This chapter will focus on testing and deployment of your application and the systems on which your application depends. This includes APIs, infrastructure, your database, etc.

The definition of “testing,” for this book, is to verify the quality, reliability, and security of software. It means checking that your software does everything that the client asked for and that the project requirement document listed, but also that it only does those things. Testing should also ensure that the confidentiality, integrity, and availability (CIA) of your system and its data are properly protected and maintained.

The definition of deployment for this book will mean “the actions taken to release your application to production.” This can mean right-click ➪ Publish, manually copying and pasting code to a server, creating formal run books to send to an operations team for execution, or creating an entire automated Continuous Integration/Continuous Delivery (CI/CD) system.

This chapter is not about how to become a penetration tester. Several high-quality books are dedicated to that topic; this is not one of them.

Testing Your Code

The code within your application is the written instructions that you send to the interpreter or compiler. This section will cover how to test these written instructions. This type of testing is sometimes called static testing because the code is not changing or running while you look at it; it's just text. The opposite of this is ...