7 observability best practices to improve visibility, performance

Copyright TechTarget - All rights reserved https://cyber.law.harvard.edu/rss/rss.html Techtarget Feed Generator en Mon, 27 Apr 2026 22:54:18 GMT https://www.techtarget.com/searchsoftwarequality editor@techtarget.com <p>Observability is the ability to understand what's happening across an IT platform by monitoring and analyzing its outputs. It enables operations staff to ask questions about what is happening -- and why -- so they can better enable root cause analysis of problems and speed up remediation actions.</p> <p>Rapid changes in AI are shifting the observability landscape in ways that can either help or hinder an organization. Other areas used within observability have also matured, changing the way tools should be implemented and used to help provide a continuously optimized platform.</p> <p>The use of observability means there's no real need for a highly granular knowledge of the underlying physical platform, which is useful with today's highly virtualized hybrid private and public systems.</p> <p>There are several areas that should be covered to ensure trustworthy outputs.</p> <section class="section main-article-chapter" data-menu-title="1. Know your platform"> <h2 class="section-title"><i class="icon" data-icon="1"></i>1. Know your platform</h2> <p>This goes against the idea that observability doesn't require granular knowledge of the physical platform, but without baseline knowledge, it's difficult to identify all possible data feed sources. As such, a <a href="https://www.techtarget.com/searchbusinessanalytics/tip/10-top-data-discovery-tools-for-insights-and-visualizations">discovery engine is required</a> to carry out an audit of the platform. AI has made this far easier: Discovery engines can now find out what is out there in addition to maintaining records of dependencies in real time. This then creates the basis for a more automated AIOps environment.</p> <p>Bear in mind that a modern IT platform is likely to be a mixed, physical and virtualized environment. Ensure the chosen observability tools can handle all environments they are likely to encounter. The goal is to create a baseline view of what is already there while ensuring it's always kept up to date.</p> </section> <section class="section main-article-chapter" data-menu-title="2. Ensure applications are properly instrumented"> <h2 class="section-title"><i class="icon" data-icon="1"></i>2. Ensure applications are properly instrumented</h2> <p>Without data, observability will fail to deliver the benefits an organization seeks. Although most platforms are awash with data, operations teams must ensure developers code applications for observability, making <a href="https://www.techtarget.com/searchitoperations/tip/The-3-pillars-of-observability-Logs-metrics-and-traces">traces, metrics and logs</a> available. Similarly, operations staff must enable data tracing -- e.g., via Simple Network Management Protocol -- in off-the-shelf systems.</p> <p>The aim here must be to ensure full collaboration between development and operations via a fully functioning DevOps team that ensures the required data is available to an observability capability based on AIOps.</p> </section> <section class="section main-article-chapter" data-menu-title="3. Automate data collection and processing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>3. Automate data collection and processing</h2> <p>Platforms generate a lot of data -- in most cases, far too much. In the past, this required the platform to filter data in the background, which often prevented it from performing other actions in real time. However, <a href="https://www.techtarget.com/searchitoperations/podcast/OpenTelemetry-adapts-to-AI-observability">OpenTelemetry is now available</a>, providing a standardized collector that's abstracted from the underlying environment, enabling changes without requiring changes to the collector itself.</p> <p>The key is to maintain a fully standardized, transparent and effortless means of collecting data, helping staff to focus on what they should be doing: delivering business value.</p> </section> <section class="section main-article-chapter" data-menu-title="4. Data analysis tools should fit the purpose"> <h2 class="section-title"><i class="icon" data-icon="1"></i>4. Data analysis tools should fit the purpose</h2> <p>Analysis tools that don't identify key areas, such as early-stage problems or zero-day attacks on the platform, won't provide the peace of mind that an effective observability system offers. This is where AI can help, though false positives and potential negative effects must be monitored.</p> <p>AI can ensure rapid responses to perceived problems, but it can also react against what it perceives as an unknown threat when the event isn't a real threat. Organizations might find that <a href="https://www.techtarget.com/searchdisasterrecovery/tip/Assess-and-manage-the-risks-of-using-AI-for-business">AI triggers need to be weighted</a>, with low-confidence triggers passed to a human sys admin for verification before any remedial actions are enacted.</p> <p>This might require an iteration in tooling and AI rules. If it becomes apparent that a tool is creating bottlenecks in the operations environment, swap it out. If an AI rule is causing problems, remove or replace it as quickly as possible to ensure the desired and correct outcomes.