Vittalkumar Mirajkar, Narayan Naik, Rakesh Mallinapalli – McAfee
Software security infrastructure requires daily critical updates to help protect against emerging security challenges.
Albeit, releasing a timely security update is extremely critical, thorough testing prior to the release, forms an integral part of the release cycle to avoid false positives. This high confidence testing demands a test framework that is machine-driven and can continuously test and release security updates within a limited time window.
The test framework to certify the update should be capable of executing tests on 100’s of machines, with varying versions of security software, supporting all possible OS versions.
The entire exercise of initiating machine-driven testing to automated result compilation and analysis needs to completed within a stipulated time frame for release readiness.
Keeping such a mission-critical, high availability environment operational and triggering tests for validation followed by a quick turnaround of the large result analysis to certify release readiness, is a continuous complex firefighting exercise.
Through this paper, we present a case study on how we have built an intuitive, highly available framework, developed customized tools that help monitor the test infrastructure, maintained redundancy, the automated trigger of update tests followed by result analysis for release readiness. This test framework has enabled us to cater to the demanding nature of releasing security updates on a daily basis to help protect against the emerging threat landscape.