In a world where technology and software play a critical role in business success, ensuring that we deliver software with the greatest quality is more important than ever.

This bog post offers a behind-the-scenes look at the rigorous processes we follow to deliver software that is reliable, secure, resilient, performant and built to last. If you want to understand how we consistently deliver top-tier software, this is a read for you!

What is Tridion Docs?

Tridion Docs is an enterprise-scale content platform that plays a crucial role in creating, reviewing, translating, and delivering global product information. The solution increases organizational productivity with an easy-to use browser-based authoring interface, promoting content reuse, improving information governance, and automating publishing.

As a result, Tridion Docs empowers organizations to manage complex content efficiently, enhance collaboration, and deliver high-quality documentation across multiple channels.

Tridion Docs is trusted by the world’s largest enterprises to manage their documentation. RWS Holdings plc works with over 80% of the world’s top 100 brands, and more than three-quarters of Fortune’s 20 ‘Most Admired Companies’.

Built-in Quality

As we serve our esteemed customers, it is our responsibility to deliver products of the greatest quality in the industry.

Therefore, built-in quality is essential as it ensures that quality is integrated into every phase of the development process rather than being an afterthought. This proactive approach helps prevent defects early, reduces rework, and enhances the reliability of the product.

In general, the development team applies a shift-left quality approach to catch defects early in the development process, reducing costly fixes later on. By embedding quality practices from the start, teams can deliver more consistent, high-performing software and meet customer expectations more effectively.

In my post, I will touch on some of our testing activities and will reflect on some achievements in the field of Quality Assurance.

Functional testing

Functional testing is a crucial aspect of software quality assurance that ensures your application works exactly as it’s supposed to. It focuses on verifying that every feature and function of the software operates according to the specified requirements. By simulating real-world user scenarios, functional testing helps identify any gaps or defects in the system, ensuring the software delivers the right results and performs reliably under expected conditions. Simply put, it’s all about making sure your software does what it says it does.

• Automated Unit testing serves as the foundation, ensuring that individual components work as intended across major and minor releases. The development team consistently maintains a high unit test coverage and designed the automated build process in such a way that these are executed every time a build is triggered.

• Automated API testing validates the functionality, reliability, and security of Tridion Docs’ APIs for any real-world scenario. This ensures seamless communication between different system components. Our QA team evaluates requirements and develops automated API tests with the necessary level of coverage.

• Automated UI testing - It is crucial to recognize that our user interfaces — such as Draft Space, Review Space, and Organize Space — requires extensive testing. We rely on thousands of these tests and execute over nine thousand automated test runs during a release.
• Automated client tools testing - Additionally, we must not forget about test automation for our desktop clients. These desktop applications serve various purposes within Tridion Docs.

• Manual testing plays a crucial role because the human eye excels at validating aspects that automation might miss. Every team member using Tridion Docs participates in some form of manual or exploratory testing, all with the aim of continuously improving our product.

Non-Functional testing

Non-functional testing is key because it evaluates how well a software application performs under various conditions, ensuring it is not only functional, but also reliable, scalable, and efficient. Therefore, Tridion Docs also undergoes extensive non-functional testing as well.

• Performance testing evaluates system responsiveness, throughput, and resource utilization. It helps identify bottlenecks and optimize performance. For every component which affects performance and user experience we perform testing using different tools and approaches that depend on the nature of tested components.

• Scalability testing assesses how well Tridion Docs can manage increased loads. It ensures the system can accommodate growth without compromising performance. Using our SaaS deployments, we check how the system behaves depending on allocated resources. Scalability testing is an integral part of our performance assurance strategy.

• Installation testing validates the installation and configuration process of Tridion Docs on different environments. It ensures smooth deployment. All installation and update procedures are thoroughly tested each time we release a new version of the product.

Security testing

Security testing is paramount for any software product these days. It ensures that vulnerabilities in software are identified and addressed before attackers can exploit them, protecting both businesses and users from data breaches, financial loss, and reputational damage.

In Tridion Docs, security testing includes:

• Penetration testing identifies vulnerabilities by simulating real-world attacks. It helps uncover weaknesses in the system’s defenses. We regularly use independent security specialists to conduct penetration tests for Tridion Docs.

• Automated vulnerability scanning tools continuously monitor for security flaws. Regular scans ensure timely detection and remediation. We conduct regular scans of our product using an industry-grade security scanner from AppCheck Ltd. We analyze every issue found by these vulnerability scans and apply measures to keep our software secure.

• Static Code Analysis to review our source code for security vulnerabilities. They identify potential issues before deployment. For Static Code Analysis and Software composition analysis (see below), we use the Veracode platform. Tridion Docs product is certified by Veracode (https://www.veracode.com/verified/directory/rws-group) which implies that we have a proven AppSec program implemented. Static code analysis is an integral part of our nightly build.

• Software Composition Analysis detect open-source components with known vulnerabilities. Keeping dependencies up to date is crucial for security. We regularly check our libraries using Veracode. This enables us to control the security of third-party libraries used in Tridion Docs.

As a result of our security testing practices, we regularly provide proactive security updates for our product.

Conclusion

With a culture of continuous learning, we constantly strive to improve our procedures and processes to make Tridion Docs even better.

We are adopting cutting-edge development practices and ensure rigorous quality standards, and this sets us apart as the best product in the industry.