The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families; extending beyond cybersecurity specialists.
Today’s agile testing teams must build and execute test cases in the earlier stages of the software delivery lifecycle, a strategy often referred to as "shifting left." Every sprint is critical, and the decisions made moving forward are lightning fast.
In order to facilitate the quick feedback process, testing teams must thoroughly validate their applications, end-to-end, in a very short timeframe.
To maximize this effort, testing teams can modernize their approach to testing, to get the best return on investment possible in the earliest stages possible. Focusing at the API layer of an application can help enable a scalable testing practice that can be efficiently executed as part of an accelerated delivery process, and is a practice that can be adopted and enabled at the earliest possible stages of development — truly shifting left functional testing.
But what about performance testing? How do we enable the shift left of nonfunctional testing? Here, we explore what this means and how to enable it in your organization.
What is Shift Left Performance Testing?
Shifting performance testing left means enabling developers and testers to conduct performance testing in the early stages of development cycles. Traditionally, performance testing is a task performed at the end of development cycles because it requires a set of specialized tools and skills, i.e. expensive hardware in dedicated environments by trained performance testing engineers. A shift-left performance testing strategy instead allows smaller, ad hoc performance tests to be performed by testers against individual components as they are developed.
To accomplish this, teams need to begin creating performance tests along with unit and functional tests, when functionality is implemented, and configure those performance tests to run automatically and report in a way that alerts to you to decreases in performance. To execute the tests automatically, performance test execution must be tightly integrated as a part of the CI/CD process, in which after each code check-in, performance tests are executed in local environments along with functional and unit tests.
Shifting left performance testing means getting developers more involved
This process enables organizations to understand the subtle impact of new components being added into the aggregate performance of their application, and ultimately enables the discovery of performance-related defects much earlier in the delivery lifecycle.
From a company culture perspective, shifting left performance testing means getting developers more involved. In most cases, development teams can make optimization enhancements within a day of discovering performance degradation, as opposed to waiting until the entire application is built.
How Does the Organization Make Shift Left Performance Happen?
First and foremost, you need well-established organizational buy-in. Addressing quality as a process and not as a reaction is essential to shifting performance testing left across the enterprise. The key players in this process are the product managers because performance testing and the associated development time come at a cost of implementation, which may slow down the development cycle. PM teams must understand why this process is taking place and understand that the value comes in reduced hot fixes and performance optimizations.
Next, defining SLAs at the component level in addition to the application level enables earlier-stage feedback, and helps developers understand the impact of code modification to the individual components they are developing. This granular performance testing makes it easier for stakeholders to learn where hotspots are occurring.
It’s important to migrate as much of your testing practice away from UI centric testing into automated tests such as API and database tests. These types of testing practices, aside from being more maintainable and scalable, can be immediately leveraged in performance testing, can pinpoint the root cause of performance issues, and are highly resilient to change.
Finally, organizations must integrate performance testing into the build process so that basic smoke test performance tests get executed upon code check-in, and a full set of performance tests are run nightly. To do this, you need to consider hardware. Automated performance tests do require more computing resources than functional tests do, so development teams need to be prepared for that. Reviewing whether the existing performance infrastructure fits the shift-left approach or requires modification (i.e cloud agents) would also be one of the key considerations in transitioning to performance test automation.
Developer and Tester Roles in Shift-Left Performance
Developers OWN the performance of their applications. Developers must create applications that are ready for performance testing by using microservices, REST/SOAP APIs, and modular design architectures such that individual pieces can be load tested as they are developed.
Testers can align their test cases to key workflows in the application so that they can be leveraged in the performance testing process. Focusing on the API layers of the application make this more resilient to change and manageable. Both teams consume reports that have fallen outside of the SLAs for the application to identify problem areas based on recent code check-in to help them identify which components need to be optimized.
Read Everything You Need to Shift-Left Performance Testing Across Your Organization - Part 2, outlining the tools needed to enable shift-left performance.
Industry News
CodeRabbit is now available on the Visual Studio Code editor.
The integration brings CodeRabbit’s AI code reviews directly into Cursor, Windsurf, and VS Code at the earliest stages of software development—inside the code editor itself—at no cost to the developers.
Chainguard announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source on SLSA L2 infrastructure.
Sysdig announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation.
Pegasystems unveiled Pega Predictable AI™ Agents that give enterprises extraordinary control and visibility as they design and deploy AI-optimized processes.
Kong announced the introduction of the Kong Event Gateway as a part of their unified API platform.
Azul and Moderne announced a technical partnership to help Java development teams identify, remove and refactor unused and dead code to improve productivity and dramatically accelerate modernization initiatives.
Parasoft has added Agentic AI capabilities to SOAtest, featuring API test planning and creation.
Zerve unveiled a multi-agent system engineered specifically for enterprise-grade data and AI development.
LambdaTest, a unified agentic AI and cloud engineering platform, has announced its partnership with MacStadium(link is external), the industry-leading private Mac cloud provider enabling enterprise macOS workloads, to accelerate its AI-native software testing by leveraging Apple Silicon.
Tricentis announced a new capability that injects Tricentis’ AI-driven testing intelligence into SAP’s integrated toolchain, part of RISE with SAP methodology.
Zencoder announced the launch of Zen Agents, delivering two innovations that transform AI-assisted development: a platform enabling teams to create and share custom agents organization-wide, and an open-source marketplace for community-contributed agents.
AWS announced the preview of the Amazon Q Developer integration in GitHub.
The OpenSearch Software Foundation, the vendor-neutral home for the OpenSearch Project, announced the general availability of OpenSearch 3.0.