Software Testing Methodologies and Techniques | Veracode

Software Testing Methodologies And Techniques

There are a variety of different software testing methodologies development organizations use. The software testing technique an organization uses and the software testing lifecycle it follows are tied to the model it employs to develop its software. The more well-known software development models include the waterfall model, the V-model, the Agile model, the spiral model, the Rational Unified Process (RUP) and the Rapid Application Development (RAD) model. Each of these models employs a different testing methodology — testing the quality and security of software in different ways and at different stages.

Agile

Agile has become the most popular software development methodology in recent years. According to a 2014 InfoQ poll, the majority of firms use Agile techniques in some capacity for software development projects.

With Agile, developers build software incrementally. They break projects down into small segments of user functionality called user stories, prioritize them, and then continuously deliver them in two-week cycles called sprints. The testing methodology is also incremental — each small release is thoroughly tested to ensure quality.

Advantages of the Agile model

  • Increased customer satisfaction due to rapid, continuous delivery of useful software
  • An emphasis on people and interactions rather than process and tools
  • Regular adaptation to changing circumstances

Disadvantages of the Agile model

  • Difficulty predicting the time and effort larger projects will require
  • Dependent on clear customer requirements upfront

Security testing with Agile

Veracode developers use the Agile methodology and find it the most effective method for both code development and testing, in particular security testing. Since testing occurs during the development phase in Agile, coding issues are found earlier when they are easier to fix. With Agile’s software testing techniques, security becomes part of the coding process, not something tacked on at the end — ensuring developers can more easily identify and fix vulnerabilities and deliver a more secure product.

In a recent blog post, Veracode’s director of platform engineering said of security testing with Agile, “By finding vulnerabilities during the coding phase instead of during a separate security hardening sprint, developers need not switch context to work on code written long ago. This saves time and increases velocity — while at the same time ensuring the security of the software being developed, tested and shipped.”