The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...
Tricentis announced the acquisition of Q-up: a test data management (TDM) platform architected to provide secure, reliable, and compliant test data on-demand.
With a business-friendly, self-service interface and a lightweight provisioning agent, test data access is reduced from weeks to seconds.
With GDPR now in effect, the business risk associated with using production data for software testing has become prohibitive. Organizations are suddenly realizing that TDM must become a critical component of a complete data privacy and security policy.
“For years, companies have been obtaining test data by extracting data from production environments,” explained Q-up Managing Director Andreas Günther. “GDPR will finally put an end to this approach by requiring extracted production data to be masked deterministically and irreversibly. This may be a blessing in disguise, because simply extracting data from production does not deliver data that’s optimized for the purpose of testing. Since organizations are already being forced to re-examine their TDM processes, now’s the perfect time to bring their overall TDM strategy in line with the demands of modern delivery processes.”
“To ensure that these new requirements don’t impede software delivery speed, we’re expanding our solution with fast, intuitive ways for testers to add GDPR-compliant test data to their tests—either through extraction and masking or synthetic test generation,” added Wolfgang Platz, Tricentis founder and Chief Strategy Officer. “We’ve long recognized that TDM is a linchpin for Continuous Testing. Now, we’re expanding the Tricentis Continuous Testing Platform with a unique and innovative approach to providing secure test data.”
Tricentis’ enhanced TDM capabilities give users multiple options for the design, generation, and management of test data. This allows users to select the best strategy for their architecture, development phase, and/or release cadence. For example, users might want to start by rapidly configuring “smoke tests” that closely mirror production data, then later use synthetic test data generation to increase test coverage and complete negative testing prior to delivery.