Smart Security Shop

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, 4 February 2007

How do you get Web Testing the right way?

Posted on 00:57 by Unknown
With the eminence of Internet in business and culture which has expanded the applications to evolve in complexity and scale, it has become very crucial for organizations to build webs for scalability and rigor. The webs with capability to withstand expected (and unexpected) spikes and peaks in load are in the insight.
As web applications are becoming increasingly mission-critical, errors can mean disastrous strikes to a company’s business and reputation, as well as exposure to potential legal and financial liability.

With global access to systems, nonfunctional requirements such as security, performance, scalability, and availability suddenly become strategic. Many Internet systems are tested for performance and scalability only after the bulk of the functionality is built.

Since companies now realize that errors in web application performance and
functionality can be insidious, occurring as a result of multiple causes, and risky and
costly to fix, they are becoming more proactive in their web testing. The question
then becomes not whether a website is tested, but how well was it done?

To assure confidence in application deployment, in shorter project timeframes, testers must take a realistic and an integrated approach to testing.

Start by simulating concurrent users as realistically as possible. For
example, a online shopping site should mix many prospective shoppers with some purchasers and a few administrators. Each role will stress the application differently, giving you a
realistic view of how your users will experience your application.

Automation tools can help you simulate real-world variables at run time, such as different levels of SSL encryption, multiple client types, variable “think” times or the effect of slow line speeds.

The advantages of testing with an integrated, flexible solution cannot be denied. It is possibly the best way to identify problems sooner, reproduce them faster, and resolve issues earlier.

While designing this series of realistic tests, we need to determine what are the crucial factors to be evaluated for the tests. For eg. What is the number of users to simulate, what is the expected Page Load time, what type of hardware is required for these scenario, what is the CPU utilization on the servers, the Memory consumption at peak load and much more. . Bear in mind that your performance testing, while it may be focused on the end user’s experience, needs to uncover problems further back in the system. It does no good if the system performs well, but uses so much server memory that it crashes your servers after a few days in production.

Performance is the speed at which a system responds to user actions. Scalability is the relative ability of a system to maintain its performance when under load. Load is measured by the number of simultaneous requests that are dispatched to a system.

Scalability testing is to verify your application’s data integrity while verifying its performance. Both should be validated under load for every individual user. After all, what good is a speedy response from your web server if it is only delivering a “busy” message back to the user – or, worse yet, delivering subtle data errors?

Email ThisBlogThis!Share to XShare to Facebook
Posted in Load Testing, Web Applications | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Registrations for OWASP Mumbai Meet [31st July 15:00hrs]
    Hi All, Everyone is welcome to join us at our next chapter meet to be held on Monday , 31 st of July. Registrations for the eve...
  • Free Web Proxy List
    A web proxy is becoming more and more important in todays internet. Schools and Companys tend to block sites pretty quickly nowadays, especi...
  • How do you use RSA for both authentication and secrecy?
    RSA is based upon public key/private key concept. For authentication one can encrypt the hash (MD5/SHA) of the data with a private key. This...
  • Does the code use MapPath?
    Review code for the use of MapPath. MapPath should be used to map the virtual path in the requested URL to a physical path on the server to ...
  • New Rogue Security Product: Smart Antivirus 2009
    Smart Antivirus 2009 is a new rogue security product and a near clone of AntiSpyware 2008 Smart Antivirus 2009 Home page Typical fake/Scare ...
  • Impersonation without Windows Authentication
    How to Impersonate the Original Caller without Windows Authentication When using non-windows authentication like Certificate Authentication ...
  • Firefox popups
    Firefox popups Like you, I love Firefox for many reasons, including popup blocking. So over the last few weeks I’ve been surprised to see oc...
  • Spam - It also impacts the environment
    McAfee has released The Carbon Footprint of Email Spam Report . The study looks at the global energy expended to create, store, view, and fi...
  • Botnet Attack Details from Kaspersky
    One of the good folks over at Kaspersky Lab, Yury Namestnikov, has written a great white paper about the worldwide botnet “industry.” The st...
  • Can Security be incorporated in the Computer Science & IT courses?
    Attacks on the web systems have become a common place and most of the issues have been attributed to software vulnerabilities. The IT softwa...

