The Future and Challenges of Artificial Intelligence-as-a-Service | AIaaS
With the advent of cloud computing services, the application of Artificial Intelligence for various services has been democratizing for some time. Now companies of all sizes can have access to AI. Within a limited budget, AI is offering many opportunities to improve the business and people’s lives. It has all become possible with the emergence of a relatively new business niche: AIaaS, i.e., AI-as-a-Service, a third-party offering of AI outsourcing.
Everything You Need to Know About Independent Software Testing Infographics
To prevent unexpected problems during the real-world use of any software, it is of utmost importance to test them carefully using appropriate software testing types. In the software industry, independent software testing and quality assurance are of critical significance. The software testing life cycle for an application depends on the application and type. An application can be subjected to scores of software testing before finally being used by end-users. InApp infographic gives an easily understandable overview of different software testing tools and software testing approaches. Independent Software Testing – Through required evaluations and verifications, it ensures that the developed software is of the best quality and delivers all applications and functions as intended. What is the Importance of Software Testing? Software testing is an integral part of well-delivered software. Issues such as security vulnerabilities, scalability issues, invalid functions, poor design decisions, or architectural flaws can bring some unseen or unexpected problems. Defects in an application can tarnish a company’s reputation and lead to dissatisfaction and loss of customers – in extreme cases, even human loss. What are the Methodologies of Software Testing? What are the levels of Testing? What are the types of Acceptance Testing? What are the types of Manual Testing? The testers conduct the tests without using any automation tools, and by playing end-users, they find bugs in the system. What are the types of Automated Testing? In automated testing, pre-scripted test cases are executed by using an automation tool to increase efficiency in the testing. API Testing: In API testing, we check Application Programming Interfaces (APIs) directly to see if they meet the requirements of functionality, reliability, performance, and security. Automated Regression Testing: It is just like manual regression testing except that it is done using an automated method. Who performs the software testing? In-house Testing: Carried out by the internal testers of the company that developed the software, who are well trained and for any issues can be in communication with the developers. Outsourced Testing: Here, the testing is done by an organization outside the company which creates the software Crowdsourced Testing: Carried out by firms that provide professional testing facilities with testers located at different places with access to multiple devices. When should different software tests be done? Accessibility Testing: Performed to check whether disabled people can use the software Compatibility Testing: The application is tested for checking whether it runs on different environments such as operating systems, networks, hardware, etc. Functional Testing: Before the release, the application is tested for specific actions or functions of the work’s code or features. GUI Testing: It ensures the correct functioning of GUI, such as the input field, the size of the button, readability, etc. Load Testing: It checks the behavior of the application under the actual demands of the users. Localization Testing: Tests the quality and acceptability of the application in different cultures and languages. Non-Functional Testing: Tests the breaking point at which non-functional parts result in unstable execution. Penetration Testing: Checks the application’s security and its environment when subjected to cyberattacks through malicious programs. Frequently Asked Questions What are the types of software testing?
Everything you need to know about Software Testing
What is Software Testing? In all industries, whenever a new product is developed, it has to be tested for all its features to check whether the product meets all the predefined criteria before being launched among end-users. It’s more so in the IT industry, where applications are tested for their features and functions to give some unexpected results. In simple terms, we define independent software testing as a process involving many evaluations and verifications to ensure that the developed software is of the best quality and delivers in all applications and functions as intended. We remove bugs, lower costs, enhance performance, and provide a greater user experience with software testing. The process encompasses both static and dynamic life cycle activities to assess whether they satisfy all the requirements. What is the Importance of Software Testing? Software testing is an integral part of a well-delivered application, and its importance cannot be overstated to the overall development. Some issues in software such as security vulnerabilities, scalability, invalid functions, poor design decisions, or architectural flaws can bring to the surface some unseen or unexpected problems. At the same time, applications are used in real-world use by customers. The surfacing of defects during use by end-users can tarnish a company’s reputation and lead to dissatisfaction and loss of customers – in extreme cases, depending on the use area can cause malfunctions and even human loss. Its economic significance is not overemphasized because, in 2017 alone, software problems cost businesses and organizations $1.7 trillion in assets. Now think of the 2016 case of Nissan. The company had to call back its 1 million cars when a software defect was found in its airbag sensors detector. Wherever software is used, there is a potential for its malfunction and the appearance of bugs. A software bug in a military satellite was responsible for the loss of $1.2 billion. Apple once paid two hundred thousand dollars for detecting a firmware security bug. The just mentioned numbers encourage companies worldwide to focus on the right QA processes for the early