It’s not the primary job of a tester to find all the bugs in a product. Unless you have an extremely small product that runs on a very limited system, you won’t be able to find all the bugs unless you don’t plan on releasing the product for a very long time.
The primary job of a tester is not to get all bugs fixed either. There are always bugs that will remain unfixed as a conscious decision. Testers also do not generally make decisions on which bugs get fixed and which ones are deferred to a later date, or even those that there are no plans to fix.
The primary job of a tester is also not to decide when to ship a product. Although you can relay the state of the product to the company, the decision to release the product is typically made by the company or a team within the product group.
Functional testing is testing that is performed on behalf of a legitimate user of the product who is attempting to use it in the way it was intended to be used and for its intended purpose. This is who the functional tester is really the advocate for.The majority of functional testing is done from the viewpoint of a customer.
Testing from only customer viewpoint will cause you to bypass a large percentage of security tests. Most security vulnerabilities, although they have a chance of being discovered by the intended customers, are unlikely to be exploited by them.
The customer may call technical support to report the bug or maybe just grumble about it to friends or acquaintances. It’s unlikely that many of the intended customers will even recognize that bug as more than a nuisance or sign of poor quality, let alone correctly see it as a security risk.
The attention of functional testing is much more focused on how to enable the customers to perform their tasks in the easiest and most convenient way possible while providing enough checks and safety measures so that they can’t cause inadvertent harm too easily. It’s a sort of
“protect them from themselves” mentality.
If any security testing is done,it tends to focus on things such as permissions and privileges but, again,only based around the assumption that the customer is using something like the login functionality as intended.
In essence, because you are performing tests on behalf of a customer,you are trusting that all people using the software you are testing are customers and not merely consumers.
Customers are the people or organizations that your software is intentionally written to solve a problem or problems for. They have been the main focus throughout the entire development cycle, from the gathering of requirements through the implementation, and that then provides the basis for functional testing.
Customers are the people or organizations that your software is intentionally written to solve a problem or problems for. They have been the main focus throughout the entire development cycle, from the gathering of requirements through the implementation, and that then provides the basis for functional testing.
Consumers, on the other hand, are those people or organizations that might use your software in a way it was or was not intended and who are not included in your customers. Sometimes your product’s consumer base grows because your product is able to perform some task as part of its normal repertoire, and that task is all that the consumer wishes to accomplish.
Sometimes it is because your product interfaces with some other software or hardware, and the consumer wants to use that ability to interface to their own advantage or because they think it may be exploitable.
Related Posts
Software security vocabulary
TESTING CONSTRAINTS PART TWO
LIFE CYCLE TESTING
TEST METRICS
Independent Software Testing
Test Process
Testing verification and validation
Functional and structural testing
Static and dynamic testing
V model testing
Eleven steps of V model testing
Structural testing
Execution testing technique
Recovery Testing technique
Operation testing technique
Compliance software testing technique
Security testing technique
The primary job of a tester is not to get all bugs fixed either. There are always bugs that will remain unfixed as a conscious decision. Testers also do not generally make decisions on which bugs get fixed and which ones are deferred to a later date, or even those that there are no plans to fix.
The primary job of a tester is also not to decide when to ship a product. Although you can relay the state of the product to the company, the decision to release the product is typically made by the company or a team within the product group.
Functional testing is testing that is performed on behalf of a legitimate user of the product who is attempting to use it in the way it was intended to be used and for its intended purpose. This is who the functional tester is really the advocate for.The majority of functional testing is done from the viewpoint of a customer.
Testing from only customer viewpoint will cause you to bypass a large percentage of security tests. Most security vulnerabilities, although they have a chance of being discovered by the intended customers, are unlikely to be exploited by them.
The customer may call technical support to report the bug or maybe just grumble about it to friends or acquaintances. It’s unlikely that many of the intended customers will even recognize that bug as more than a nuisance or sign of poor quality, let alone correctly see it as a security risk.
The attention of functional testing is much more focused on how to enable the customers to perform their tasks in the easiest and most convenient way possible while providing enough checks and safety measures so that they can’t cause inadvertent harm too easily. It’s a sort of
“protect them from themselves” mentality.
If any security testing is done,it tends to focus on things such as permissions and privileges but, again,only based around the assumption that the customer is using something like the login functionality as intended.
In essence, because you are performing tests on behalf of a customer,you are trusting that all people using the software you are testing are customers and not merely consumers.
Customers are the people or organizations that your software is intentionally written to solve a problem or problems for. They have been the main focus throughout the entire development cycle, from the gathering of requirements through the implementation, and that then provides the basis for functional testing.
Customers are the people or organizations that your software is intentionally written to solve a problem or problems for. They have been the main focus throughout the entire development cycle, from the gathering of requirements through the implementation, and that then provides the basis for functional testing.
Consumers, on the other hand, are those people or organizations that might use your software in a way it was or was not intended and who are not included in your customers. Sometimes your product’s consumer base grows because your product is able to perform some task as part of its normal repertoire, and that task is all that the consumer wishes to accomplish.
Sometimes it is because your product interfaces with some other software or hardware, and the consumer wants to use that ability to interface to their own advantage or because they think it may be exploitable.
Related Posts
Software security vocabulary
TESTING CONSTRAINTS PART TWO
LIFE CYCLE TESTING
TEST METRICS
Independent Software Testing
Test Process
Testing verification and validation
Functional and structural testing
Static and dynamic testing
V model testing
Eleven steps of V model testing
Structural testing
Execution testing technique
Recovery Testing technique
Operation testing technique
Compliance software testing technique
Security testing technique