Categories

  • Account Lockout
  • Anti-XSS
  • Antivirus
  • Application Security
  • AppSec Conference
  • ASP.NET
  • Attacks
  • Authentication
  • Banks
  • Botnets
  • Break
  • Broadband
  • Browsers
  • Change Management
  • Citibank
  • Clear Text Secrets
  • Computer Performance
  • Computer Security
  • Credit Card
  • Cyber Security
  • Cyber Terrorism and Economy
  • Data Validation
  • Database Security
  • Defragmentation
  • Design
  • Developer Training
  • Development Tools
  • DSS
  • eCrime
  • Education
  • Encryption
  • Ettercap
  • Exchange 2007
  • facebook
  • Frauds
  • Google Hacking
  • Hacking
  • ICICI Bank
  • India Leaders
  • Internet
  • IRCTC
  • Java
  • Legal
  • Live Demo
  • Load Testing
  • Mail Security
  • Malware
  • Mastek
  • Message Security
  • Mobile Security
  • Money Laundering
  • News
  • one time password
  • Online
  • Oracle
  • OWASP
  • PC Errors
  • PCI
  • Performance Testing
  • Phishing
  • Popular Posts
  • Punishment
  • Requirement Engineering
  • Retail
  • Rouge
  • Routers
  • Rugged
  • Security
  • Security Industry
  • Security Management
  • Security Requirements
  • Security Tools
  • Sensitive Data
  • Sniffing
  • Social Networking
  • Software Industry
  • Solutions Community
  • Spams
  • SQL Injection
  • SSL
  • Sudhakar Ram
  • Summer of Code
  • SUN
  • Technology
  • Testing
  • Thick Client Security
  • Third Wave
  • Times of India
  • Typo Squatting
  • UI Security
  • University Programs
  • Virtual Keyboard
  • Virtualization
  • WCF 3.5
  • Web 2.0
  • Web Applications
  • Web Security
  • Web Services
  • WiFi
  • Windows
  • Workshops
  • X.509 Certificates
  • XSS

Blog Archive

  • ►  2011 (5)
    • ►  September (1)
    • ►  July (2)
    • ►  March (2)
  • ►  2010 (5)
    • ►  November (1)
    • ►  June (1)
    • ►  March (1)
    • ►  January (2)
  • ►  2009 (19)
    • ►  December (1)
    • ►  October (1)
    • ►  September (1)
    • ►  August (1)
    • ►  July (2)
    • ►  June (2)
    • ►  May (1)
    • ►  April (4)
    • ►  March (2)
    • ►  February (2)
    • ►  January (2)
  • ►  2008 (29)
    • ►  December (7)
    • ►  November (2)
    • ►  September (3)
    • ►  August (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (2)
    • ►  April (3)
    • ►  March (2)
    • ►  February (3)
    • ►  January (4)
  • ▼  2007 (29)
    • ►  December (2)
    • ►  November (3)
    • ►  October (11)
    • ►  September (5)
    • ►  August (2)
    • ►  July (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (1)
    • ▼  February (1)
      • How do you get Web Testing the right way?
    • ►  January (1)
  • ►  2006 (36)
    • ►  December (1)
    • ►  November (3)
    • ►  October (6)
    • ►  September (3)
    • ►  August (4)
    • ►  July (3)
    • ►  June (1)
    • ►  May (5)
    • ►  April (2)
    • ►  March (4)
    • ►  February (1)
    • ►  January (3)
  • ►  2005 (20)
    • ►  December (6)
    • ►  November (14)
Powered by Blogger.

About Me

Unknown
View my complete profile