.
- Click on the above image to see image in full scale.
Take Away: Reason behind your software testing Job search should not be desperation instead it should be motivation to grow in your Software Testing Career.
7) Poor communication skills: Improve your oral and written communication. Usually, communication has not been an issue for people who have been living in USA or UK for long. However, it is for people who are from India, China or Philippines, at least 15% to 25% of the candidates don’t get selected during interviews because of poor communication or poor accent. Good oral and written communication is essential for performing better job in Information Technology industry and since most of the clients are from USA or UK it becomes a necessity to have good oral and written communication. Take-up a good English speaking course, it’s worth it. Good communication is required for Software Testing and several other roles in IT Industry like Project management or Business Analyst.
Take Away: If your colleagues or supervisor has pointed out that you need to improve on communication, then please take appropriate courses to improve your communication skills.
8) Not serious about testing: Some people try for Software Testing Jobs because they feel getting a Software Testing Job is much easier than getting a software development job or they think that Software Testing Job will provide a stepping stone for freshers to move on to software development at later point of time. Remember, first question a interviewer would ask is “Why are you choosing software testing? why not development?” etc. If you are not serious about choosing software testing as your career, interviewer will find out, as your answer will not be convincing and will increase your chances of not getting the software testing job.
Take Away: Software Testing should be your passion and your area of interest. If you are serious about software testing career then it will not be hard to find as Software Testing Job for yourself, even though you are a fresher.
We are very thankful to our guest writer Hari Iyer for his second article on Software testing jobs. Hari, is working as software Test Manager in one of the reputed Software companies in Bangalore (India). We hope this article will help freshers and experienced software testers alike.
Other Interesting Articles:
February 17th, 2013 — Software Testing Training
Software Testing Training is not only important and required for freshers but also equally important and required for experienced software testers as well. However, training needs and course content differs for freshers and experienced software testers. Software Testing Training does not only mean, trainings on software Testing Basics; there are trainings available on Software Testing Tools, Test Estimation, Security Testing, Usability Testing, Software Continue reading →
Other Interesting Articles:
January 23rd, 2013 — Test Cases and Scenarios
Test Case is a terminology related to Software Testing and Software Engineering. Test Case can be defined as set of “Actions”, “input data” and “Expected” results.
Click on the above image to see full sized image.
A good Test Case is one which is more realistic, validates requirements and intends to find maximum defects.
Other Test Case Definitions:
IEEE defines Test Case as
A set of test inputs, execution conditions, and expected Continue reading →
Other Interesting Articles:
November 10th, 2012 — Interviews, LoadRunner
Below is an exhaustive list of LoadRunner interview questions, covering basic and advanced topics like “What is LoadRunner ?”, “What is load testing ?”, LoadRunner scripting, LoadRunner functions, LoadRunner result analysis, LoadRunner controller, LoadRunner correlation and other LoadRunner features.
Prepare for interviews by answering these questions to best of your knowledge and experience OR learn from the answers provided by others.
1. Continue reading →
Other Interesting Articles:
September 8th, 2012 — QTP interview questions, software testing tools
Below is an exhaustive (over 200 questions) and most frequently asked QTP (QuickTest Professional) interview questions. Try answering questions and will help you to prepare for interview. To answer to questions click on “Answer” link and post your answers.
1. What is QTP ? Answer
2. What is Session ? Answer
3. What are Add-ins ? Answer
4. What are cookies ? Answer
5. What is GetRoProperty ? Answer
6. What is SetToProperty ? Answer
7. What Continue reading →
Other Interesting Articles: