About This Episode:
Hey, do you want to know what software testing book to read next? Do you know there are ways you can actually lower your AWS cloud watch service bill? And have you seen the latest postmortem on Log4j? Find out the answer to these and all other full pipelines DevOps automation, performance testing, and security testing in this episode of the TestGuild new show for the week of March 13th. So grab your feet a cup of coffee or tea, and let's do this.
Exclusive Sponsor
This episode of the TestGuild News Show is sponsored by the folks at Applitools. Applitools is a next-generation test automation platform powered by Visual AI. Increase quality, accelerate delivery and reduce cost with the world’s most intelligent test automation platform. Seeing is believing, so create your free account now!
Applitools Free Account https://rcl.ink/xroZw
Links to News Mentioned in this Episode
00:54 Blink https://links.testguild.com/8sG9d
01:50 Ponicode https://links.testguild.com/tdMpJ
03:06 Elastic https://links.testguild.com/SvZce
04:02 Books for Testers: https://links.testguild.com/JKuv1
04:58 Software Tester Guide: https://links.testguild.com/WjbSz
05:50 Zendesk: https://links.testguild.com/cvsEa
06:42 Cloudwatch: https://links.testguild.com/NBObJ
07:24 Observability: https://links.testguild.com/fx4Aa
058:17 Log4j: https://links.testguild.com/WJDzE
News
TGNS March 13 Ep34 needs Audio.mp4
[00:00:00] Hey, do you want to know what software testing book to read next? Do you know there are ways you can actually lower your AWS cloud watch service bill? And have you seen the latest postmortem on Log4j? Find out the answer to these and all other full pipelines DevOps automation, performance testing and security testing in this episode of the TestGuild new show for the week of March 13th. So grab your feet a cup of coffee or tea, and let's do this.
[00:00:23] This episode of the TestGuild new show is sponsored by the awesome folks at Applitools Applitools, the next-generation test automation platform powered by visual A.I., which helps you increase quality, accelerate delivery and reduce costs. With the world's most intelligent test automation platform, but don't just take my word for it. Seeing is believing, so create your free account now by clicking in the link in the first comment down below. And while you're there, why not like leave a comment and subscribe. Get alerted every time I release a new episode.
[00:00:52] First up, automation news.
[00:00:53] Let's kick things off with a money segment. Blink looks the simplified cloud operation management with twenty million dollar investment, so Blinks co-founders have been working in security and automation for a number of years, and they observed that there was a strong overlap between developer operations, DevOps and security operations when it comes to managing cloud infrastructure. When they did research, they found the potential customers for their start up. Security management kept coming up and they realized there were two parts the same problem. What's interesting is that infrastructure teams and developers were telling them that they were spending 30 percent to 50 percent of their time doing security related stuff. And when we talk about no code, low code solutions, a lot of time we're talking about test automation. Blink is actually a no code automation for cloud ups, so its purpose was built, built for DevOps and SecOps. So definitely give it a look and just keep up to speed on why this type of solutions are becoming more prevalent.
[00:01:50] So speaking of AI, this next article caught my attention because it relates specifically to a tool I've heard more about recently, and I just found out they actually they were just acquired by CircleCI. So CircleCI has acquired PONI code to gain an AI testing tool to their stack. If you don't know, CircleCI is a DevOps Continuous Integration delivery platform, which is becoming more popular, and it's interesting how they actually decided to acquire a company that focuses on testing or using A.I. artificial intelligence to help make the review application code of developers much easier as they're uploading the code into the builds. And so they invested in PONI code, which is a technology that allows you to do just this. And the article goes on to mention that the quality of the code being applied to drive applications needs to be of a higher quality, with CircleCI being a CI platform as you checking code. I assume they're going to start using Ponicode acquisition to help with the code review process itself to become more efficient instead of requiring another developer or a dedicated tester to actually review code. Real cool if you're using CircleCI. Great development and you definitely should learn more about Ponicode.
[00:03:07] So this next one is how ElasticSearch has announced a new capability to help customers defend against cyber attacks and accelerate app delivery. And the reason why I put it under automation is because I know a lot of testers have been using ElasticSearch for their dashboard for the test results of their automation frameworks. There's a bunch of other capabilities that can leverage as well. So Elastic, which is the company behind ElasticSearch and the new enhancements, enables customers to stop advanced cyber threats with new prebuilt detection and data source integrations, and accelerate application development with deeper visibility into serverless architecture and Continuous Integration and good service delivery pipelines. And so these new pre-built type of detection software can actually help you automate protect against sophisticated attacks like like Log4j or blister malware campaigns, so really helps customers streamline security investigations and mitigate risk without diminishing visibility.
