Skip to the main content.

Curiosity Modeller

Design Complex Systems, Create Visual Models, Collaborate on Requirements, Eradicate Bugs and Deliver Quality! 

Product Overview Solutions
Success Stories Integrations
Book a Demo Release Notes
Free Trial Brochure

Enterprise Test Data

Stream Complete and Compliant Test Data On-Demand, Removing Bottlenecks and Boosting Coverage!

Explore Curiosity's Solutions

Our innovative solutions help you deliver quality software earlier, and at less cost!

robot-excited copy-1              AI Accelerated Quality              Scalable AI accelerated test creation for improved quality and faster software delivery.

palette copy-1                      Test Case Design                Generate the smallest set of test cases needed to test complex systems.

database-arrow-right copy-3          Data Subsetting & Cloning      Extract the smallest data sets needed for referential integrity and coverage.

cloud-cog copy                  API Test Automation              Make complex API testing simple, using a visual approach to generate rigorous API tests.

plus-box-multiple copy-1         Synthetic Data Generation             Generate complete and compliant synthetic data on-demand for every scenario.

file-find copy-1                                     Data Allocation                  Automatically find and make data for every possible test, testing continuously and in parallel.

sitemap copy-1                Requirements Modelling          Model complex systems and requirements as complete flowcharts in-sprint.

lock copy-1                                 Data Masking                            Identify and mask sensitive information across databases and files.

database-sync copy-2                   Legacy TDM Replacement        Move to a modern test data solution with cutting-edge capabilities.

Explore Curiosity's Resources

See how we empower customer success, watch our latest webinars, read our newest eBooks and more.

video-vintage copy                                      Webinars                                Register for upcoming events, and watch our latest on-demand webinars.

radio copy                                   Podcasts                                  Listen to the latest episode of the Why Didn't You Test That? Podcast and more.

notebook copy                                           eBooks                                Download our latest research papers and solutions briefs.

calendar copy                                       Events                                          Join the Curiosity team in person or virtually at our upcoming events and conferences.

book-open-page-variant copy                                          Blog                                        Discover software quality trends and thought leadership brought to you by the Curiosity team.

face-agent copy                               Help & Support                            Find a solution, request expert support and contact Curiosity. 

bookmark-check copy                            Success Stories                            Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.

file-document-multiple (1) copy                                 Documentation                            Get started with the Curiosity Platform, discover our learning portal and find solutions. 

connection copy                                  Integrations                              Explore Modeller's wide range of connections and integrations.

Better Software, Faster Delivery!

Curiosity are your partners for designing and building complex systems in short sprints!

account-supervisor copy                            Meet Our Team                          Meet our team of world leading experts in software quality and test data.

calendar-month copy                                         Our History                                Explore Curiosity's long history of creating market-defining solutions and success.

check-decagram copy                                       Our Mission                                Discover how we aim to revolutionize the quality and speed of software delivery.

handshake copy                            Our Partners                            Learn about our partners and how we can help you solve your software delivery challenges.

account-tie-woman copy                                        Careers                                    Join our growing team of industry veterans, experts, innovators and specialists. 

typewriter copy                             Press Releases                          Read the latest Curiosity news and company updates.

bookmark-check copy                            Success Stories                          Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.

book-open-page-variant copy                                                  Blog                                                Discover software quality trends and thought leadership brought to you by the Curiosity team.

phone-classic copy                                      Contact Us                                           Get in touch with a Curiosity expert or leave us a message.

3 min read

GDPR and testing: Are you a sceptic or a gambler?

GDPR and testing: Are you a sceptic or a gambler?

Last week, we published a blog making the case for the next generation in TDM “best practice”. We considered why the logistical approach of “mask, subset, clone” provisioning cannot provide the data parallel test teams need, when they need it.

This week’s blog considers the benefit of “Test Data Automation” from the perspective of one of the core TDM requirements: test data compliance. In particular, this blog sets out the repercussions of the EU General Data Protection Regulation (GDPR) for testing, and how a new TDM paradigm can ensure compliance while also maximising testing speed and quality.

Test Data Compliance: An issue that won’t go away

The proposal for the EU General Data Protection Regulation (GDPR) was made as long ago now as 2012, and the Regulation was adopted in 2016. Throughout this time, two broad responses to the tightening legislation has been common among testers:

  1. The sceptic:“Big organisations will simply group together and resist this in the courts. Nothing will change in practice and there’s no way that national data protection agencies will be able to demand so much change so quickly, let alone levy fines this big.”
  2. The gambler:“Fines will still only be levied following high-profile data breaches. There’s no way agencies are going to start performing regular audits, let alone audit my company. Besides, the chances of us suffering a data breach are slim to none – it’s never happened before!”

2019: An issue that can’t be ignored

Fast forward five years and the implementation period is now over. The GDPR is now in force, and eye-watering fines cast doubt on the responses of both the sceptic and gambler. The steep punishments levied recently are a reminder of the real threat of data breaches, but also a serious statement of intent regarding the enforcement of the GDPR.