detection and uncovering of problems before the software reaches the market. In this regard, companies have to upgrade their testing capabilities keeping in mind the advancements in development. In software development companies, the development teams are supposed to be receptive to feedback on the functioning of their applications and address them. A software product delivered flawlessly and performing as per a client’s expectations helps enhance market share and more sales for all the companies. What are the Methodologies of Software Testing? Black Box Testing Conducted at all levels of testing such as unit, integration, system, and acceptance, in Black Box Testing, testers focus just on the functionalities of the software without going into the internal details and codes. It means the software is checked just for what it is designed to do. Internal programming is not covered in the Black Box Testing. The tester feeds in all kinds of values such as valid values, invalid values, and boundary values, and, based on the expected output, declares whether it passed or failed. White Box Testing Opposite of Black Box Testing, in White Box Testing, we conduct in-depth tests to the level of internal programs examining logic, their implementation, and working. It’s carried out at the unit, integration, and system levels and often detects internal design errors. The following codes are covered for testing: statements, conditions, decisions, conditions, and multiple conditions. In the statement coverage, all the statements of the code are executed at least once to ensure it works as expected. In the decision coverage, all the true and false conditions of the code are tested, including if statements, for and while loops, and case statements. Condition coverage includes checking all Boolean expressions which return True or False. These are important in the final output, and every one of them is checked. Grey Box Testing Grey Box Testing, Black Testing, and White Box Testing are combined by looking into the logical and functional parts of the software. For carrying out this test, a tester is supposed to know the internal structure and architecture of the code as they may need to write the test cases for testing. In big projects, for Grey Box Testing, sometimes automated testing is incorporated. Incremental Testing One of the approaches of Integration Testing tests all the modules individually in the unit testing phase. Afterward, the tested modules are integrated gradually, and testing is further built upon gradual integration. Incremental Testing ensures smooth interface and interaction among all modules. Incremental testing consists of three categories: Top-down Integration – As the name suggests, it involves integrating modules from top to bottom, with the modules not available replaced by stubs. Bottom-up Integration– Modules are integrated from bottom to top, with the unavailable modules replaced by drivers. Functional Incremental– In this, testing is done as per the predefined functional specifications. Incremental testing helps find out the defects in the early stage; however, the development of drivers and stubs can sometimes be time-consuming. Thread Testing We define a thread as the smallest unit of work that a system can do. This testing aims to know if the system can carry out the required functions as per the requirements in the early stages of integration. What are the Levels of Software Testing? The testing is generally conducted at the following four levels: Unit testing Integration testing System testing Acceptance testing Unit Testing It is necessary that unit testing be carried out before the beginning of the integration testing. A unit is the smallest testable and independent part of the code for the software. The first step in software testing, unit testing, is carried out by developers themselves and rarely done by testers separately. Once the developers are confident that the units in the code are working fine, they can only send them to the testers for integration testing. If the unit testing is done and the code has been checked for any bugs, a lot of time and costs are
A Quick Look at the Characteristics and Benefits of Progressive Web Apps (PWA)
Progressive Web App or PWA is a set of modern web development techniques that combines the best of native apps and the web world.
Webinar – Agile Approach to Project Management (Recorded Version) by Mr. Jayakrishnan M C, COO of InApp India
00:00:10 Hello everyone, welcome to InApp Podcast. I’m here with my cohost Kiran and today we’ll be talking about Agile project management. Now project management can be a very dry topic to some, it’s mostly a process so it may not be that exciting to many. But it is one of the crucial elements of implementing a successful software development project. So we’ll try and make it as interesting as possible. Now to talk on the topic we have with us the Chief Operating Officer at InApp, Mr. Jayakrishnan. He’s a 20+ year veteran of the IT industry and is responsible for overseeing the operations at the InApp development center. This includes managing software development and project delivery. Now he has been a volunteer of IEEE for a long and is currently the Chair Special Interest Group on Humanitarian Technology at the IEEE Kerala section. So Mr. Jayan, welcome to the podcast, we’re quite excited to have you join us. 00:01:09 Thank you. Thank you Sunuja to give me an opportunity and I don’t know how much of project management that I know, but still alright. 00:01:22 So just a quick note before we start on how this session is going to be. This will be a quick Q&A format and we have a couple of pre-source questions now. I’ll start off with the first question and then Kitten will follow up. Then we’ll wrap up with a few of the questions that I have. So my first question is as IT professionals we have heard the term you know, agile project development, Agile project management, but for those who do not know what it is. Can you explain what Agile is and how is it different from traditional approaches like waterfall? 