Parasoft announces the opening of its new office in Northeast Ohio.
There has long been a significant disconnect between CEOs and testers regarding the sufficiency of software testing prior to its release. A new report from Leapwork, in collaboration with market-research firm Censuswide, surveyed approximately 500 CEOs and software testers to determine current attitudes towards, and perceptions of, software testing within large organizations.
The study found that 85% of US CEOs could be leaving their businesses open to reputational and financial risks by releasing insufficiently tested software. Moreover, the majority of software testers (79%) claim that up to 40% of software goes to market without enough testing.
Feeling the Pain
A culture of "speed over stability" has greatly influenced this alarming software trend. Aware of the risks of inadequate software testing before release, chief executives and testers alike cite faster development cycles, a lack of skilled developers and professional development, as well as the reliance on manual testing, as primary reasons why software is released without adequate testing.
The report's key findings highlight how these pain points impact an organization's operational efficiency:
■ Nearly 4 in 10 CEOs (39%) cite "reliance on manual testing" as the primary reason for insufficient pre-launch testing.
■ Less than half (43%) of software testing utilizes some element of automation, whether it be an automation tool or a combination of manual and automated testing.
■ A lack of skilled developers indicates a digital skill disparity within companies trying to hire the right talent to manage test automation. As more companies transition from manual testing to automation to meet the testing requirements of increasingly complex software, they're struggling to find testers with the right digital skills to oversee the process.
■ More than a third of CEOs attribute "underinvestment in testing personnel including continuous professional development" as the reason software isn't being tested properly, which indicates a lack of professional development.
Testing the Limits
Despite the majority of testers expressing concern that insufficiently tested software is going to market, the overwhelming majority of CEOs (94%) say they're confident their software is tested regularly. Although CEOs understand the consequences of releasing software that hasn't been tested properly, a surprising number (85%) still believe it's acceptable to issue it and prefer to rely on patch testing afterwards to fix any problems. This approach leaves room for risk and loss of revenue.
The current internal discrepancy between executive officers and software testers sets a dangerous precedent. In a volatile market, there's mounting global pressure for companies to meet digital transformation goals and businesses across sectors are cutting corners. Under this pressure, business across sectors — banking and financial services, healthcare, telecoms, manufacturing, retail, logistics and transportation — are taking unnecessary risks with vulnerable software.
As a result, more than half (52%) of testers spend 5-10 days patch testing software post-release. Time spent patch testing software after it has launched and is publicly available not only impacts the business' bottom line, it also erodes public confidence in its product.
Reputations on the Line
Consumers are more tapped into corporate operations, business practices and data collection than ever before. Software failures and outages make news, and more than three-quarters of CEOs acknowledge that this has harmed their company's reputation in the last five years.
On its current trajectory, more and more companies will have to grapple with software malfunctions that cost them significant financial loss and reputational damage. In order to avoid unnecessary vulnerabilities going forward, enterprises must usher in no-code test automation systems that don't require coding skills in order to free up their highly-skilled teams to focus on the higher priority tasks.
A New Approach
This will require a new organizational approach to software testing, but it's imperative that CEOs and developer teams be more in sync.
The survey data highlights the issues with the current disparity between the two stakeholder groups with regards to their software development perspectives. Addressing this crack in their software foundation now positions companies across industries to successfully navigate digitization at scale.
Simply put, in an uncertain economic climate, losing up to 10 business days to develop patches for publicly available software is not in any company's best interest.
Industry News
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.