Archive for 2017

#SKCDailyLearningV2 - Week 02-03 : August 06 - August 20

Week 02-03: August 06 - August 20

Follow Hashtag: #SKC100DaysofLearningV2


Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 63

Date: 27th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: API Testing

  1. PayLoads

  • What is a Payload
  • What is a Payload in Web Page
  • What is a Payload in Web APIs
      2. JSON / XML Formats 
  • What is JSON.
  • What is the representation of JSON Code.
  • What is XML.
  • What is the representation of XML Code.


Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 62

Date: 26th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Security Testing

Webinar Notes:  Create a custom security strategy for your organisation by PluralSight


Access the Risk:

  1. STRIDE
  2. DREAD
  3. Third Party Assessments

Prioritize the Risk:
1. Penetration and Vulnerability

  • OWASP


2. Indepedent Certification

3. Training & Awareness

  • Basic training is important for members in organisation.
  • Basic security courses needs to be provided to team members as awareness.

4. Focus

  • As organisation, OPS Team should be developed as a team to focus only on security.
  • And aligns with company culture, business strategy. [CSO - Chief Security Officer]
  • Is your Executive team focus on security.

Frameworks:

  • ISO 
  • NIST
  • ITIL
  • TOGAF - Total Group Architecture Foundation 
  • SABSA


Security Risk Score:

  • Risk Management & Oversight
  • Security Monitoring
  • Threat & Vulnerability Management
  • Security Controls
This helps to focus on a Security Road Map. Continue to evaluate and make adjustments to plan.

BEST LAID PLANS:
Things to look for in your systems:

1. Changes to state events

  •  CPU Usage
  •  Disk Space
  •  Network Utilisation
  •  Log events and size


2.  Customer Support Issues

  • Have basic training on customer issues and whom they need to redirect the issues to


3. Malicious Traffic

4. Acceptable Use Violations

5. Intrusion Detection Systems

INCIDENT RESPONSE PLAN

1. IDENTIFY THE TEAM

  • Information Security Team
  • Legal 
  • Support
  • Communications /Marketing Team

2.  INFOSEC INVESTIGATION/RESPONSE PLAN

  • Detection and Discovery
  • Analysis and Assessment
  • Risk Mitigation Strategy
  • Escalation Process, Communication within the team/rest of team.


3. Communication Process

  • What Constitutes a breach that requires external communication
  • Who should be Notified - Customers/Public
  • Who communicates Externally 
  • What channels to communicate by
  • Communications


4. Maintain Incident Response Records

  • What 
  • When
  • Where
  • Who detected, escalated and responded


Finally Some Advice:

  • Disclose Early, Leverage Social Media
  • Protect Accounts Immediately
  • Be clear, Honest, Lead with the Facts
  • Be Specific.
  • Explain what actually happened
  • Keep Customers Updated.
  • Apologise


References:
1. SSCP : Jason Helmick
2. Web security & OWASP - Troy hunt
3. Enterprise Security: Policies, Practices & Procedures - Dale Meredith
4. Tesla Security Vulnerability Reporting Policy
5. Owasp.org

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 61

Date: 22nd July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: API Testing

■ HTTP Status Codes.
■ HTTP Response Format

♤ New Version of Postman v5 - solved the Bug reported exporting the result to json format.
https://www.getpostman.com/

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 60

Date: 14th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: API Testing


■ URI - Uniform Resource Identifier
♤ URI formats
♤ Details on URI Format.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Bug Reports: Practo , Postman submitted and Resolved.


Postman:

Collection Report when ran export of results.Clicked on export button. Received an error,while exporting result.Failed to export collection run: TypeError: Cannot read property 'time' of undefined.




Postman:

Select Current Location in Practo App was saying: We're not available in your city yet.


But was able to search manually as "Mysore" and can select the location name as - Mysore.




Then received after few weeks, Issue was resolved in latest app.





## Thankful. I was able to do Volunteer help  😊

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 59

Date: 12th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: API Testing

■ What is an API.
♤ How Web Application interacts with API
♤ What is Web API vs Web services.
♤ What is URL vs URI.
♤ Trying out UML Diagram to interpret the Web and Client application (Requests and Response)
http://plantuml.com/ 

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 58

Date: 10th July 2017

Follow Hashtag: #SKC100DaysofLearning


Topic: API Testing

♤ Topic: Non GUI Requests /Response.
■ Internals: Understanding what happens when Google.com is entered in web browser.
♧ When search term is entered in Google Search text box and search button is clicked.

