Beruflich Dokumente
Kultur Dokumente
<Lock Notification->
Date-14/11/2019
Document Control
Page 2 of 7
Table of contents
1-Introduction
2-Project overview
3-Test objective
Page 3 of 7
Table of Contents
1. Introduction
This describes testing approach of the components of the Lock notification which needs to be tested in
terms of security and performance
2-Project overview
The scope of the project is to deliver notification to user or user-group based identification as per
active directory or email list whenever admin pushes old,new or trending article manually to user
3-Test objective
The objective of the test is to verify that the security and performance issues which may arise in
application.
The test will execute and verify the test scripts for security,performance,identify, fix and retest all high
and medium severity defects per the acceptance criteria defined
(a)-API- Rest API performance and security testing needs to be done for user and admin.
Tools-For Rest API security testing, IBM APP SCAN will be used with integration of SOAP UI Tool.
For Rest API performance testing, JMETER tool is to be used.
Reason-For performance-
JMETER is open source software which can be used for calculating performance of API both for
admin and desktop application. Metrics of API can be calculated
Page 4 of 7
IBM app scan with SOAP UI will scan the API and will calculate the vulnerabilities found in API.
For Automated penetration and performance testing we will use as mentioned below-
Security testing-
Reason-Echo mirage to be used as it is open source.Desktop application exe file can be injected and
vulnerabilities can be found.
Performance testing-
Tools used- JMETER will be used as it is open source.It will help to capture application metrics i.e-
Response time, disk usage etc
Perfmon-It is open source software -and will help in monitoring the application health
Reason-Both tools are open source and Metrix such as disk usage, memory usage, thorough put
can be calculated including application performance
© Web application(admin)-
Security testing- Manual penetration testing of web application to be done for encryption
,authorization etc.
For automated testing, IBM APP SCAN will be used to detect vulnerabilities in web application.
Reason-It will help to identify vulnerabilities in code like SQL injection ,cross side scripting Etc.Report
can be easily generated.
Performance testing-
Page 5 of 7
Tools used- JMETER will be used as it is open source.It will help to capture application metrics i.e-
Response time, disk usage etc
Perfmon-It is open source software -and will help in monitoring the application health
Reason-Both tools are open source and Metrix such as disk usage, memory usage, thorough put
can be calculated including application performance
Page 6 of 7
Page 7 of 7