Cybersecurity is an increasingly critical area of focus as our modern world becomes more dependent on digital technologies and as a consequence we face a growing threat from cyber criminals, hackers, and other malicious actors. This is an article by a colleague of ours who shares what is it like to be a QA in Cybersecurity.
“I have been working as a QA Engineer in the Cybersecurity domain over a year. And I would like to share my own thoughts and insights about this experience.
To ensure your comprehension of this field, I will provide an overview of the fundamental concepts and categories of cybersecurity. Following that, I will discuss my current sprint as a Quality Assurance professional, the nature of the tasks I undertake, and the specific cybersecurity elements that I encounter in my day-to-day activities.
Why is testing in the cybersecurity domain critically important?
First of all the consequences of a security breach can be very severe in cybersecurity.
A successful attack could result in data theft, financial loss, or even physical harm.
Therefore, testing the security of a system is crucial to identify vulnerabilities and weaknesses before an attacker does.
The second reason is that cybersecurity threats are continuously evolving, and attackers are constantly finding new ways to exploit vulnerabilities.
Effective testing helps to ensure that systems are secure against the latest known threats and that they can withstand new attacks as they emerge.
There are several types of cybersecurity approaches:
• Network security involves securing the network infrastructure itself, including routers, switches, and other network devices.
• Application security focuses on securing the software applications used by an organization, including web applications and mobile apps.
• Cloud security involves securing the cloud infrastructure used by an organization, including cloud servers, storage, and services.
• Data security involves protecting the sensitive data stored by an organization, including customer data, financial data, and intellectual property.
• Identity and access management (IAM) is focused on managing user identities and controlling access to sensitive resources.
• Disaster recovery and business continuity are focused on ensuring that an organization can recover from a cyber attack or other disaster and continue its business operations.
• Endpoint security focuses on protecting the endpoints or devices that connect to a network, such as laptops, desktops, mobile devices, and servers.
My team works with Endpoint security.
It is crucial in today's world, where remote work and bring-your-own-device (BYOD) policies are becoming increasingly common.
It helps organizations ensure that their sensitive data remains secure, even when employees are accessing it from outside the organization's network.
In general we develop a product that helps Network Administrators manage and maintain an organization's computer network.
Let’s talk about my area of responsibility.
The first thing we do as QA is working with requirements and writing checklists.
In situations where a Jira ticket lacks sufficient information about a task, we reach out to other teams to gather more details. Following discussions with our team and stakeholders, we then proceed to document additional information on Confluence, which may include crucial details about the scope of the task or testing instructions.
Then we start working on creating a test environment or investigating how to set up necessary test data for the future testing.
For that we use both Virtual Machines and mock connectors (that's what we call a computer with an antivirus) and mock events (that's what we call a malware).
Unfortunately, I haven't had the chance to create these mock objects as of yet. However, I am optimistic that I will be able to do so in the future.
When the task is ready and goes to the “Ready for QA” column, we start our main game.
First of all it is manual testing. It can be either API or UI. For example it can be ensuring that our system can effectively detect and block threats. Or installing, updating, and performing system scans to check if our system is capable of detecting and blocking different types of malware and threats.
Also it could be testing of policy settings. Policy settings typically refer to a set of rules or guidelines that are established and enforced within an organization's network or systems.
These policies can cover a wide range of topics, including access control, data protection, network security, password management, and more. Policy settings can be configured at various levels, such as individual computers, servers, or network devices, to ensure that security measures are consistently applied across the organization.
It could be even as simple as making changes to the user interface that do not require any specialized knowledge in the field of security.
If some bugs are found we create a bug report. Here we try to add as much as possible Information about the issue with screenshots and links to bug tracking system.
If no bugs are found we write automated tests for the feature. It is my favorite part to be honest. Sometimes I start doing it even when the feature is not ready yet. It is harder but more exciting for me.
When automation tests are ready we add them on Jenkins. It runs every day which allows us to quickly identify any issues or bugs in the code, and ensure that any changes to the codebase made by developers do not break the existing functionality of the project.
Before every release we have a regression testing session. I can’t say that I like this part of my job but I understand the importance of it. The purpose is to ensure that the new code changes, bug fixes, or enhancements to the software do not introduce new errors or defects in previously tested functionality. Here we usually use Virtual Machines and real viruses or malware (for example Eicar).
After the release we always perform smoke testing of the new features on production. I believe I have described my entire workflow.
I take great pleasure in the work that I do and feel a sense of satisfaction in contributing towards the security of both personal data belonging to individuals and data related to large-scale industrial projects. It makes me proud to be a part of this highly impactful and valuable domain.
Every quarter, our company holds a special event called a "Hackathon," during which we take a break from our regular work and try out new and exciting projects. Not all companies may have such an event, but I personally enjoy it a lot. Each team can choose an idea that is related to our project, but it must be something outside of our usual tasks, and we work together to bring it to life over a period of two days. We then demonstrate our work to our colleagues. During this time, I feel like a successful business woman who is improving her own company. For those two days, I am not just a QA. I get to try out different roles such as Business Analyst, Project Manager, Designer, or Developer. While we may not always succeed with our idea, we always succeed as a team.