[00:04:02] Also, do you want to know what the next software testing book you should read? And so thank you, Jon, for posting this question, he wrote. Any recommendations of books for starting software or software testing club at work? They include technical and soft skills, and the audience include not only testing engineers, but also software engineers who test. So I was tagged and I gave my recommendations, but a whole other bunch of folks created their recommendations as well. You can see a whole bunch of cool recommendations like Tristan has a cool link to a book club list that he has. We also have Raj with some great suggestions. We have Richard Bradshaw with some great suggestions. We have Marc with some great suggestions. We have Morgan with some great suggestions. So that's what's great about asking questions. A lot of times the question kind of elicits a lot of great answers from a lot of people that are sourced in one place. So I have a link to this and the first comment down below, so you could double check everyone recommended as their favorite software testing book.
[00:04:58] And speak speaking. Of software testing books, I actually interviewed Kristin Jackvony on her latest book on the Complete Software Testers Guide. And in this interview, actually break down with Kristin, the author all about the complete software tester concepts, skills and strategies for high quality testing. The book covers a diverse set of topics for those new to testing and testers who want maybe to fill in some knowledge gaps. So Kristin goes over a whole bunch of different topics like security testing, performance testing, manual testing, exploratory testing. So you want to check out this interview and after the interview was done, definitely headed over to the show notes to grab the link for to get you a copy of the complete software testers yourself. So thank you, Kristine, for writing that book for sharing that resource with your fellow testers.
[00:05:48] Next up, the in Site Reliability news.
[00:05:50] So this next article is all about Zen and the art of reliability. So this article is really cool because it does offer a real world enterprise company, Zendesk, in how they treat reliability and also help them handle over 250000 requests per second. A daily peak in Jason just talks about his journey for a decade of testing every possible way within Zendesk. And how during the 10 years they've scaled their engineering organization from 30 engineers to 400. And they deploy change to production over 80000 times a year, so they definitely have a great user case here for what's working for them or reliability. Jason covers eight ways that they've implemented reliability to help them in their organizations. So this is a great must read. I think for everyone that's in the testing and especially Site Reliability engineers. So give it a read. Once again, this link will be in the first comment down below.
[00:06:42] So another article that caught my attention was AWS Cloud Watch. So this article harinder was a great resource to follow if you're not following already goes over when they recently looked at the cloud costs. One thing that stuck out was their cloud watch costs being the second highest in the list of A.W. services compared to the previous month. And the Post actually walks you through the steps he used to identify which cloud watch services and logs were contributing the most towards the costs. So a real nice breakdown of the steps that Harinder used actually find what services and what logs for creating this cost. So if you're using cloud watch or if you just want to learn how to troubleshoot better, I think this is a great article to go through.
[00:07:24] So since I started this new show, we've talked a lot about observability. We also talked about AI for how about how intelligent observability can help unleash innovation. So the marriage of AI with observability and the type of benefits you get from that, that's what this next article is all about. How can DevOps practitioners and SRE teams overcome pressure to deliver business value through technology innovation while maintaining a gold standard for a system uptime? And they point to why intelligent observability is critical to actually accomplish this, and the reason for this is the sheer amount of data that someone needs to go through. With all the data being distributed, its assets are moving around the cloud. There's really a lot of complexity that happens in an internet prone system that are extremely difficult for humans to monitor, and that's where machine learning can help.
[00:08:15] Last up security news.
[00:08:17] So this next article goes over the log for J. The exploit that we heard about a few months ago, it's a post mortem and talks about how developers are now taking a hard look at the software supply chain security gaps. So talks about how developers are exploring new tools and methodologies to help ensure the next log for Jay doesn't happen, and it talks about will it actually work? It actually mentions a study by the world's largest nonprofit association of Certified Cybersecurity Professionals that nearly half 40 percent of security teams gave up holiday time in weekends to assist with the remediation. Now, 52 percent of teams spent weeks or more remediating log for J, which is not exactly how already stretched developers want to spend their holidays, and that often goes other ways to fix vulnerabilities without breaking legacy code. It also dives into a broader problem which who owns security for open source. So I think it's a good read to get your team started. Think about this as we consume more and more open source projects. Who owns it? What do we do? How do we make it so that we're not spending all our time on these types of remediation? So great article to get you thinking about these things as well.
[00:09:23] So for links, if everything value will be covered in this episode, make sure to check all the links. The first comment down below. And while you're there. Make sure to check our awesome sponsor Applitools by creating a free account and discover how to take your automation testing to the next level. Leveraging their awesome platform for visual AI. So that's it for this episode of the Test Guild news show. Once again, I'm Joe and my mission to help you succeed in creating and end full stack pipeline automation awesomeness. As always, test everything and keep the good cheers.