</p> </section> <section class="section main-article-chapter" data-menu-title="5. Report in the right manner to the right people"> <h2 class="section-title"><i class="icon" data-icon="1"></i>5. Report in the right manner to the right people</h2> <p>Observability shouldn't be seen as a tool only for sys admins or <a href="https://www.techtarget.com/searchitoperations/feature/Know-the-key-DevOps-roles-and-responsibilities-for-team-success">DevOps practitioners</a> but rather as a means of breaching the chasm between IT and the business by reporting what it sees and advising on what needs to be done.</p> <p>Reporting should inform IT professionals in real time about the problems present and the automated remediation steps taken, while also providing trend analysis and business impact reporting that can be understood by line-of-business personnel.</p> <p>Observability must provide value to both technical and business staff; the two environments are fundamentally intertwined and must work from the same data.</p> </section> <section class="section main-article-chapter" data-menu-title="6. Use automated remediation systems wherever possible"> <h2 class="section-title"><i class="icon" data-icon="1"></i>6. Use automated remediation systems wherever possible</h2> <p>An observability tool often will identify relatively low-level issues. AI, <a href="https://www.techtarget.com/searchitoperations/tip/Tasks-to-automate-today-to-streamline-IT-operations">in conjunction with simple automation</a>, can automatically fix certain issues, such as patching or updating systems or identifying workloads that require extra resources. Human intervention should be minimized wherever possible, focusing only on high-impact exceptions.</p> <p>The key is to avoid human interactions wherever possible, as humans are a key source of errors. However, humans are still better than many AI systems at identifying one-off or highly complex issues; this is where their skills should be utilized.</p> </section> <section class="section main-article-chapter" data-menu-title="7. Feedback loops should be present and effective"> <h2 class="section-title"><i class="icon" data-icon="1"></i>7. Feedback loops should be present and effective</h2> <p>Repeated security issue identification or resource problems might be caused by coding issues or implementation that can't be fixed through automated means. <a href="https://www.techtarget.com/searchitoperations/feature/service-desk-automation-examples-to-enhance-IT-support">Tying observability systems to help desk</a> and trouble ticketing offerings ensures issues are identified and assigned to the right IT staff. Again, AI should be used to ensure the rapid, efficient and meaningful real-time movement of such information.</p> <p>This is where humans remain of utmost importance. The feedback loop must be prioritized by business impact, not by technical interest. This requires some deep planning.</p> <p>Observability should now be seen as a necessity by organizations looking to maximize the value of their platforms. Without the capability to aggregate and analyze data from all areas of an IT platform, organizations open themselves up to problems ranging from inadequate application and business performance to major security issues and impaired system availability.</p> <p>An <a href="https://www.techtarget.com/searchcloudcomputing/tip/Improve-observability-with-AI-Real-world-success-stories">AI-driven observability</a> capability enables a closer working relationship between business and technical teams and provides a more flexible, future-proof approach to managing an organization's technical and business capabilities.</p> <p><i>Clive Longbottom is an independent commentator on the impact of technology on organizations. He was a co-founder and service director at Quocirca. </i></p> </section> Observability enables organizations to analyze data on a continuous basis and act on it quickly. Learn best practices for implementing the practice. https://cdn.ttgtmedia.com/rms/onlineimages/security_a395732039.jpg https://www.techtarget.com/searchitoperations/tip/8-observability-best-practices Thu, 05 Feb 2026 00:00:00 GMT 7 observability best practices to improve visibility, performance <p>Modern technology systems span cloud-native architectures, distributed microservices, third-party integrations and, increasingly, AI-driven autonomous components. In these environments, failure modes are subtle, interactions are complex and cause-and-effect relationships are often difficult to infer. To manage and evolve such systems effectively, a well-defined, balanced observability strategy is indispensable.</p> <p>In software architecture, <a href="https://www.techtarget.com/searchitoperations/definition/observability">observability</a> is the ability to determine how a system's internal state changes in response to its external outputs. Observability provides a comprehensive understanding of a system's internal state, enabling teams to detect anomalies early, correlate signals across services and address issues before users are affected.</p> <p>Although its specific goals vary by system, the focus typically lies in maintaining high uptime, improving UX, optimizing costs and enabling proactive issue resolution. When implemented well, observability becomes a competitive differentiator. This enables organizations to measure what matters and align operational decisions with business KPIs. In today's AI-augmented engineering landscape, it further ensures predictable outcomes by surfacing actionable insights and enabling data-backed decision-making.