Test from theTop


Choosing Testing Technology

Let's talk about choosing a testing technology stack.

Committing to the right technology can cause anxiety. Luckily, you can leverage your existing team's experience and skills to make the decision much more rational.

I've been down this road many times. Technology is always changing and the tools we use to build software are no exception. I can't tell you how many times some new testing application is announced and a team adopts it without discusion or weighing the pros and cons. I always try to advocate for a sober evaluation of it's merits, and then maybe a tipsy discussion at happy hour later if there's lingering doubts.

Testing software decisions are not so different from other technology choices.

Make the most of your existing team's skills. Get their feedback.

Once you have some prospective candidate platforms or applications in mind, you can narrow them down even further:

Official Product Support - Is the tool well documented? User reviews can be valuable here.

Community Support - Is there an active community using the tool? Leveraging the troubleshooting of the entire user base is often far more effective than official support channels. Open Source tools excel in this area, because they often lack official support options.

Maturity - How long has the tool been around? This will greatly effect support options and overall quality, user experience.

Will the tool be around next year? Maturity speaks to this somewhat. Does the vendor have a habit of decommissioning it's products? Google is famous for this. Smaller companies or Open Source projects with low contribution frequency are in danger of instability.

Vendor lock-in - If you're evaluating options, are you going to be stuck in a technology ecosystem you can't easily escape if needed? Microsoft is known for this type of tactic.

Company Mandate - Your organization might have made this decision for you already. This is especially true for standardized security testing. Check on it.

I'm intentionally maintaining a high level perspective for this topic, but the most important factors in your decision should be represented above.

Security testing is a deep complex issue.