Others

Security Testing

With the onset of the digital age, a few clicks have replaced many day to day activities -like going to a bank for transferring funds or going to a store to buy a dress or going to a cinema hall to buy tickets for your favorite blockbuster movie. All these can now be accomplished with a single click on a plethora of devices.

To stay in the game, businesses have to move into the digital world. With this arises the need to make sure that their web applications, e-commerce sites, banking applications are safe, secure and not vulnerable to being attacked by hackers friendly or otherwise.

Security testing plays a key role here; by helping an organization to identify vulnerabilities to any kind of security attacks. Thereafter corrective measures can be taken to address the gaps in security. Security testing is a type of testing to check whether an information system protects data from outsiders, unwanted intruders and maintains functionality as it was intended. Basic aspects that a system must comply and adhere to are:

  • Authentication: Only valid users are allowed to enter/log in the system.
  • Authorization: Only valid users are able to access the content or information they are trying to access.

For example – In a company; employee, manager, the administrator will have different access rights based on their role.

  • Availability: The software application should always be running so that information and services are available whenever needed.
  • Confidentiality: Here information and services are only shown when requested and that too only to the intended users.For example, employees financial information will be available only to the concerned finance team/head not everyone.
  • Integrity: This means that information is right and up to date.In Security Testing the Tester must design tests to cover all the above-mentioned aspects.

Types of Security Testing

  • Vulnerability scanning: Here the entire system under test is scanned to find loopholes and vulnerable signatures.
  • Penetration testing: Here the tester has to think like a hacker to destroy the system and is a sort of simulated hacker attack on the system from the outside
  • Ethical hacking: Attacking the system from within to find out security flaws is Ethical hacking.

Process Steps

  • Risk assessment: All the above tests are conducted and the flaws and vulnerabilities are identified. These risks are then classified as High, Medium and Low depending on certain aspects.
  • Fix the Issues: The issues are studied in detail and then fixed by the development team with high-Risk items given a higher priority.
  • Security Review: The entire cycle of testing and assessment is repeated. The frequency is determined by the organization based on the type of business and their perceived vulnerability to attacks. There is also a periodic review to check whether the security standards have been implemented properly. With the increased sophistication of hacker attacks, it is essential that security standards are upgraded to deal with the latest threats.

What do Security Testers need to test?

Some very basic guidelines in ensuring whether an application is secured or not are:

  • Passwords are always in encrypted form.
  • Browser back-forward buttons do not break the secure login process.
  • An unauthorized user is not able to access pages he is not authorized for. Sessions should time out after a specific time when a user is not active.
  • Invalid content should not get uploaded and should be disallowed.
  • Test with random data which is included in requests.
  • Test using random data which is included as parameters.
  • Test using encoded random data included as parameters.

Website Security Testing tools in the market:

There are a variety of security testing tools available in the market. A few of these are listed as below:

  • Vega
  • ZAP (ZED Attack Proxy)
  • Wapiti
  • BeEF (Browser Exploitation Framework)
  • Google Nogotofail
  • NTOSpider
  • Brakeman
  • SiteDigger
  • NMap (Network Mapper)
  • OWASP (Open Web Application Security Project)

Security testing must be started at an early stage to minimize defects and costs of maintaining the quality. It is a good practice to understand the security requirements for an application at the time of requirement gathering, this ensures that quality and security of the end product will be appropriate to the business need.

Security should be an integral part of the software application and is an important factor in winning customers trust and confidence.

MetaSys Software offers web application development using secured and robust technologies like.NET, PHP MySQL and/or FileMaker. If you are looking for any consultation on these technologies? Then please feel free to contact us.

 

 

Microsoft Technologies

Introducing Visual Studio Mobile Center

Microsoft has recently launched ‘Visual Studio Mobile Center’ for the developer community.  The purpose is to help in building and managing mobile apps through a set of cloud services. The Mobile Center supports applications built on several frameworks. It supports apps written in Swift, Java, Xamarin, React Native and Objective –C. The platform is currently in its “preview” period and a roadmap is in place to further build out services to be offered.

Today developers are expected to go beyond conventional approach to app building and their prime focus is on providing mobile users a Unique experience. Developers need a platform where they can continuously build, test, deliver and monitor as fast as possible. Mobile Center, can reduce the time spent on creating a workflow by using the services provided by Mobile Center. It will allow the developers to concentrate on the primary task of creating a good app.