In July, for example, the UK’s Information Commissioner’s Office (ICO) announced a record fine of £183 million for British Airways, relating to the harvesting of 500,000 customer details by attackers. That reflects roughly 1.5% of BA’s annual worldwide turnover for the previous year, smashing the ICO’s previous record fine of £500,000. National enforcement agencies appear willing to impose the full force of the GDPR’s deterrents. 

The announcement of an intended £99.2 million fine for Marriott International came a day later, relating to the exposure of 339 million guests’ information. 30 million of the guests records belong to Europeans, but Marriott is a US company. This dispels the further scepticism regarding the ability of national agencies to enforce the GDPR’s global scope.

Authorities in each instance point to a lack of sufficient security measures, and also to the responsibility organisations of every size have for the data they process. So, how does this relate to testing practices?

We need to talk about TDM…

From a QA perspective, one glaring practice screams security risk: the use of production data in test and development environments. This has long been warned against from a data privacy perspective, yet 65% of organisations still use potentially sensitive production data in testing.[i]

Production data does appear an obvious place to source production-like data for testing. The issue is that test and development environments are necessarily less secure than production, so that any sensitive data stored in them increases the risk of a data breach.

Then there’s the rights of European Data Citizens, which have been strengthened by the GDPR. These rights apply regardless of whether a data breach has occurred, and present further challenges for current QA practices.

The Rights to Data Erasure and Data Portability are good examples. An EU Data Subject can request all that all their data is erased “without delay,” and can also ask for a complete copy of their data stored by an organisation.

This presents a logistical nightmare for current Test Data Management (TDM) practices. Many organisations store data across test environments, in unmanaged formats like spreadsheets on testers’ local machines. Such organisations struggle to know where certain data is kept, and will therefore struggle to identify, copy and delete it on demand.

Improving data security and test data quality

The good news is that using production data in test environments is frequently avoidable. Synthetic test data generation is today capable of generating realistic test data for even complex systems, rapidly mirroring the data dependencies found in production.

Quality synthetic test data is built from a model of the metadata found in production. It reflects even complex patterns in data like temporal trends, all while remaining wholly fictitious. It therefore supports accurate and stable test execution, without the risk of exposing sensitive information.

The benefit of increased security is furthermore coupled with a significant quality gain for QA. Synthetic data can be generated for the numerous data combinations not found in existing production data, including the negative scenarios and outliers needed for complete test coverage.

Improving data security in testing is not therefore just a logistical issue: it can drive up test coverage, improving the quality of software and reducing defect remediation efforts.

Organisations will not be able to switch to using wholly synthetic test data overnight. Nonetheless, an effective TDM strategy should aim to replace production data gradually with fictitious test data. This “hybrid approach” continues working with production data where needed, in time replacing all test data sources with fictitious, coverage-enhanced equivalents. Testers and data protection officers (DPOs) can then enjoy peace of mind, all while improving application quality.

Thanks for reading! Please feel free to share your thoughts using my email address below, and look out for next week’s blog on creating high-coverage test data sets. To learn more about how test data compliance can also maximise testing rigour, please join Curiosity’s Huw Price in the DevOps Bunker. On the webinar, Huw will consider why “The Time for a New Test Data Paradigm is Now“.

watch now

[i] Redgate (2019), State of Database DevOps, 23. Retrieved from on 19 June 2019.

5 Techniques for Overcoming Test Data Bottlenecks

5 Techniques for Overcoming Test Data Bottlenecks

The demand for ever more complex, varied, and larger data has created a situation where QA can no longer keep up. Burdened by outdated Test Data...

Read More
Solutions for a successful data migration

Solutions for a successful data migration

The previous article in this series set out how a successful data migration hinges on a range of criteria:

Read More
Test Data is make or break for parallel testing and development

Test Data is make or break for parallel testing and development

Today, there is a greater-than-ever need for parallelisation in testing and development. “Agile” and iterative delivery practices hinge on teams...

Read More
Quality Testing Requires Quality Data

Quality Testing Requires Quality Data

My two most recent blogs have made the case for a new TDM paradigm called “Test Data Automation”. The first article considered how a logistical...

Read More
5 Ways to Keep Your Test Data Compliant

5 Ways to Keep Your Test Data Compliant

As a result of the constantly evolving environment of global data protection legislation, test data management has become increasingly complex....

Read More
Automated Test Data is Key to CI/CD and DevOps

Automated Test Data is Key to CI/CD and DevOps

Software delivery teams across the industry have embraced new(ish) approaches to development, from the different flavours of agile, to DevOps,...

Read More
GDPR and testing: A few questions to ask yourself

GDPR and testing: A few questions to ask yourself

I’ve been harping on about GDPR and other recent developments in compliance for years now, and it’s good to see QA organisations are now seriously...

Read More
Key risk factors to mitigate during a data migration

Key risk factors to mitigate during a data migration

Part one in this article series summarized the shockingly high failure rates for migration projects, identifying data migration as a key area of...

Read More
Turn GDPR Compliance into an Opportunity for Better, Faster Testing

Turn GDPR Compliance into an Opportunity for Better, Faster Testing

Ever-tighter data privacy legislation like the EU General Data Protection Regulation and The California Consumer Privacy Act has made test data a...

Read More