QA DevOps

Trend 15 – Using advanced technologies for automated and autonomous testing

Hyperautomation (using AI to drive decision making) is emerging as a leading strategic technology trend that integrates robotic process automation (RPA), AI/ML, intelligent business management software and other emerging technologies to increase automation levels in enterprises. This trend is influencing software test automation evolution as different tools, frameworks and custom-developed solutions continue to help increase automation penetration and efficiency.

The test automation evolution began when user interface, API and database layers were automated using open-source tools such as Selenium and Appium. With the accelerated adoption of an agile culture, a digital business and DevOps, technologies such as AI/ML capabilities, zero-touch automation pipelines and self-healing automation scripts have made testing smarter. As a result, teams have optimized their automation strategies to adapt faster and operate more effectively.

In the test automation domain, we see enterprises use hyperautomation to improve both the cycle time and the test automation process, as well as validate other processes that have been automated using hyperautomation tools. Hyperautomation technologies are raising test automation’s maturity level through RPA tools like UiPath, Appian and Automation Anywhere, LCNC tools like Tricentis and Katalon and AI, ML and NLP advances and autonomous testing tools like AutonomIQ.

Infosys partnered with a leading health domain firm to adopt an AI-led cognitive automation solution called Intelligent Automation, which combines the best automation approaches with AI to deliver superior results. The solution’s focus is threedimensional: eliminate test coverage overlaps, optimize efforts with more predictable testing and move from defect detection to defect prevention.

QA DevOps

Trend 16: Maturing security integration in DevSecOps to real-time, automated remediation of vulnerabilities

DevSecOps introduced security earlier in the SDLC, expanding collaboration between development and operations teams in DevOps to include security teams. Security testing tools were introduced but were not integrated with continuous testing pipelines. It evolved into a shared responsibility, where everyone had to play a role in building security into the DevOps CI/CD workflow. Later, DevSecOps integrated application security testing (AST) tools into the CI/CD process. SAST tools (e.g., Micro Focus Fortify) were used to identify coding errors and design flaws leading to exploitable weaknesses; DAST tools (e.g., Micro Focus WebInspect) helped automate black box security testing to mimic how a hacker interacts with a web application or API and, finally, SCA tools (e.g., Black Duck) were implemented to identify known vulnerabilities in open-source and third-party components. These integrations within the CI/CD pipeline accelerated the identification and remediation of security vulnerabilities earlier in the cycle.

The trend has matured further by implementing AI/ ML for security defense and risk prediction, as well as automated vulnerability assessment and management. AST tools now include two additional tools: IAST to detect runtime vulnerabilities and provide detailed insights to developers and RASP to identify threats and support self-protection.

A high-tech company in the U.S. built an AIbased threat intel database to suppress false positives by partnering with Infosys. This has resulted in a 25% faster time to market, 100% code coverage and OSS components, and a 50% reduction in common vulnerabilities.

Subscribe

To keep yourself updated on the latest technology and industry trends subscribe to the Infosys Knowledge Institute’s publications

Infosys TechCompass