Some of the features in VS Mobile Center are:

  • Build apps automatically with pull request
  • Test apps on thousands of different mobile devices through the embedded automated UI tests
  • Distribute and passing builds to Beta testers
  • Monitor crashes and bugs for immediate diagnostics
  • Mobile analytics feature gives detailed insights on mobile usage and behavior
  • Apps written in any language can be brought into VS Mobile Center’s cloud and lifecycle services

The developers have a choice to work on end-to-end workflow provided by the VS Mobile Center or can choose to avail only a subset of the services.

VS Mobile Center is expected to evolve further with integration with new and existing HockeyApp and Test cloud apps. In addition to that, the future versions of VS Mobile Center will support Cordova and Universal Windows platform. Advanced services such as push notifications and advanced analytics will also be a part of the future versions. Currently, it supports only lifecycle features like building, testing, crashing, Beta distribution and analytics. In Cloud features support authentication, easy tables and offline sync. To gain access to the  VS Mobile Center, you can request an invitation and then sign in using your existing HockeyApp credentials or use your GitHub account or Microsoft account.

At MetaSys Software we offer custom development using  ASP.Net, SQL Server, Telerik controls and Iron speed. We also have a strong team of Certified FileMaker Developers with experience in PHP & FileMaker solutions, FM Go as well as in building iOS apps.

 

 

 

Others

Agile Testing

Agile testing is a software testing process that follows the Agile methodology and the Scrum framework.

Agile methodology is a lightweight and effective development method.  Scrum is a Framework that supports it.  The main focus is on quick response to the customer requests or wish lists and an iterative method for application development and testing. Work is completed and reviewed in a set period of time which is called as ‘Sprint’. All iterations are of the same duration. At the end of each iteration, a working feature of the product is delivered to the customer.

How agile methodology in software development works:

  1. All requirements are in the form of a feature list and are added to the Product Backlog. The feature list is described in the form of a user story.
  2. The backlog list is prioritized and each user story is estimated.
  3. Based on the team size, sprint duration and complexity of the user story, a set of features is selected for each Sprint.
  4. Individual tasks are distributed among developers involved in the sprint.
  5. Development and Testing are carried out for all features selected in the sprint.
  6. A daily scrum meeting is conducted by the scrum master whose job it is to keep the team focused on the goal. Active participation from each individual of the scrum team is required. The meeting agenda is restricted to what was done yesterday and what you plan to do today and whether there are any known obstacles or risks.
  7. At the end of the sprint, a working feature of the product is delivered to the customer and immediate feedback from the customer is captured.

The role of Agile Testing Team:

  • In Agile testing, testing starts as soon as sprint development is done. The customer or product owner is involved with the progress of the software development. The whole team approach is to deliver a set of features which meets the customers’ current needs. The entire team works at the same workplace to allow for active collaboration. Throughout the sprint, the tester closely works with every team member and product owner to ensure better product quality and functioning. Team Interaction and active participation of each individual play an important role in Agile testing.

Why should one follow Agile testing methodology?

  • Testing starts at an early stage in the software development and features are tested within each Sprint improving quality of the product.
  • Defects are identified and either handled within the same sprint or added to the product backlog –to be taken care of by developers in the upcoming iterations while working on similar/relevant features.
  • Since defects are identified early in the development process, it reduces defect cost
  • Regular customer feedback increases the morale of the team and helps in improving the quality of the upcoming sprint work.
  • Priority features can be delivered early so that the customer does not have to wait too long. Low priority tasks can be completed later on. There is a flexibility to change scope/story points of the sprint based on the changes in customer requirements.
  • More focus on working software and Less focus on documentation.

MetaSys Software is a software services company with offices in Mumbai, India and Toronto Canada. Our team has experience in different development methodologies but we mainly prefer the agile approach to delivery. For more details on our products and services please free to contact us.

FileMaker

MetaBiz – A FileMaker based Custom App

Small and Medium Businesses have to deal with the several challenges

How to automate repetitive processes and become more efficient?

How to have the overall picture and know what needs attention and when?

How do we grow the business?

How to have all customer contact information distributed among employees in one place?

How do we keep track of all customer initiatives?
How can we grow revenue per customer? Grow revenue per employee?

Workflow Management Software and CRM Software helps to manage these. There are several products available. The challenge is that while packaged software is affordable they are expensive to customize. The average Small business finds development of customized software expensive and time-consuming.

