Benchmarking

Strategy

Load/stress tests  

It's about the app performance, we will apply a set of tools to start a huge load targeting many API links, we will check the app stability and robustness.

 

Tools to be used:

  • hey
  • wrk 
  • locust 
  • siege

SAST

We will apply static analysis security tests to check for potential security flaws on the base code.

 

Tools to be used:

  • Nodejsscan
  • Sonarqube

Server Configs

Validating reverse proxy configuration for any miss-configuration, add security headers, and forbidden access to any automated attack tool.

Tools to be used:

  • Gixy : validation
  • Nginx internal security config

What's next ?

Don't repeat the same task every time, do it once, then automate it!

 

Automated, generic, and reliable CI/CD with suitable tests and deployment strategy to enhance team velocity and productivity.

Thanks

Benshmarking strategy

By hatem ben tayeb

Benshmarking strategy

  • 249