00:01:56 Yes, Sunuja, that’s maybe a good start I can say. So if I go back, a bit of history on project management, modern project management actually goes back to the early 20th century when a person called. Henry Gantt developed a chart that is for represents the project schedule. And a project as you know has a definite start and an end. So it has a schedule. It has a timeline. So Gantt, Henry Gantt developed a chart which is known by his name Gantt chart, and is still being used. Many people for man for representing the project schedules. So that was the beginning of modern project management and during the second half of the 20th century, we have seen a lot of advancement in project management. There are a lot of new methodologies and new forms of representing projects. All came up. Some of the methods like project evaluation and review technique which is PERT and critical path method which is CPM known as CPM have evolved over time and there were other methods like earned value management etcetera. Then in the same. The several project managers who are managing projects decided. And formed a kind of association which is called the Project Management Institute PMI. And they started to release documents on project management which is basically the collection of best practices or organized collection of best practices which is called Project Management Body of Knowledge PM work. So that was the state of project management till maybe towards the end of the 20th century. You can say. However towards the end of that. That is the 20th century and definitely at the beginning of twenty 21st century, we saw a steep rise in the number of software projects which are. Very much different from traditional manufacturing or construction or any other engineering projects. And during this boom in Silicon Valley, there were a lot of small startups developing ideas into products and most of these startups were. Running against time and they were very agile, dynamic people as well as projects. So slowly we have to see started to see the traditional methods of PERT, CPM, or EVM, or any other work breakdown structures or using Gantt charts etcetera, but not fitting very well with software projects. Because software by nature is very soft and you know that soft materials are easy to change, so you can see the amount or the volume of changes happening in software projects are way too high than any other conventional projects, so the software. Managers or software project managers introduced new method or they were started looking out for new methodologies and finally consolidated everything and published a manual called Agile Manifesto which is basically a different way of managing projects which are more suitable for software projects. So this Agile Manifesto lay down the basic principles of Agile project management and most of the software development and services organizations started to practice or follow the Agile methodologies and you have asked me about the basic difference. So the basic difference between agile methodologies from the traditional project management methodologies is that. These are more dynamic compared to the static and linear nature of traditional methods and dynamic in the sense they are more adaptable to changes where the traditional methods are more monolithic and change our kind of methods. So and another major difference is that agile methodologies encourage teams to. Do smaller and shorter cycles and iterate more while progressing with the development. But the traditional methods use very long cycles and less iterations in projects. Those are the major differences and the benefit of shorter cycles is that it can identify the issues or required changes earlier. In the project lifecycle than later. And it is always easier to accommodate changes if you find or identify them earlier in the project lifecycle. So that is what agile methodologies are. That is when the need for agile methodologies came up and that is how it developed. OK. 00:08:34 Now, that was quite a history of project management and you know how it has evolved into an agile approach. Now I think I’ll hand it over to Kiran Kiran for the next question. 00:08:44
Comparing AWS Framework: Amplify vs Serverless
One of the most important and growing platforms is AWS (Amazon Web Services) when it comes to serverless technology. There is a variety of open-source and third-party frameworks that simplify serverless application development and deployment. My journey in the serverless computing space started with the search for a perfect framework that supports JavaScript and would make me accomplish my requirements with ease. Two of the best ones that I had to pick between were the Serverless Framework (a third-party open-source framework supporting other cloud platforms) and the Amplify Framework (developed by AWS). I tried both of them. The remaining part of this article is my findings, which would help you decide on the framework you should choose for your project. I’ll split my views into Ease of Development, Services Supported, Local Development Testing, Documentation and Community Support, Plugin Availability, and CI/CD and compare the frameworks within each section. Amplify vs Serverless: Ease of Development Both frameworks provide CLI-based development. In Serverless Framework, you can start the development by using one of the templates provided for the language you use. In my case, since I use JavaScript, I can use the command given below: SLS create –template aws-nodejs To deploy the application to AWS, we only need to use a single command given below: SLS deploy Amplify provides UI Components for front-end frameworks such as React and creating and managing the back end. We can use the command below to create an Amplify application: amplify init To add/remove a specific service, we can use the following command: amplify <category> add/remove Here category is one of the different ones supported by Amplify, and each comprises different AWS Services. To deploy an amplify application, we can use the following command: amplify push As you can see, both frameworks provide CLI commands to easily develop and deploy your serverless application in less than 3 commands. But Amplify provides a CLI command to easily create different AWS services by answering some prompts, which is not present in the serverless framework when writing this article. So Amplify slightly edges out Serverless Framework in this area. Services Supported by Amplify Amplify currently supports the following categories: These are