Eighteen months, 19 modules, and 59 amazing contributors later, the MoT Software Testing Essentials Certification is complete! Looking back, my favourite part has been seeing so many community m...

During filming for Module 18 of the MoT Software Testing Essentials Certificate, Marie Cruz put a demo e-commerce site through its paces with a k6 Studio load test and managed to reveal a hidden we...

Layered architecture is modular, breaking the system into distinct areas, such as presentation, business logic, and data. Common in web applications.Client-Server architecture essentially has two main components, requests and provide. These can also be used for simple web applications, such as emails or network applications.Event-driven architecture sounds as it seems. Communication between components is driven by events. The system reacts to state changes, inputs and actions. These are useful for notification and alert systems.Microservices are an architectural model that consists of many small components or services. Often seen in platforms that need different services running like user accounts, order processing and product catalogues.

Manish Saini shares a wonderful analogy in STEC Module 16, Lesson 1: What is technical testing?

Risk analysis is the process of identifying, evaluating, and prioritising these risks based on their likelihood of occurrence and their potential impact on the project. Effective risk analysis allows teams to focus resources where they’re needed most.

Think of a code review like having an editor check your writing. Before code gets added to a project, other developers examine it to spot potential problems, suggest improvements, and ensure it follows the team's standards. It's a collaborative process that helps maintain code quality and share knowledge across the team. What do developers look for during code reviews? When reviewing code, developers wear several hats. They check if the code solves the problem effectively, look for potential bugs or security issues, and consider how easy it will be to maintain in the future. They might ask questions like "Could this be simpler?" or "What happens if this fails?" Sometimes they also catch subtle issues that automated tools might miss. How do code reviews happen in practice? Most teams use a pull request workflow. A developer finishes their changes and creates a pull request, which is like raising their hand to say "I'm ready for review." Other team members then look at the changes, leave comments, and either approve the code or request changes. Tools like GitHub make this process smooth by showing exactly what changed and allowing inline comments. What makes a good code review? The best code reviews are constructive and timely. Reviewers focus on important issues rather than nitpicking, explain the reasoning behind their suggestions, and maintain a respectful tone. Meanwhile, the developer receiving the review stays open to feedback and uses it as a learning opportunity. It's not about finding fault - it's about making the code better together.

SQL injection is one of those sneaky security problems that can cause serious damage if overlooked. Imagine someone finding a way to slip unauthorized commands into your database through everyday features like login forms or search boxes. Instead of just entering their username, they might add extra database commands that could leak sensitive data or mess with your database. It's like someone turning a simple question into a harmful command. Fortunately, preventing SQL injection isn't rocket science - developers can use techniques like prepared statements (which separate code from user input) or input validation (which checks if user input looks suspicious). It's one of those security basics that every developer should know about, kind of like remembering to lock your front door before leaving home.

What is a version control system?Think of a version control system like a time machine for your code. It keeps track of every change you make, letting you see what the code looked like at any point in its history. Just as you might save different versions of an important document, developers use version control to save snapshots of their code. How do developers use version control in their daily work?When developers want to add new features or fix bugs, they create a separate branch - like a parallel universe where they can experiment without affecting the main code. Once they're happy with their changes, they merge their work back into the main branch. This way, multiple developers can work on different features simultaneously without stepping on each other's toes. Which version control systems do developers commonly use?Git has become the industry standard, largely due to its flexibility and powerful features. While older systems like SVN required constant connection to a central server, Git lets developers work offline and sync their changes later. Platforms like GitHub have made Git even more popular by adding features for code sharing and collaboration.

APIs (Application Programming Interfaces) are a set of rules and protocols that allow different software applications to communicate with each other. Think of APIs as the language different software programs use to talk to each other. Just like we have rules for human communication, APIs have specific rules for how programs should ask for information and respond to requests. There are several common approaches like REST and GraphQL that developers can choose from, each with its own way of handling these conversations.  What is API testing?  API testing checks if the connections between software systems work correctly. While regular testing looks at what users see on screen, API testing focuses on the behind-the-scenes communication between applications. It's like making sure two people speaking different languages can still understand each other perfectly through a translator.  What does API testing actually check for? API testing examines several key areas: Does the API handle requests and send back responses correctly? What happens when something goes wrong - does it fail gracefully? Can the API handle lots of requests without breaking? Is sensitive data being protected properly? Does the data stay accurate as it moves between systems? What tools do developers use for API testing? Developers have several popular tools in their API testing toolkit. Postman lets them easily send requests and check responses. RestAssured is great for Java-based testing, while pytest works well for Python projects. These tools help automate the testing process and make it more reliable. What are the challenges with API testing? Testing APIs comes with its own set of hurdles. Getting test data that matches real-world scenarios can be tricky. APIs often connect to multiple systems, so setting up test environments gets complicated. Plus, as APIs evolve, keeping tests up-to-date requires constant attention. Security testing is particularly challenging since new vulnerabilities emerge regularly. Why is API testing important? In today's connected world, most software relies heavily on APIs to function. If an API fails, it can bring down entire systems and affect thousands of users. API testing helps catch problems before they reach users, ensures systems can talk to each other reliably and maintains data integrity across applications.

Strengthen your test automation strategy by shifting tests closer to the code for greater reliability and maintainability

New collection

Technical testing is the practice of examining software systems from their foundational elements to their complex interactions, using tools and knowledge to verify functionality, performance, and reliability at multiple levels. Whether you're inspecting network logs, analysing database queries, or investigating responses from application programming interfaces (APIs), technical testing helps you maintain quality through a thorough understanding of the system.