Ensuring The Efficiency and Effectiveness of Software Testing Contracts
Using Function Point Analysis and model-based testing to objectively measure services. A perpetual challenge in managing software testing projects is...
Design Complex Systems, Create Visual Models, Collaborate on Requirements, Eradicate Bugs and Deliver Quality!
Product Overview | Solutions |
Success Stories | Integrations |
Book a Demo | Release Notes |
Free Trial | Brochure |
Pricing |
Our innovative solutions help you deliver quality software earlier, and at less cost!
AI Accelerated Quality Scalable AI accelerated test creation for improved quality and faster software delivery.
Test Case Design Generate the smallest set of test cases needed to test complex systems.
Data Subsetting & Cloning Extract the smallest data sets needed for referential integrity and coverage.
API Test Automation Make complex API testing simple, using a visual approach to generate rigorous API tests.
Synthetic Data Generation Generate complete and compliant synthetic data on-demand for every scenario.
Data Allocation Automatically find and make data for every possible test, testing continuously and in parallel.
Requirements Modelling Model complex systems and requirements as complete flowcharts in-sprint.
Data Masking Identify and mask sensitive information across databases and files.
Legacy TDM Replacement Move to a modern test data solution with cutting-edge capabilities.
See how we empower customer success, watch our latest webinars, read our newest eBooks and more.
Events Join the Curiosity team in person or virtually at our upcoming events and conferences.
Blog Discover software quality trends and thought leadership brought to you by the Curiosity team.
Help & Support Find a solution, request expert support and contact Curiosity.
Success Stories Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.
Documentation Get started with the Curiosity Platform, discover our learning portal and find solutions.
Integrations Explore Modeller's wide range of connections and integrations.
Curiosity are your partners for designing and building complex systems in short sprints!
Meet Our Team Meet our team of world leading experts in software quality and test data.
Our History Explore Curiosity's long history of creating market-defining solutions and success.
Our Mission Discover how we aim to revolutionize the quality and speed of software delivery.
Our Partners Learn about our partners and how we can help you solve your software delivery challenges.
Careers Join our growing team of industry veterans, experts, innovators and specialists.
Press Releases Read the latest Curiosity news and company updates.
Success Stories Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.
Blog Discover software quality trends and thought leadership brought to you by the Curiosity team.
Contact Us Get in touch with a Curiosity expert or leave us a message.
3 min read
Rich Jordan 12 March 2024 14:00:00 GMT
As cloud adoption accelerates, most organizations now pursue multi-cloud strategies. These span SaaS, PaaS, and IaaS offerings. This diversified approach prevents vendor lock-in, but also introduces additional test complexity. Quality assurance must validate functionality, security, compliance and resiliency, but this requires testing expertise across a matrix of layers and ownership boundaries.
The core challenge stems from the shared responsibility model underpinning cloud delivery. Customers and providers divide management, configuration and testing responsibilities differently across different parts of the technology stack. Where these boundaries intersect, gaps can occur and expose vulnerabilities unless consciously mitigated through expanded test coverage.
A “shared responsibility model” for cloud security, provided by the UK’s National Cyber Security Centre and reused under the Open Government Licence (OGL) v3.0.
The scope of what your organisation can (and must) test is dictated by the distribution of control within each cloud delivery tier:
Assuring SaaS quality constitutes the narrowest test ownership for cloud customers, as providers manage the entirety of the infrastructure and platforms. Nonetheless, you must validate an awful lot:
Authentication and access controls;
Workflow and business logic mapping;
User scenarios, rendering, and experience;
Security of any confidential data shared.
In PaaS, clients control deployed applications while providers manage lower environment layers. This adds even more to your cloud quality responsibilities:
API security profiling;
Performance & capacity testing;
Negative path & exception handling;
Dependency version changes;
Security scanning of application images.
With infrastructure under client control, in IaaS introduces significantly heavier validation lifts:
Infrastructure hardening & baseline configuration;
Network segmentation, routing and ingress testing;
Workload isolation across virtual systems;
API abuse & privilege escalation attempts;
Resiliency against infrastructure component failures.
While well-understood internally, shared responsibility demands broader quality assurance skills when engaging third-party capabilities.
As responsibilities subdivide across cloud delivery tiers, gaps readily emerge, allowing defects to be missed:
Providers often validate just infrastructure/platform functionality, not usages ultimately running on top of them.
Clients lack lower environment access to test security controls like firewall rules or to generate loads mirroring production.
Blurry hand-off boundaries emerge around patching, logging, and monitoring ownership.
Lagging documentation of configuration plus environment sprawl obfuscates change detection.
Further exacerbating matters, traditional testing groups frequently split along technology layers. App test, sec test, perf test may not integrate efforts into addressing shared quality risks. This encourages assumptions that a partner validated a specific area leading to blind spots.
With each side lacking full-stack visibility, accountability gaps emerge. Both sides overestimate the other's quality assurance investment. Providers stress robust platforms, assuming clients perform app security hardening. Clients expect providers to cover patching, DDoS and malware vectors as part of advertised security services, leaving gaps in practice.
Assuring quality across multi-cloud security and compliance obligations requires greater visibility and thorough testing processes, including instrumentation and observation across the entire delivery chain. This spans customer, providers, and integrators.
Solutions that model expected behaviours then generate proportionate test cases, offering an ideal mechanism for managing complexity. Models that accurately and dynamically capture systems end-to-end logic furthermore establish core artifacts for driving shared understanding across cloud delivery partnerships.
Some leading practices include:
Maintaining architecture diagrams which map components, communication paths and trust/boundary lines between provider/customer-managed elements.
Modelling identity and access workflows across cloud layers to auto-generate targeted authorization test cases.
Cataloguing assets, configurations and services across cloud accounts/regions into CMDBs, enabling better test data targeting.
Using chaos engineering techniques to simulate infrastructure failures or instances behaving unexpectedly in production.
Crucially, test data and use cases should not be limited to expected, happy paths. Cloud testing must stretch behaviours to address risks emerging from consumption growth, increasing user diversity and integration entropy over time.
While intricate, Quality Assurance approaches leveraging models, automation and shared visual artifacts can establish transparency and collective protection far exceeding isolated efforts. Unified understanding of customer and provider testing commitments allows accurately targeting residual risk.
For cloud consumption models to fulfil their convenience promise without compromising quality or security, testing requires equal innovation. Shifting left to prevent defects via early modelling collaboration combined with transparent observability into runtime environments together deliver the robust cloud outcomes that customers and providers jointly desire.
To learn how Curiosity can help you drive quality across your cloud development, speak to one of our quality experts today!
Using Function Point Analysis and model-based testing to objectively measure services. A perpetual challenge in managing software testing projects is...
With the rise of agile and DevOps practices, software testing is more important than ever for delivering high quality applications at speed. However,...
In many large organizations, software quality is primarily viewed as the responsibility of the testing team. When bugs slip through to production, or...
Test Automation is vital to any organisation wanting to adopt Agile or DevOps, or simply wanting to deliver IT change faster.
When teams are looking to transform, optimize, or cut costs in testing, where do they first look? More often than not, they follow the advice given...
You’re working hard to transform your ways of working, with a range of different goals. Common aims of digital transformations include:
IT change remains a persistent struggle for most organisations today. Software teams are aware of the need to move faster and be more agile; yet,...
It's a new year, and many of us in IT and testing are reflecting on how we can improve our processes and strategies. As we set our 2024 quality...
“We mustn’t use live data for testing”. This is the reason why most organizations start to look at superficial solutions to certain challenges that...