Beyond Testing Basics4:34 with Ryan Saul
In this video we’ll be covering a lot of different types of tests that you can use to really give your company a high quality product. This video will mostly be a list of different techniques you can explore without getting too in-depth, so check out some of the resources we’ve provided below for further reading.
- Automated tests: We've gone over this previously, but it's important to note again that this is where a lot of the industry is heading. These are basically automated checks to see that the software performs correctly and can be run many times faster than people can manually test.
- Negative testing: Looking for errors in the code and deliberately testing for them. Errors should be helpful to the user and should tell them both what they did wrong and how to resolve it.
- 404 (bad URL) pages are a common thing to look for here. Also trying to access parts of an application when not authenticated.
- Security and Penetration testing: There are many threats to the security of your server, so being proactive and at least keeping ahead of the most common attacks will help prevent your server from being compromised and your or your user's data stolen. Check out the OWASP website for today's most common attacks and how to prevent them.
- Crowd-sourcing: This is a little newer, but it is a good way to simulate load on a server (like a performance test) in a more realistic way, using real people. You can also more easily find common user confusion issues or just common bugs that maybe you or the developers haven't spotted yet using the wisdom of crowds.
In this video we'll be covering a lot of different 0:00 types of tests that you can use to give your company a high quality product. 0:03 This video will mostly be a list of different techniques that you can 0:07 explore without getting too in-depth. 0:12 So I encourage you to look into some of the resources we provided below for 0:15 further reading. 0:19 We should really talk about the biggest area of expansion in quality assurance, 0:21 which is automated testing. 0:25 We've gone over this topic previously, but it's important to note again 0:28 that this is where a lot of the industry is heading currently. 0:32 Automated tests are basically automated checks to see that the software 0:36 performs correctly and that new additions don't break old features. 0:40 Instead of manually running the test we created earlier for 0:45 the RSVP app that enters some text and checks that the card has the same text. 0:48 Why not automate that in a browser testing tool like Selenium? 0:54 Now with the push of a button, we can run this test over and over again. 0:58 This is the idea behind automated testing. 1:02 If an engineer makes a change that breaks the test, 1:05 we know about it right away and can fix it. 1:08 Many automated tests every time a developer pushes some new code, and 1:11 some systems will even report bugs automatically. 1:15 [SOUND] These tests that are basically run by robots free us up to do 1:18 more important tasks, like writing more automated tests. 1:23 Another type of testing that you should start looking into, 1:27 especially when writing new tests, is to explore negative tests. 1:30 These are tests that deliberately try to break the software and look for 1:35 appropriate errors. 1:38 Think of it this way. 1:41 When you do something wrong in the software, 1:42 do you want the error to happen in the background and not tell you hwo tofix it, 1:44 or do you want to see a helpful message telling you what to do? 1:49 You'll probably remember this from our bug report example. 1:53 In our RSVP app, when we hit the Submit button without typing anything, 1:56 the app simply creates an empty card. 2:01 What it should do is put a nice red outline around the box and 2:04 tell us that we need to fill in that box before we can hit Submit. 2:08 That would be much more helpful. 2:12 Some other examples of negative tests are looking for bad URL pages in your website. 2:14 Simply type in a phony address in the browser to your site to see what happens. 2:20 I'm on the team Treehouse site right now and 2:25 I'm just gonna type in badurl up at the top. 2:27 I got a nice 404 page, page not found. 2:31 What happens on your application though? 2:35 Does it give you just a white page? 2:38 Does it give you a large error stack trace that isn't very helpful to the user? 2:40 Or does it return a helpful 404 page that 2:44 lets the user know that this page does not exist? 2:47 Security testing is a huge aspect in the QA world, especially in web applications. 2:51 Many huge, high profile security breaches have been in the news in the last few 2:57 years, such as those at Yahoo, Target and Equifax. 3:01 There are many threats to the security of your server. 3:05 So being proactive and at least keeping ahead of most common attacks will help 3:08 prevent your server from being compromised or your users' data stolen. 3:13 If you're pretty new to security testing, 3:18 it's important to pay attention to tech news and listen for issues as they happen. 3:20 OWASP, or the Open Web Application Security Project, 3:25 maintains a top 10 vulnerabilities list that you can check against to make sure 3:29 that you're always keeping these issues in mind during regression testing. 3:33 I also recommend taking a look at Burp Suite, 3:38 which includes a suite of tools that you can use to test for vulnerabilities. 3:41 But I'll admit the learning curve is a little steep here. 3:45 A newer practice that's worth looking into is Crowd Source Testing. 3:48 This is giving a handful of test cases to a crowd sourcing service 3:52 that will pay a number of users to execute those tests against your app. 3:56 This is both a good way to simulate load on a server, which we'll talk about more 4:00 in the next video, and it's also a great way to get more realistic user testing. 4:04 You'll more easily find common user problems and 4:10 identify workflow issues with this approach. 4:13 Getting people who have probably never seen this software before to use it is 4:17 a great way to take a completely unbiased approach to testing. 4:21 Since it's a pretty broad subject, I've save one more topic for 4:25 a separate video, which is low testing. 4:29 The next video will cover it in depth. 4:32
You need to sign up for Treehouse in order to download course files.Sign up