If you are struggling with these issues MetaBiz offers a very cost effective easy to customize the solutions.

‘MetaBiz’ a Multi-platform business management software has all the core functionalities required by small and medium businesses. It can be quickly customized to suit different business processes! MetaBiz is a business & workflow management software built using FileMaker Pro making it highly accessible across multiple devices like desktop, iPad, and iPhone. Web access is possible as much as is natively supported by the WebDirect feature within FileMaker.

Some of the business processes where MetaBiz can add value:

  1. Contact Management- This module offers more than just contact information. MetaBiz offers a solution through which you can organize all the details about a particular lead like contact details, communication History, invoices, project details, action details etc.
  2. Inventory planning and management – Entrepreneurs should have a deep understanding of demand and supply equation across all products. A business software can help in lowering costs, prevent errors in demand and supply of stock and speed up fulfilling client orders. MetaBiz can play an important role here. The software stores product catalog along with specifications and pricing details in the system. The inventory log gets automatically updated whenever an invoice is generated. This helps in proper inventory planning and management.
  3. Workflow Management – MetaBiz lets you streamline your workflow processes by setting up multiple actions. You can create alert for those who need to take a particular action, prioritize actions and mark them completed when it’s done, set deadlines and keep the process moving as per the timeline. This helps in effective workflow management. You can also view the ‘Actions’ in the calendar by checking on ‘Show on calendar’ settings.
  4. Business analytics – A business needs to take sound commercial decisions by effectively interpreting the available data to provide actionable insights. MetaBiz just does that. It helps in determining accurate project cost on the basis of billable hours and product costs.  Predefined reports based on timesheet, invoices, and actions can be generated to get a detailed perspective. Also, invoices within a specific date range can be accessed easily. Additional reports can be created as needed.
  5. User & Application Management – User management is important for setting up a secure system. MetaBiz User management system offers much more than just security. The software allows the Administrator to manage users and user roles, track their timesheets, set up and manage Company Info, Company logo, currency, Invoice templates and much more.
  6. Mail management – MetaBiz can be configured to send mails via Email Client or SMTP server or Outlook account. The Outlook Manipulator plugin in the software allows all the Outlook data – Mails, contacts, calendar to be accessed from within the application. All critical client related information is available at one place and not residing in individual mailboxes. Data resides centrally and accessible to authenticated users of the system. This is an Add-On feature offered by MetaBiz.

 

MetaBiz can be customized according to the business requirement of the client. For more information get in touch with us or download the trial version.

 

 

 

FileMaker

How FileMaker 15 is transforming the business of building custom apps?

FileMaker provides custom apps across devices and platforms like iPad, iPhone, Windows, Mac and the web. The latest version of FileMaker has got enhanced features in terms of mobility, security, automation, ease of use and performance. These new features are simplifying the development of custom apps which can work across different platforms.

FileMaker’s core idea is to facilitate developers to create custom apps that are required by small and medium businesses. To help this FileMaker provides an extensive array of readymade templates. This reduces time to get started with the development and leaves more time to work on a more complex design and development. The enhanced features in FileMaker 15 will transform the business of building custom apps.

FileMaker Pro 15 is carrying forward the direction of the company to increase mobility with the help of some enhanced features. Some of these are:

·  An additional security feature i.e. the Concealed Box will help users to be more careful with the content. The Concealed Edit Box feature does not reveal the content typed in the field to the onlookers as they just see some dots.

·  Solutions which are frequently used can be added to the Quick Actions thus enabling a quicker way to access FileMaker solution.

·   The Portal In-Line Progress Bar, one of FileMaker 15’s new performance-based features, brings with it the separation of a layout’s non-portal and portal rendering tasks. This means users are no longer forced to wait for cumbersome portals to load before being able to interact with a window’s content.

· FileMaker Pro 15 sends notifications for any kind of software updates. One can easily download and install the update within FileMaker Pro 15. This was not possible in the earlier version.

·  A Lot of improvements have been made in the Script Workspace. Script Errors are highlighted in red colour. So one can rectify the scripts immediately. There is an Unlimited Undo option which will give the users more freedom in creating something new and unique.

New features introduced in FileMaker Go 15 will give rich user experience for iOS users. Some of them are as follows:

·  Touch ID adds an extra layer of security to the existing features in your application. This will allow the users to login into the application using the fingerprint. For phones without the Touch ID sensors, there will be a device passcode.

