Client Overview
Customer is a venture-backed, score based enterprise implementing SaaS solution for experience management, digital checklist, and sensory evaluation. They are having 15+ years of experience in digitizing their customers’ business workflow and operationalizing actionable insights through proprietary, real-time scoring in various sectors like healthcare, government, energy, food & beverages etc.
Business Challenge
Based on their customer’s specific business needs, they built a customized three-level business application for their customer’s HR practices and programs. The tailor-made employee survey application of one of their customers wanted to ensure the security framework is built to fulfil the legal compliance of the industry.
1. Identifying vulnerabilities and ensuring security functionality
2. Evaluate and improve the security of software
3. Implementing model-based security testing
4. Ensuring proper handling of sensitive data of the connected cloud system
5. Ensuring testing of security properties:
a. Confidentialities
b. Integrity
c. Availability
d. Authentication
e. Authorization
To perform validation and verification of a survey system for employees to solicit their ideas and opinions and measure soft skills via a job simulation.
Solution Highlights
Our team was committed to ensuring that the best practices of security testing are implemented to ensure the delivery of security properties to their customer. We implemented security vulnerability testing approaches i.e., vulnerability coverage, source of test cases, test case generation method, testing level, test case granularity, tool automation as well as target applications.
• Established security and privacy Requirements through test case minimization, prioritization and selection
• Performed privacy and security risk assessments
• Established design requirements to define vulnerability as faults
• Use of Threat modelling
• Performed Code-based testing and Static
• Conducted penetration testing and dynamic analysis
• Conducted attack surface review
• Conducted final security review
• Performed vulnerability scanning
• Conducted Security regression testing
• Automated Testing was conducted for a large multilingual assessment test and survey system using the Gateway Test Automation Framework (GTAF)
• Test case scenarios & functional flow verification
• Verification of Survey & assessment field input validation
• Test Automation scripts to minimize coding & logical errors
• Test case scenarios & functional flow verification
• Preparation & Execution of Test automation regression suite using GTAF
• Employee Opinion/Organizational effectiveness survey
• Device compatibility-tested using various iOS & Android devices along with five different browsers of mobile & web
• Agile testing comprised of 2-week “sprint” followed by regression and end to end testing
Benefits
• More than 90% of the test cases automated
• Increased test accuracy across different platforms
• More adaptive to ongoing changes
• Identified and ensured that the specified or intended security properties are, for a given set of assets of interests, and are correctly implemented
Book a Meeting