XML, SOAP, REST Testing for SOA and Cloud Computing

SOA Testing

Subscribe to SOA Testing: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SOA Testing: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong? API Security has been added to OWASP Top 10 2017 - RC1. This is a commendable step taken by the web application security thought leaders and is a clear indication of where the industry is heading. Security professionals have all the tools and awareness to fence in applications, databases and legacy systems through firewalls. OWASP has served the security professionals well... (more)

Application Development in the Clouds - Mike Vizard and John Michelsen

Mike Vizard at eWeek recently hosted a podcast with ITKO???s John Michelsen, on "Application Development in the Clouds." In this conversation, John and Mike talk about how cloud computing is going to upend the way IT organizations think about SOA and application development in general. Mike started by mentioning the increased number of dependencies that SaaS brings to SOA testing. John said Mike really nailed the problem - it is something we are seeing in every engagement that relies on third party or shared services environments. The traditional waterfall method, and its assumptions, are now all undermined, and so much rethinking needs to be done. But the effort is worth it. Mike, as seen on the left, next discussed the increased reuse happening in SOA. This broadens the need for trust. John, as seen below on the right, said that SOA requires good governance polici... (more)

Cloud Governance Awakens

As we predicted earlier in the year, cloud computing is starting to take hold, especially if you believe the marketing literature of vendors and consulting firms. Yet, we are seeing an increasing number of Cloud success stories, ranging from simplistic consumption of utility Services and offloading of compute resources to the sort of application and process clouds we discussed in a previous ZapFlash. Perhaps the reason why usage of the Cloud is still nascent in the enterprise is because of an increasing chorus of concerns being voiced about the usage of Cloud resources: Cloud availability. Cloud security. Erosion of data integrity. Data replication and consistency issues. Potential loss of privacy. Lack of auditing and logging visibility. Potential for regulatory violations. Application sprawl & dependencies. Inappropriate usage of Services. Difficulty in managing i... (more)

CA, Inc. Joins Cloud Security Alliance

CA Session at Cloud Expo CA, Inc. on Thursday announced it has joined the Cloud Security Alliance as a corporate member to help establish and promote best practices for security in cloud computing. CA will support the Cloud Security Alliance's initiatives and working groups with identity and access management knowledge and expertise, and provide input into the next release of the group's Security Guidance for Critical Areas of Focus in Cloud Computing. "CA is working with enterprise customers and cloud service providers to securely adopt and deliver cloud services. We look forward to collaborating with the CSA members to deliver guidance for meeting security concerns that challenge cloud adoption," said Dave Hansen, corporate senior vice president and general manager of CA's Security and Compliance business unit. CA demonstrated a portion of its cloud security capa... (more)

Cloud Expo Bronze Sponsor Releases OLAP Engine for Performance Testing

SOASTA Session at Cloud Expo "Performance Engineering is a perfect application for the next generation of this technology." said Ken Gardner, CTO and Executive Chairman, SOASTA, "as it’s become increasingly difficult to use existing enterprise tools to uncover the issues that cause latency and unreliability in the new world of rich-media, high traffic, consumer-facing websites." Register Today and Save $550 ! Explore Sponsorship Opportunities ! Gardner, whose company SOASTA Inc. is Bronze Sponsor of Cloud Expo 2010 East being held April 19-21, 2010 at the Jacob Javits Convention Center in New York, was speaking on the occasion of SOASTA's announcement today - just one week before Cloud Expo - that it has extended its industry leading performance testing solution CloudTest with the release of CloudTest Analytics, the first real time Business Intelligence engine purpose-... (more)