the services supported by Amplify out of the box. When we add a category using the command mentioned in the previous section, it creates the necessary CloudFormation syntax for the resource. It adds it to a JSON file maintained by Amplify, which is then deployed to AWS. We can add other services that the CLI does not directly support by manually editing this CloudFormation file. But a small issue I found is that the CLI overwrites the same file when we add/remove a category. This can undo the changes that we made to the file. Serverless Framework, on the other hand, has no pre-defined set of supported services. Since it uses an abstraction of AWS CloudFormation syntax, we can add any service as a resource using the same. It uses a serverless.yml file that contains all the infrastructure resources defined. Once we deploy the application, it generates AWS CloudFormation, which creates a CloudFormation stack in AWS. So, in my opinion, the Serverless Framework is more flexible in terms of the services supported. Even though we can manually edit the CloudFormation in Amplify, it is not as straightforward or hassle-free as the Serverless Framework. Amplify vs Serverless: Local Testing The first thing we can notice when starting with Amplify is that it promotes GraphQL more than REST. For example, I want to use the AWS ElasticSearch service for my project. But it is only directly supported by GraphQL. I want to use REST API endpoints with AWS ElasticSearch service, which is not possible out of the box. Similarly, in the case of testing my REST API endpoints locally, I couldn’t find a way with Amplify at the time of writing this article. Sadly, it provides a way to mock GraphQL endpoints using a single command, not what I want. Serverless Framework has a plugin that supports offline testing of the REST API endpoints, and it also has a plugin for creating a local instance of DynamoDB. It even has a plugin to test the DynamoDB streams locally, which I’m using in my project. As per my requirement, the Serverless Framework provides far better local testing abilities than Amplify. Amplify vs Serverless: Documentation and Community Support Both frameworks provide excellent documentation. But I found more examples of different services for the Serverless Framework. I think this is because the Serverless Framework has been here for quite some time. So it has a comparatively large community of users than Amplify. I encountered several different issues with both of the frameworks. In such cases, the Serverless Framework community was more helpful in resolving them. Since Amplify is quite new, most of the issues encountered were bugs that weren’t resolved. But, there were some workarounds for the same, provided by the community, which were useful. In this section also, Serverless Framework continues to shine as compared to Amplify. Amplify vs Serverless: Plugin Availability As we saw in the local testing section, Serverless Framework has a wide variety of plugins available. There are certified and approved plugins by Serverless Framework Team, and there are also community-built ones. These plugins make it easy to add new functionality to the framework without having to add them manually. Amplify has a minimal number of plugins as compared to Serverless Framework, but the Amplify CLI provides a way to create our own plugins using the command below: amplify plugin init or amplify plugin new In terms of plugins, the Serverless Framework is again far ahead of Amplify. Amplify vs Serverless: CI/CD Amplify provides a way to implement the CI/CD of your full-stack application through the Amplify Console. We can associate our Amplify application repository with Amplify Console. It is pretty straightforward to set up. But in my experience, CI/CD was a hit or a miss. Some of the time, I came across some weird issues. But when it works,
Cybersecurity Measures for Organizations during the Covid-19 Pandemic
The covid-19 pandemic presents information security officers and their teams at organizations with two priorities, which are also challenges. The first is to facilitate the arrangement of work-from-home facilities for the smooth operations of organizations. And the second is to maintain the confidentiality, security, and integrity of data and network as online traffic flow rises as a result of a large number of people working from home. As proprietary corporate data is being accessed on machines from homes, which do not have the same level of security as in the office setups, it becomes vital to protect them and frame some strategies for that purpose. In the article, we describe the actions, in terms of technology modifications, people engagement and business process strengthening, required on the part of organizations to safeguard their assets, data, and privacy. Technological Modification With the ‘Work From Home’ being adopted everywhere, cybersecurity teams and organizations need to take following technologically proactive measures to extenuate the potential threats. Patching of Critical Systems: IT officers must accelerate the patches for critical systems such as VPN, end-point protection, and cloud interfaces that are essential for working remotely. This will help the companies remove the vulnerabilities in their systems. Multifactor Authentication: The second action required is the scaling up of the MFA or Multifactor Authentication. The people working from home must be required to access critical applications only by using MFAs. Though the implementation of MFA is challenging, it can be made manageable by prioritizing the users who work with critical users such as domain and system administrations, and developers and people who work with critical systems such as money transfers. First, to gain experience, the cybersecurity teams can roll out this on a demonstrative basis and then after gaining enough confidence can extend it to the whole organization. Compensating controls for facility-based applications: The third tactic to be used is the installation of compensating controls for facility-based applications migrated to remote access. Some applications such as cell center wikis, and bank teller interfaces, which are only available to users working onsite at an organization’s facilities, must be protected with some special controls such as VPNs and