·  The FileMaker app can be integrated with iBeacons. FileMaker Go 15 can associate data like text, image, video etc.  to the specific locations where iBeacons are present.

Your custom app can be further extended/linked to web using FileMaker/PHP API thus providing more opportunities.

MetaSys has a dedicated team of FileMaker developers, with experience in FileMaker 15. In case you have any queries related to FileMaker or looking for a quick solution catering to your business feel free to contact us.

FileMaker

3 things you need to know about FileMaker’s new initiative for small businesses

The FileMaker platform offers some key advantages for small businesses looking to go digital. Many small businesses are turning to FileMaker for building custom apps to replace their manual processes.  We highlight below why FileMaker is increasingly becoming a Preferred Option for small and even medium-sized enterprises

  • FileMaker offers a Small Business Service Toolkit to its customers at no extra cost. As a part of the toolkit, FileMaker offers an eBook – “How to Transform Your Service Business”.It addresses the common business issues faced by small businesses and how to overcome them by building custom apps. It also has case studies covering real business issues faced by small companies and how they overcame their challenges
  • FileMaker provides a Starter App along with the Toolkit. The app is compatible with FileMaker 15 platform. It has all the basic functionalities to help small businesses in addressing common business processes like resource scheduling, inventory management etc. The app is designed by a member of the FileMaker Business Alliance Platinum Partner. It is accompanied by a webinar which addresses issues faced by small businesses when it comes to inventory planning and management and invoice generation.
  • An extended support in the form of ‘Idea to iPad’ Bundle is also available. Annual licenses of FileMaker Pro Advanced and FileMaker Server are offered as a bundle to create and deploy custom apps. It includes 10 hours of consultation with a Customer Success Manager and FileMaker Business Alliance professional developer. The personal one-on-one interaction helps the developer understand your business and advise a solution appropriate for your situation.

This customer centric approach has proved to help small businesses in digitizing their business using FileMaker. Furthermore, one can start with one module or one process and add modules to meet the growing needs of the business.  Businesses and employees quickly see concrete returns on their investment. The platform also allows you to tweak and fine tune your processes over time. Metasys Software has over 12 years of experience with a team of Certified FileMaker Developers and huge experience in client server as well as web application development using FileMaker PHP API. If you are looking for a quick solution or have queries related to FileMaker feel free to contact us.

 

Microsoft Technologies

.NET evolution

Microsoft began developing the dot net framework in the 1990’s and launched the first beta version in 2000. Since then, there has been no looking back. Almost 12 versions of.Net framework have been launched till now. Organizations which are looking for enterprise software solutions rely upon.NET framework. Recently, Microsoft celebrated the completion of 15 years since.NET was introduced.

Initially, dot net was known as NGWS (Next Generation Windows Services). Since 2000, different versions of this technology were launched, the latest being version 4.6.2. This latest version was launched just last year in the month of August. Each version carries betas, and service packs so as to provide more value to the users. In the entire 15 years, developers experienced an object oriented programming environment and freedom to develop desktop as well as web applications. Many of the languages that run on.NET framework are simple, secure and object oriented.

Over the past 15 years, this technology has evolved to fulfill the requirements of a dynamic online environment. The ASP.NET framework has helped in building many dynamic websites and applications catering to different industry verticals. Complex applications such as hotel reservation system, a billing system in shopping malls are built easily with the ASP.NET framework. It has enabled customized content building for users, thus increasing the relevancy factor of the web page. It has helped the users in accessing any data with ease. The .Net zone has now increased more than tenfold since it was launched.

The data below will give you a clear picture of where.NET technology stands today vis-à-vis some other players in the market. (Source: W3techs)

  1. As per a recent study, 15% of websites today use ASP.NET technology in which a whopping 80% are using version 4, followed by version 2.
  2. Java and ColdFusion are the most preferred technology for high traffic sites followed by ASP.NET.
  3. .Net domain names have got the wide presence. It is presently used in more than 200 countries.

We at MetaSys Software have a long history of experience with building.Net applications since last 15 years.Our expertise lies in different technological platforms such as.NET & ASP.NET Framework (2.0 – 4.5), JavaScript, Jquery, Microsoft SQL Server. If you wish to leverage ASP.Net development capability then please feel free to contact us.