Crosscheck Networks Drives Business-Critical SOA

Crosscheck Networks, Inc. on Tuesday introduced the next generation of its flagship product, Forum Sentry v8.0, helping organizations seamlessly migrate their enterprise SOA deployments to the cloud while capitalizing on the cloud computing model for business and competitive advantage. The company unveiled the latest version of Forum Sentry at the International SOA & Cloud Symposium (http://soasymposium.com), the world's largest international SOA and cloud computing conference. Notably, at the show today, Crosscheck Networks (Booth # 13) CEO Mamoon Yunus will explore enterprise-to-cloud migration in the session, "Requirements for Extending Enterprise SOA to Public Clouds (http://soasymposium.com/agenda2010.php)." Additionally, company CTO Jason Macy will share best practices in SOA threat defense in "SOA Threat Modelling: Attacking and Defending REST, XML and SOAP ... (more)

Hunting Down the “Herbies” In Your House

Recently some colleagues and I were discussing applications of the Theory of Constraints to various process and financial management scenarios.  In our current  economic environment in which organizations are constantly being pushed to new expectations of efficiency, the effective use of all available resources is absolutely critical to the success of an organization.  As we were considering some of the themes from Eli Goldratt’s classic business novel “The Goal” (right around the first anniversary of the author’s passing, coincidentally), I began to see the applicability of Goldratt’s work to the management of enterprise information technology much more clearly.  Although the focus of Goldratt’s seminal novel is primarily targeted at manufacturing, the discussion got me thinking about how well IT professionals embrace similar concepts to focus on eliminating bottle... (more)

Making a Case for a Test Case

For software testers to create a detailed test case during the QA process can be tricky: sometimes it's not an option; sometimes it's wasted effort. Here are ways to help make that decision. Part of the skill set required to be a good tester involves the ability to assess a software project and decide when it's worth putting in the effort to create really detailed test cases. Sometimes the software will lend itself to unstructured testing, sometimes the development methodology will dictate a specific approach, and sometimes every possible facet will need to be covered. If you plotted projects on a graph you would get a bell curve because most of them fall somewhere in between the casual and the comprehensive. How Do You Decide? There are various factors that are going to weigh on any decision. Some of them leave no room for ambiguity, for example: There are legal ... (more)

Three Tips for Testing Your EDI System

Electronic Data Interchange (EDI) allows businesses to send information to other businesses through electronic means instead of paper. A wide range of business documents can be sent with EDI, including invoices and purchase orders. Many companies prefer to use EDI because of the way it standardizes the process of exchanging business documents. In an increasingly digital age, there is no question that EDI is critical to the success of many companies. However, to develop and maintain a successful EDI system, you must test it on a regular basis. Following are three tips for testing your EDI system to assist you with this process. Familiarize Yourself with the Types of Compliance Testing Different EDI systems must undergo different compliance tests to be deemed successful. While no single set of tests is appropriate for every system, it is important that EDI systems go t... (more)

SOA Testing Framework

Service-oriented architecture (SOA) has become today's technology buzz and it's rapidly becoming a mainstream approach to enterprise systems design. Beyond the buzz of SOA, organizations face several challenges as they attempt to truly effectuate the paradigm shift towards SOA. One critical challenge is: How can we assure the quality of the business services that we build? Can the services we build withstand the test of rapid organizational change? One way to address this challenge is through the use of effective testing methodologies and tools for the services deployed under an organization's SOA fabric. A new development methodology - services-oriented development of applications (SODA) - is emerging to accompany the paradigm shift toward SOA. Today's agile software teams need effective tools to smoothen the transition. This article analyzes, designs, and demonst... (more)

Solstice Software Expands Testing Validation Support for SOA Web Services Projects

Solstice Software, specialized in behind-the-screens message testing, announced the availability of Integra Enterprise 5.0, the company’s enterprise-class integration testing suite. The latest version of Integra Enterprise provides process-level visibility and validation, enhanced security testing, and expanded support for industry leading enterprise protocols. "The combined top level support, service-level enhancements, and expanded message-level support provide an unprecedented end-to-end view for testing integration," according to the company. The ability to quickly diagnose — at a component level — where in a process an error exists, provides dramatic time savings in SOA testing. By giving control of this view to testers and business users who understand the logic, Integra Enterprise enables testing teams to effectively validate SOA and integra... (more)