</p> <section class="section main-article-chapter" data-menu-title="Core principles of an effective observability strategy"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Core principles of an effective observability strategy</h2> <p>An observability strategy outlines how operational signals are collected, processed, analyzed and acted upon. Unlike traditional monitoring, which reacts to static thresholds and known failures, an observability-led approach enables teams to understand <i>why</i> a system behaves as it does under different conditions. The following are four foundational principles to keep in mind.</p> <h3>1. Embed observability in development practices</h3> <p>An observability blueprint should be defined and inherited by every new system. This should address <a href="https://www.techtarget.com/searchitoperations/tip/The-3-pillars-of-observability-Logs-metrics-and-traces">logs, metrics and traces</a>. With consistent use of a single blueprint, the overall consistency and maturity increase over time. This shouldn't be treated as an afterthought.</p> <h3>2. Merge monitoring, alerting, incident management and recovery</h3> <p>Observability combines all signals to provide a holistic view of the system's health. It goes even further, providing tools to identify issues early and help recover from failures based on past learnings. These should function as a single, orchestrated process rather than as disjointed tools or disconnected responsibilities of different systems.</p> <h3>3. Automate and augment human capabilities</h3> <p>As cloud-native platforms scale dynamically, automation and AI-driven insights become essential to keep pace with the complexity. Modern AI tools can lend dynamic capabilities to both fuzzy and discriminative tasks. These should be used meaningfully. Manual intervention should be avoided where possible. As cloud-native businesses become comfortable with dynamic capacity and more mature infrastructure controls, many recoveries can be automated. When they can't, it makes sense to invest in tools that create an assistive experience for teams that are responsible for uptime.</p> <h3>4. Surface signals, suppress noise</h3> <p>A well-designed observability setup prioritizes what matters and dampens irrelevant alerts, enabling teams to address the root cause rather than navigate chaos. It's crucial to identify issues as close to the source as possible so teams and systems can start solving the problem right away rather than spending precious time uncovering the source. A good strategy identifies issues before or as they occur, provides the right prioritization and alerting mechanisms and assists in recovery using automated processes or procedures that can be triggered. Finally, it must define a blueprint that's consistent across systems.</p> </section> <section class="section main-article-chapter" data-menu-title="The 9 steps to build and implement an observability strategy"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The 9 steps to build and implement an observability strategy</h2> <p>A successful observability strategy aligns business goals with the right metrics, logs, traces, visualizations and platforms, creating a unified view of system health. By embedding observability into culture, enabling dynamic controls and <a href="https://www.techtarget.com/searchbusinessanalytics/feature/AI-in-business-intelligence-Uses-benefits-and-challenges?Offer=ab_MeteredFormCopyEoc_var1">using AI for proactive insights</a>, organizations evolve from reactive troubleshooting to intelligent, data-driven operations.</p> <p>Here are nine steps to building an observability strategy:</p> <ol type="1" start="1" class="default-list"> <li>Determine your business goals.</li> <li>Focus on the right metrics.</li> <li>Stay on top of event logs.</li> <li>Provide toggle switches for tools.</li> <li>Perform diligent request tracing.</li> <li>Create accessible data visualizations.</li> <li>Choose the right observability platform.</li> <li>Establish a culture of observability.</li> <li>Use AI and machine learning to augment staff capabilities.</li> </ol> <p>Let's explore each step further.</p> <h3>1. Determine your business goals</h3> <p>When it comes to customer experience (<a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-experience-CX">CX</a>), a negative experience is often more powerful than a positive one. High-quality observability is a critical part of systems that aim to build sticky user experiences. However, to define the right observability strategy, it's crucial to identify business goals first. These goals must account not only for human operators but also for machine consumers of telemetry, enabling AI-driven systems to act autonomously on observability insights.</p> <p>A good observability setup can improve bottom-line revenue by optimizing infrastructure spend, supporting growth capacity planning and improving key business metrics, such as mean time to recovery. It can help establish transparency or even build a strong CX by providing support personnel with more contextual data. However, the observability setup for these goals can vary widely. Identify key business objectives, then chart an observability strategy to achieve them.