ITTL

Information Technology Test Lab

    Types of Testing

    • Functional Testing (Regression, Integration, Smoke Testing)

      Test Web pages for correct function, formatting, cookies, and data validation. Functional testing is ideal to accomplish smoke testing, regression testing, and integration testing.

      Check links

      • Test links to a page from external pages
      • Test all links on a page for correct operation
      • Test links to anchors on the same page
      • Test email mail-to links Identify orphan pages – pages that are not linked from other pages

      Test Web forms on the page

      • Check the field validation logic for each field Check default values for each field
      • Check that password fields do not show the password contents
      • Negative test invalid input values for each field
      • Validate the response to a form submit

      Session and Cookie Management Testing

      • Check application log-in sessions by enabling and disabling cookies
      • Negative test cookies by using a mismatching domain
      • Check that session cookies reset between browser sessions
      • Check application security by selectively deleting cookies while a test operates

      Validate Cascading Style Sheet (CSS) tags

      • Identify CSS tags that return 404 or other CSS load errors
      • Identify HTML id, class, and name attributes that do not match any CSS tags

      Validate JavaScript tags

      • Identify Script tags that return 404 or other load errors
      • Identify id, name, on… attributes that do not match any Script tag

      Dynamic content testing (aka Database testing)

      • Check data consistency in database-driven Web forms
      • Check create, edit, delete, update (CRUD) tasks
      • Verify data retrieval delivers the correct data
      • Identify database connectivity and query errors
    • Performance Testing

      Performed to verify the server response time and throughput under various load conditions.

      Load Testing

      Linear scalability – where an application’s performance does not vary as the number of users increases – is the Holy Grail of Web application testing. Load testing identifies a Scalability Index for your Web application performance.

      • Check server response to browser form submit requests
      • Identify performance changes over a period of time
      • Test for functions that stop working at higher levels of user load
      • Identify the network latency problems on Web application function

      Stress Testing

      • Determine how the application responds under high levels of load
      • Identify portions of the Web application that fail under high levels of load
      • Identify application function after a system crash or component failure
      • Identify forms and links that operate differently under high levels of load

      Soak testing

      Soak Testing also known as endurance testing, is performed to determine the system parameters under continuous expected load. During soak tests the parameters such as memory utilization is monitored to detect memory leaks or other performance issues. The main aim is to discover the system’s performance under sustained use.

      Spike testing

      Spike testing is performed by increasing the number of users suddenly by a very large amount and measuring the performance of the system. The main aim is to determine whether the system will be able to sustain the work load.

    • Application Security Testing

      Protect Web application data and maintain functionality as designed. Performed to verify if the application is secured on web as data theft and unauthorized access are more common issues and below are some of the techniques to verify the security level of the system.

      • Injection
      • Broken Authentication and Session Management
      • Cross-Site Scripting (XSS)
      • Insecure Direct Object References
      • Security misconfiguration
      • Sensitive Data Exposure
      • Missing Function Level Access Control
      • Cross-Site Request Forgery (CSRF)
      • Using Components with Known Vulnerabilities
      • Invalidated Redirects and Forwards
    • Usability Testing

      The design and presentation of an application has a large impact on the success your users will have in using the Web application.

      Test For Navigation

      • Check for the user to have apparent and easy controls to move from page to page.
      • Test the flow of a Web application by observing how the user accomplishes their goals
      • Check that the user can find instructions should they not intuitively know how to operate a function
      • Test that common navigation objects appear on every page consistently
      • Test search functions for proper application functions

      Content Checking:

      • Test that content is logically arranged and easy for users to understand
      • Check for spelling errors
      • Check that pages adheres to color and pattern style guidelines, including fonts, frames, and borders
      • Check that images load correctly and with proper sizes
    • Vulnerability Analysis and Penetration Testing

      Vulnerability Assessment and Penetration Testing provides enterprises with a more comprehensive application evaluation than any single test alone. Using the Vulnerability Assessment and Penetration Testing approach gives an organization a more detailed view of the threats facing its applications, enabling the business to better protect its systems and data from malicious attacks. Vulnerabilities can be found in applications from third-party vendors and internally made software, but most of these flaws are easily fixed once found. This testing enables IT security teams to focus on mitigating critical vulnerabilities while the VAPT provider continues to discover and classify vulnerabilities.