To conclude, I'd like to encourage everyone to not be hesitant to explore new technologies and concepts, especially in the huge field of cybersecurity. With its wide range of opportunities, I am confident that everyone can discover their own niche within this domain.”
“I have been working as a QA Engineer in the Cybersecurity domain over a year. And I would like to share my own thoughts and insights about this experience.
To ensure your comprehension of this field, I will provide an overview of the fundamental concepts and categories of cybersecurity. Following that, I will discuss my current sprint as a Quality Assurance professional, the nature of the tasks I undertake, and the specific cybersecurity elements that I encounter in my day-to-day activities.
Why is testing in the cybersecurity domain critically important?
First of all the consequences of a security breach can be very severe in cybersecurity.
A successful attack could result in data theft, financial loss, or even physical harm.
Therefore, testing the security of a system is crucial to identify vulnerabilities and weaknesses before an attacker does.
The second reason is that cybersecurity threats are continuously evolving, and attackers are constantly finding new ways to exploit vulnerabilities.
Effective testing helps to ensure that systems are secure against the latest known threats and that they can withstand new attacks as they emerge.
There are several types of cybersecurity approaches:
• Network security involves securing the network infrastructure itself, including routers, switches, and other network devices.
• Application security focuses on securing the software applications used by an organization, including web applications and mobile apps.
• Cloud security involves securing the cloud infrastructure used by an organization, including cloud servers, storage, and services.
• Data security involves protecting the sensitive data stored by an organization, including customer data, financial data, and intellectual property.
• Identity and access management (IAM) is focused on managing user identities and controlling access to sensitive resources.
• Disaster recovery and business continuity are focused on ensuring that an organization can recover from a cyber attack or other disaster and continue its business operations.
• Endpoint security focuses on protecting the endpoints or devices that connect to a network, such as laptops, desktops, mobile devices, and servers.
My team works with Endpoint security.
It is crucial in today's world, where remote work and bring-your-own-device (BYOD) policies are becoming increasingly common.
It helps organizations ensure that their sensitive data remains secure, even when employees are accessing it from outside the organization's network.
In general we develop a product that helps Network Administrators manage and maintain an organization's computer network.
Let’s talk about my area of responsibility.
The first thing we do as QA is working with requirements and writing checklists.
In situations where a Jira ticket lacks sufficient information about a task, we reach out to other teams to gather more details. Following discussions with our team and stakeholders, we then proceed to document additional information on Confluence, which may include crucial details about the scope of the task or testing instructions.
Then we start working on creating a test environment or investigating how to set up necessary test data for the future testing.
For that we use both Virtual Machines and mock connectors (that's what we call a computer with an antivirus) and mock events (that's what we call a malware).
Unfortunately, I haven't had the chance to create these mock objects as of yet. However, I am optimistic that I will be able to do so in the future.
When the task is ready and goes to the “Ready for QA” column, we start our main game.
First of all it is manual testing. It can be either API or UI. For example it can be ensuring that our system can effectively detect and block threats. Or installing, updating, and performing system scans to check if our system is capable of detecting and blocking different types of malware and threats.
Also it could be testing of policy settings. Policy settings typically refer to a set of rules or guidelines that are established and enforced within an organization's network or systems.
These policies can cover a wide range of topics, including access control, data protection, network security, password management, and more. Policy settings can be configured at various levels, such as individual computers, servers, or network devices, to ensure that security measures are consistently applied across the organization.
It could be even as simple as making changes to the user interface that do not require any specialized knowledge in the field of security.
If some bugs are found we create a bug report. Here we try to add as much as possible Information about the issue with screenshots and links to bug tracking system.
If no bugs are found we write automated tests for the feature. It is my favorite part to be honest. Sometimes I start doing it even when the feature is not ready yet. It is harder but more exciting for me.
When automation tests are ready we add them on Jenkins. It runs every day which allows us to quickly identify any issues or bugs in the code, and ensure that any changes to the codebase made by developers do not break the existing functionality of the project.
Before every release we have a regression testing session. I can’t say that I like this part of my job but I understand the importance of it. The purpose is to ensure that the new code changes, bug fixes, or enhancements to the software do not introduce new errors or defects in previously tested functionality. Here we usually use Virtual Machines and real viruses or malware (for example Eicar).
After the release we always perform smoke testing of the new features on production. I believe I have described my entire workflow.
I take great pleasure in the work that I do and feel a sense of satisfaction in contributing towards the security of both personal data belonging to individuals and data related to large-scale industrial projects. It makes me proud to be a part of this highly impactful and valuable domain.
Every quarter, our company holds a special event called a "Hackathon," during which we take a break from our regular work and try out new and exciting projects. Not all companies may have such an event, but I personally enjoy it a lot. Each team can choose an idea that is related to our project, but it must be something outside of our usual tasks, and we work together to bring it to life over a period of two days. We then demonstrate our work to our colleagues. During this time, I feel like a successful business woman who is improving her own company. For those two days, I am not just a QA. I get to try out different roles such as Business Analyst, Project Manager, Designer, or Developer. While we may not always succeed with our idea, we always succeed as a team.
To conclude, I'd like to encourage everyone to not be hesitant to explore new technologies and concepts, especially in the huge field of cybersecurity. With its wide range of opportunities, I am confident that everyone can discover their own niche within this domain.”