MFAs. Accounting for Shadow IT: The fourth action is to account for shadow IT, which at many companies, employees set up without formal approval or support from the IT department. Remote working will make such systems vulnerable as when the employees start working remotely, the business processes that depend on shadow IT will not be accessible remotely for protection. Now it is the responsibility of cybersecurity teams to look out for such shadow IT systems in organizations. Device Virtualization: The final action that the companies can take in terms of technological adaptation is to accelerate device virtualization because many of the cloud-based virtualized desktop solutions can make it easier for employees to work remotely as many of them can be implemented faster than can be onsite. Importantly, the new solutions will require strong MFAs. People Engagement Even after adequate technology controls are put in place, there is some vulnerability in the way people behave at home. And here they are required to exercise good judgment for maintaining security. In the offices, their online behavior can be monitored but at home, their unmonitored behavior may invite some malicious attacks that put the whole organization’s systems in jeopardy. To avoid such situations, people working remotely can follow the following guidelines: Communicate Creatively: Employees must communicate creatively. The stressful and crisis-ridden time can easily make the warnings of cybersecurity lost in the din. The communications channels should be two ways, in which questions, answers, and clarifications can be posted in real-time and best practices can be shared. The communication channels established have to compensate for the existing loss of informal interactions in office settings. Focus on what to do: Telling employees not to use certain tools such as consumer websites at home can be counterproductive. Instead, the security teams should explain is are the benefits, in terms of security and productivity, of using approved messaging and file transfer tools to do their jobs. To make it safer overall, the employees should be encouraged to use only the approved devices and to buy approved hardware and software by providing some incentive for such behaviors. Training of the Employees: The most important action that an organization can take is to make its employees aware of social engineering during the pandemic times. They should be trained about phishing, vishing, smashing, etc, and how they should deal with it and how they can avoid getting tricked. Monitor High-Risk Groups: Every organization dealing with important data and private data must identify and monitor high-risk users such as those working with confidential or private data. Such a group poses more risk and is generally on the radars of attackers. The high-risk group must be trained adequately. Strengthening Business Processes As the business processes in the companies may not be designed to support extensive networks from home, they may lack adequate controls. In such a scenario, complementary security control processes can be deployed to mitigate the risks. Following are some of the ways for strengthening business processes: Support Secure Remote Working Tools: During a period such as the current one when people are working from home and settings and installing basic tools such as VPNs and MFA, security and admin teams should make available extra capacity. Also, the security teams of a company must be available on calls for providing support sought out by an employee. Test Incident-Response (IR) and Business Continuity (BC) Plans: To find weak points in your IR and BC or disaster recovery (DR) plans must be adjusted and tested as the organizations might have to tweak them in the current crisis conditions. Expand Monitoring: As cyberattacks are on the rise in the current period, it is required that the scope of organization-wide monitoring activities must be widened. Widening the protection activities is also important because basic boundary protection mechanisms, such as proxies, web gateways, or network detection
Best Practises for Ensuring IoT Security at the Application Level
In 2015, a group of security researchers hacked a Jeep, turned its windshield wipers and air conditioners on, and then stopped the functioning of the accelerator. Not only this, they said that they were capable of disabling the engine and the brakes. They could do it by infiltrating the vehicle’s network through manufacturer Chrysler’s in-vehicle connectivity system, Uconnect. In another instance of Internet of Things security vulnerability, in October 2016, when a hacker exploited a loophole in a specific model of the security camera, more than 300,000 video recorders started to attack many social network websites. This brought down Twitter and other platforms for more than two hours. The examples above shed light on the vulnerability of IoT and what can happen to IoT systems with poor security apparatus. According to Statista Research Department, IoT-connected devices worldwide are estimated to reach over 75 billion by the end of 2025. The rising worldwide popularity of Internet of Things usage is unexpected as it brings with it several business advantages across all industries. The advantages include increased efficiency and cost savings among others wherever IoT is used. However, along with varieties of benefits and advantages come several daunting security challenges at all levels. IoT Security Best Practices during IoT Software Development Life Cycle (SDLC) Requirements Phase Design phase Development Phase Testing Phase Deployment Phase Maintenance Phase
Mobile Test Automation: How to Select the Right Tools for your Next Project?
The mobile testing landscape is becoming more sophisticated every day and here are some challenges that companies should look out for.
Big Data Solution Pipelines using Open Source Technologies and Public Cloud
Data pipelines are a crucial component of any big data solution. These are software that handles data streaming and batch processing, whereby data undergoes various transformations along the way.
This blog describes various big data streaming/batch processing options available with private clusters leveraging open source technologies and serverless public cloud infrastructures like AWS.