♤ What requests and responses flow through Web browser to Web server.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 57

Date: 9th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: API Testing

■ Practical Test: Check for Broken Links in a website using Postman.♧ Found bug with report generation from Postman. Reported to Postman Team. [Exception on Timer]

☆ Chrome app for Postman will be deprecated in late 2017. Recommended to use stand-alone application.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 56

Date: 6th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

♤ Learning about Mobile App - Battery Consumption
■ Learning about Android Default Battery Analysis
■ Trying out tools to find app power utilisation.


Tools to Try:


  • Battery Historian
  • GSAM Battery Monitor

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 55

Date: 5th July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing


♤ Learning about Mobile App - Battery Consumption

■ Importance of Battery Usage while testing the mobile App. ■ Doing few tests on App when battery at 3%-10%

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 54

Date: 2nd July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

♤ What is Mobile App - Usability Testing.
♤ Making a Note of Patterns, workflows, Navigation in App♤ How Making mistakes can find bugs in App♤ How to check the typos and How it affects the ratings and reputations.♤ How to Consistency of App in different sizes and views.

----
♧ New test technique tried for first time and Making note of each details.

♧ Using chrome web browser and testing android app.
 ARC Welder - Chrome Extension


Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 53

Date: 1st July 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing


♤ Different types of S/W Quality Assurances.
♤ Types of Testing - Static vs Dynamic♤ Mobile App Functional Testing - What to do.♧ Things to keep in mind while testing functional testing.♧ How to do functional mobile app testing.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 52

Date: 30th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing


♤ Learning about Emulators.
♤ Learning about Simulators.♤ Differences between Emulators and Simulators.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 51

Date: 29th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

♤ Learning about Mobile Device Microphone
♤ Learning about System Apps, Localisation, Internationalisation, Date- Time, Keyboards.
♧ Testing an app, if it supports localisation or not.
♧ Found few mobiles does not have change Date Formats in Device.
♧ Finding out what can be done, if option is not there.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 50

Date: 28th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing


♤ Mobile Device Touch Gestures
♤ Mobile Device Camera.
   How to test when Apps use Camera.



Mobile App testing is a vast field. Explaining features of Mobile App is not Mobile App Testing.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 49

Date: 27th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

♤ Learning about Mobile Device Touch Screen
● Types of touch screens● Touch screen sensor options

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 48

Date: 26th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

♤ Learning about Mobile Device Sensors 
■ Finding what device sensors are used. 
■ Tools assisted testing on Device Sensors. 
■ How Apps uses sensors and how to test.
■ Different type of mobile Web Browsers. 
■ Fragmentation of mobile Web Browsers.
■ Grouping mobile Web Browsers based on Statistics from different websites.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 47

Date: 25th June 2017

Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing


● Mobile Device Fragmentation
■ Grouping the devices
☆ Mobile Devices in the Cloud


https://opensignal.com/reports/2015/08/android-fragmentation/

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 46

Date: 21st June 2017


Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

● Learning about Free vs Paid Mobile Apps

http://www.appbrain.com/app/itc-limited/com.itcportal.itclimited 



● How to know if it's a Free vs Paid vs In-App Purchase type of App.
● Different App Stores to publish an App.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 45

Date: 19th June 2017


Follow Hashtag: #SKC100DaysofLearning

Topic: Mobile App Testing

1. Understanding what is Hybrid Mobile App.
2. What is Hybrid Framework - Cordova.


Topic: Apache Solr - Search Plugin

3. Self learning on New Solr Search Plug in - Noun Based Search based on the info available.
Experimenting and Analysing the results.

Posted in | Leave a comment Location: Mysuru, Karnataka, India

Completed 4 Work Years at Unilog

Hope I did the work at my level best. (With Ups and Downs in Life)

"The Journey of S.K.C."
💖
4 Work Years at #Unilog and at #Mysore

https://www.unilogcorp.com/


Posted in | Leave a comment Location: Mysuru, Karnataka, India

Daily Learning - Day 44

Date: 17th May 2017

Topic: Notepad++ - Day 02

Follow Hashtag: #SKC100DaysofLearning

Usually, When i open server logs with Huge data, as mentioned in Day 38


It was becoming hard to delete the irrelevant data for each line. 

Then, I thought there would be some one who would have similar thought and problem.

Finally, got the answer. There is a new feature in Notepad++

Feature: Column Mode Editing

Using either of the options.

  1. Alt+Mouse Dragging
  2. Alt + Shift + Arrow Keys

https://notepad-plus-plus.org/features/column-mode-editing.html


column mode

Posted in | Leave a comment Location: Mysuru, Karnataka, India