</p> <h3>2. Focus on the right metrics</h3> <p>A well-designed observability approach helps developer teams predict the onset of potential errors or failures and identify where their root causes might reside -- rather than reacting to problematic situations as they occur. In addition to other monitoring and testing tools, a variety of data-collection and analytics mechanisms play a significant role in the quest for transparency.</p> <p>For starters, a distributed systems observability plan should focus on the four golden signals: latency, traffic, errors and saturation. With the rise of AI-driven and autonomous components, this metric set must now expand to <a href="https://www.techtarget.com/searchenterpriseai/tip/How-businesses-can-measure-AI-success-with-KPIs?Offer=ab_MeteredFormCopyEoc_var1">include model-centric KPIs</a>, such as data drift and inference latency, to capture failure modes unique to AI-powered systems. Point-in-time metrics help track the system's internal state, such as those derived from an external data store that continuously scrapes state data over time. This high-level state data might not be particularly granular, but it provides a picture of when and how often a certain error occurs. Combining this info with other data, such as event logs, makes it easier to pinpoint the underlying cause of a problem.</p> <h3>3. Stay on top of event logs</h3> <p>Event logs are a rich source of distributed system observability data for architecture and development teams. Dedicated event logging tools, such as Prometheus and Splunk, capture and record occurrences. These types of occurrences include successful completion of an application process, a major system failure, unexpected downtime or overload-inducing traffic surges.</p> <p>Event logs combine timestamps and sequential records to provide a detailed breakdown of what happened, quickly pinpointing when an incident occurred and the sequence of events that led up to it. This is particularly important for debugging and error handling because it provides key forensic information that helps developers identify faulty components or problematic interactions between components. As log volumes grow, organizations can further enhance their approach by using semantic enrichment and AI-assisted log summarization, transforming raw, high-cardinality data into context-rich insights and reducing noise without losing meaning.</p> <h3>4. Provide toggle switches for tools</h3> <p>Comprehensive event logging processes can significantly increase a system's data throughput and processing requirements and add troublesome levels of cardinality. As a result, logging tools can quickly degrade application performance and <a href="https://www.techtarget.com/sustainability/tip/Best-practices-for-resource-optimization">resource availability</a>. They can also become unsustainable when the system's scaling requirements grow over time, which is frequently the case in complex, cloud-based distributed systems.</p> <p>To strike a balance, development teams should implement tool-based mechanisms that start, stop or adjust logging operations without requiring a full application restart or updating large sections of code. Modern observability practices take this a step further by incorporating policy-based automation, enabling the system itself to toggle logging depth in response to anomalies or risk signals. This ensures that deep visibility is available when needed without burdening the system during normal operation.</p> <h3>5. Perform diligent request tracing</h3> <p>Request tracing is a process that tracks the individual calls made to and from a respective system, as well as the respective execution time of those calls from start to finish. Request tracing information can't, for instance, contextualize what went wrong when a request failed. However, it provides valuable information about where exactly the problem occurred within an application's workflow and where teams should focus their attention.</p> <p>Like event logs, request tracing creates elevated levels of data throughput and cardinality that make them expensive to store. Again, it's important that teams only use resource-heavy <a href="https://www.techtarget.com/searchitoperations/feature/5-distributed-tracing-tools-to-ease-application-monitoring">request tracing tools</a> for unusual activity or errors. Modern observability practices extend this further by evolving tracing into causal models that connect signals across services and AI components, illustrating not just where failures occurred but <i>why</i> they propagated. In less critical scenarios, periodic sampling of transactions can provide a lightweight, resource-friendly way to continuously understand distributed system behavior without overwhelming storage or compute resources.</p> <h3>6. Create accessible data visualizations</h3> <p>Once a team aggregates observability data, the next step is to condense it into a readable, shareable format. Often, this is done by building visual representations of that data using tools such as <a href="https://www.techtarget.com/searchitoperations/tip/Evaluate-Grafana-vs-Kibana-for-IT-data-visualization">Kibana or Grafana</a>. From there, team members can share that information or distribute it to other teams that also work on the application.