    • Portability Testing

      Portability testing is a type of testing in which Software application is installed from one environment to other, may be from one platform to another platform with different hardware and software configuration. The whole purpose is to check whether application is able to run and can be deployed in different applicable environment, in order to satisfy business needs of the customer. If we see in terms of software application, running the whole application is also important to check whether whole of the application functionality is running in different environment. Apart from running the functionality of the application manually, it is also required sometimes to run automation testing suite to check if the application functionality is working fine in different environments.

    • Interoperability Testing

      Interoperability is a technique how an application interacts with another application. So when we do the Interoperability testing, we check how the data from 1 application is transferred into another application without prior intimation, in a meaningful manner, and further processed to give the accepted output.

    • Accessibility Testing

      Accessibility Testing is a subset of usability testing, and it is performed to ensure that the application being tested is usable by people with disabilities like hearing, color blindness, old age and other disadvantaged groups.

      People with disabilities use assistive technology which helps them in operating a software product.

      Speech Recognition Software – It will convert the spoken word to text , which serves as input to the computer.
      Screen reader software – Used to read out the text that is displayed on the screen
      Screen Magnification Software – Used to enlarge the monitor and make reading easy for vision-impaired users.

    • Configuration and Compatibility Testing

      Differences in Web browsers, operating environments, and hardware devices impact the correct operation of your Web application.

      Browser compatibility

      Test your Web application for correct function on several browsers, including Firefox, IE, Chrome, Opera, and Safari. Ideally your Web application handles browser differences elegantly.

      Check application function with a variety of browser security profile settings

      Verify application function with browser features turned-off (JavaScript, Cookies)

      Check browser rendering of your application’s user interface

      Check the browser’s security settings for cross domain access and hacks

      Verify consistent application function across multiple versions of a browser

    • Operating Environment Compatibility

      Check application user interface rendering on OS windowing systems
      Check desktop integration functions, including drag-and-drop and file selection
      Test your web application on different operating systems, including Windows, Unix, MAC, Linux, and Solaris

      Mobile Device Compatibility

      Check application compatibility with device services, including location and dialing services
      Check user interface rendering on mobile device screen sizes, including screen rotation
      Verify correct application operation when device is in and out of range of network services

    • Code Review

      Code review is an examination of computer source code. It is intended to find and fix mistakes introduced into an application in the development phase, improving both the overall quality of software and the developers’ skills.

      A Code Review of web application is a line-by-line source code audit looking for implementation errors and evaluating secure coding practices. It not only examines every line of source code for implementation-level issues but also allows to detect all possible existing vulnerabilities in web applications. Code review process allows to identify vulnerabilities that are hard to detect with any other methodology such as, black-box Web Application Penetration Testing. IT Matrix experts have sound knowledge of programming languages and an advanced knowledge on computer information security, which would enable them to make this service effective and comprehensive.

    • Website Testing

      Website testing is combination of all above mentioned points, also GIGW guidelines, IT Policy of client Organization are followed while doing website testing.

Scope of Testing

Type of Testing Scope Test Tools
Functional Testing 100% requirements coverage Manual / Tools
Performance Testing Load, Scalability and Endurance tests Manual / Tools
Application Security Testing Securing Application Manual / Tools
Usability Testing 100% User friendly website/app Manual / Tools
Code Review Secure and Updated Manual / Tools
Vulnerability Analysis and Penetration Testing Making app Secure Manual / Tools
Portability Testing   Manual / Tools
Interoperability Testing   Manual / Tools
Accessibility Testing 100% Accessible and readable Manual / Tools
Configuration and Compatibility Testing 100% requirements coverage Manual / Tools
Website Testing 100% requirements coverage Manual / Tools