Category: General

Software Testing Types Starting Points

Software Testing Types Starting Points

Which testing type will you start with?

In this article I will explain the most common testing types for web applications with simple words. I will not use ISTQB or other certification authority glossary. I will give tool examples and starting points for more information.

Security is a top priority.

If you are given entire application to test or you own small web app, start with security testing. This testing checks your application vulnerability. Could unauthorized user login or make changes without permissions?  Is your user’s data at risk? Can someone use your application for making profit for himself?

Why is this important?

Who wants to give credit card information to a hacked website?  Not me. Not you.

Imagine you have worked hard for years, have good SEO rank and loyal customers base. Then one day someone hacks your application (web site). You could easily lose your business overnight. Not something you want to experience, right?

Do not have illusions that you can catch complex security bugs. There are experts that specialize in that field for many years and even they cannot discover all issues. Even big companies discover vulnerabilities in their product and provide patches and updates.

Your job is to make your application less vulnerable. Enforce good password policy. If you own small WordPress site, install security plugin with firewall such as WordFence. If you work in a bigger company, involve related stakeholders (administrators, security experts). Good place to start is OWASP top ten list with vulnerabilities.  Test for the ten most common vulnerabilities and share your findings with the developers in your team.

What to focus on next?

Nobody wants to wait. Performance is essential.

Performance testing is ensuring that your application is fast enough for a wanted period of time with expected users number. Generally the faster, the better, 2 seconds is considered as the limit for responsiveness. Maximum two seconds after user has requested URL, he should see something valuable, or he will leave.

An easy way to check your current speed and areas for improvements is online on or web page test.

SEO testing

You have thought of security and performance. But if your site is not indexed properly by search engines, you will either not have customers, or will have to spend more on paid advertising and direct marketing.

Search engines like Google and Bing like great content, semantic markup and structured data. Your robots.txt and sitemap files should be carefully updated. I have heard a joke:

“What is the ultimate revenge of a fired SEO expert?”

The answer is :

“To put in robots.txt file only the two lines below.”

User-agent: *
Disallow: /

With these simple lines, you are telling that you do not want your site to be indexed. Not funny at all if this had happened to you.

Good starting points are Google Analytics and Google Search Console. From Google Analytics I extract information such as most popular pages and real users number and behavior.  I use Google Search Console for finding crawling errors and request indexing. In order to use them you should have account and you have to add applications that you could verify are yours.

Cross-browser and cross devices testing

Your application should look equally well on different browsers and mobile devices with different screen resolution. Quick way of doing responsive testing is to resize your browser window or use browser extension like Chrome Window Resizer.

I often use Chrome device mode before testing on real devices, because it saves me time. You can use this mode following the steps:

  1. Open Chrome browser.
  2. Press F12.
  3. Press Toggle Device Toolbar (Ctrl+Shift+M)

When you want to return to normal browser mode, you should press the same icon.

Functional testing

Ensure your web application functions as intended. For example, if you distribute products as downloadable files, ensure users can really download them. On my site, there is a search form. Functional testing will be to execute searches with different input strings and see whether expected results are returned.

As a starting point, you could assess your application functionalities, what are their priorities and risk. Write test cases or checklists that cover them.

Integration testing

This is testing how your application communicates with other applications. For example currently on this post I have enabled Disqus post comments instead of default WordPress comments. I should test that user can post and the post appears both in the blog post and in Disqus admin area for my site.

You should have a list of such integration points.

Regression testing

Ensuring that something that worked yesterday, is working today. Great way to execute this type of testing  is using automation tools, such as Selenium. You can do regression testing manually, but it is more error prone and time-consuming.


The article explained briefly the most common types of testing for web applications. It provided real live starting points for security, performance, SEO, cross-browser, integration and regression testing. In next articles I will go into more details on how to perform the tests, as well as I will give real bug examples.  See this article for the four most important things to consider, before you start testing.

Software Testing First Steps

Software Testing First Steps

So are you ready to start testing web applications?

What are the most important things to consider?

From my experience,  before you start testing anything, you should be well prepared.

1. Domain knowledge is essential.

For example if you have not tested for directory traversal vulnerability (security testing), make a research and prepare a checklist with your test cases. You will not be able to find a specific bug if you are not aware what to look for. If you don’t know what is capybara, how you will know where to look for it?

 2. Access the current state of the application (system under test – SUT).

I often make screenshots and test logs, because I find them very useful. If you miss this step and you find bugs, you will not be sure where they came from. Are they legacy bugs or are introduced recently by the developer of your current story? What would you do if your manager asks you: “Have you tested X and Y scenario?” If you have test log or checklist, you will be able to answer without hesitation.

3. Test data (data you test with) is extremely important.

I have seen my colleagues testing with strings that mean nothing at all, such as test test or asd asd. This step is even more important when you do integration testing. With simple words, integration testing is how your application interacts with other applications. If you test forms, usually you can add unique identifier for your submissions, such as the date, your name initials or the functionality you are testing, in one or all fields of the form. This identifier will help you to find your submissions and to validate your results.

4. Tools and extensions

Think for tools that can make your current quality assurance task easier and less error prone. Below you can find examples of two tools for test data generation. Example for online site for test data generation is I like that there are predefined test data fields, including names, cities, credit card numbers, and you can download the data easily as Excel file. You can find more easy to use online resources in this article.

I find often useful Chrome plugins for different testing tasks. For easier testing of forms, for test data generation I use bug magnet Chrome extension (available on right mouse click).

For more than 16 other great browser extensions, visit this article.


In this article I reviewed four most important things that you should think of, before you start testing. They are to acquire domain knowledge, to assess the application state before the tests, to prepare test data and tools for execution of the testing.

If you are still curious what is capybara, it is a cute animal, you can google it. Also there is a test framework named Capybara. It is OK to don’t know something, as long as you are able and willing to find information for filling the gaps. This is very important for a quality assurance expert.

Do You Want to Become a Software Quality Assurance Expert?

Do You Want to Become a Software Quality Assurance Expert?

Quality Control
If you are not sure whether to take the journey to becoming a quality assurance savvy, this post is just for you. First things first.

What is Quality Assurance?

There are many definitions, but for me it is:

Delivering a product or a service that is easy to use, easy to learn, and meets stakeholders needs, incl. legal compliance.

I truly believe in Agile Manifesto. I did not write “meets requirements” on purpose. Because requirements are something we put on paper or discuss in a conversation. They are not something we set in stone. Often the stakeholders cannot express their needs correctly. It is a part of your job  to discuss and clarify as well as you can. That is why QA expert needs good communication skills and analytical thinking. Also nice to have is the ability to understand complex requirements and find the pitfalls as early as possible.

There is a theory that to become an expert in something, for example to learn a language or to play a musical instrument, you should dedicate to it, on average, 10 000 hours. Truth is that there are no magical numbers, but hard-working would certainly help you in achieving your goals.

What else do you need?

Curiosity and passion for constant learning and development. Gaining domain knowledge is a must.

QA is like a good doctor. And equally important. If the issues (bugs) are found early, the consequences for the project and the reputation of the company will be not as serious as if found later.

You should also be able to deal with uncertainty, because exhaustive testing is not always possible. You often rely on risk assessment and prioritization for your testing efforts.

Do you think you lack something?

Maybe you are considering a career change, and you are not sure whether you can switch to QA?

If you are passionate and curious, every other skill can be acquired.

This blog can help you with the constant learning, keep reading!