</p> <p>Such data visualization can tax a system with millions of downstream requests, but don't be overly concerned with median response times. Instead, most teams will be better served to focus on the number of requests available 95% to 99% of the time and match that number against the service-level agreement requirements. This number might meet the SLA's requirements, even if it's buried under heaps of less impressive median response time data. As visualization tooling matures, organizations can further enhance their setup with AI-driven narrative layers that translate complex charts into contextual recommendations and insights, shortening the time from data interpretation to informed action, even in high-scale environments.</p> <h3>7. Choose the right observability platform</h3> <p>At the heart of the observability setup sits a log and metrics store, a querying engine and a visualization dashboard, among other components. Several independent platforms map to these capabilities. Some of them work together particularly well to create a comprehensive observability setup. However, each one must be carefully selected to meet the specific needs of the business and the system.</p> <p>When choosing these components, it's important to consider not only the current architecture but also the system's long-term demands. The observability needs of a monolithic application differ considerably from those of a distributed microservices ecosystem or an AI-driven platform. With AI pipelines, feature stores, and vector-based data flows becoming increasingly common, organizations must evaluate platforms for extensibility into AI observability, ensuring support for tracking model performance, data lineage and inference behavior. Both open source and commercial options exist, each offering distinct strengths. Tools and platforms must be chosen appropriately. There are viable open source options available alongside commercial offerings.</p> <p>For instance, Grafana Labs' popular open source platform, Loki, is a log store that indexes logs against labels. Elasticsearch, on the other hand, can decompose logs into individual fields using a log parser and transformer, such as Logstash. The performance characteristics and benefits of both tools differ, with specific tradeoffs. It's cheaper to index logs in Loki, but it's easier to query logs with text data in Elasticsearch.</p> <p>On the commercial side, there are a multitude of platforms, such as Honeycomb and Splunk, that use machine learning to predict the onset of errors with AI that can spot outliers in the data proactively.</p> <p>When choosing a platform, take stock of the number of services, data volume, level of transparency and business objectives. The <a href="https://www.techtarget.com/searchapparchitecture/tip/Key-considerations-for-data-intensive-architectures">volume of data directly affects cost</a> and performance, and it would be wise to pick a tool that addresses both well within the limits.</p> <h3>8. Establish a culture of observability</h3> <p>To fully realize the benefits of observability, organizations must use it to identify and solve problems proactively. This often stems from a culture of questioning -- where the key metrics are identified and mechanisms are used to obtain answers. To use observability to its fullest, user education and training might be required.</p> <p>Once observability becomes a mindset and people start seeking answers to the right questions, the effect of observability reinforces itself. Answers to problems can be sought from the data. In addition, the data guides the evolution and strategy of businesses and systems. As AI-driven systems and automated remediation workflows become more prevalent, observability roles evolve beyond traditional operations, requiring specialists who understand both infrastructure and machine-learning pipelines. A well-architected observability setup can champion this approach by making information available and visible.</p> <h3>9. Use AI and machine learning to augment staff capabilities</h3> <p>There is an increased proliferation of <a href="https://www.techtarget.com/searchenterpriseai/feature/5-types-of-machine-learning-algorithms-you-should-know">machine learning algorithms</a> and AI in assistive identification of imminent failures, remedy identification and issue triage. Although some of these are still at a nascent stage, they can often reliably provide the required assistive support by automatically highlighting the issue that hasn't been seen before, identifying its effect and severity and generating alerts.</p> <p>This can mitigate errors early in the lifecycle, preventing major problems. To ensure safe and reliable outcomes, AI-generated insights must operate within trust-and-validation loops, where human oversight verifies recommendations before automated remediation pipelines take action. Although the ecosystem will continue to evolve, early assessment and selective integration can yield immediate benefits for teams already relying heavily on observability systems.</p> </section> <section class="section main-article-chapter" data-menu-title="Common pitfalls and how to avoid them"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Common pitfalls and how to avoid them</h2> <p>Although observability can bring transparency to a system, a poorly managed approach can result in several adverse effects -- particularly related to alerts and data volume. Here are the most common traps.</p> <h3>Alert fatigue</h3> <p>The first of these effects is that distributed systems observability tools often generate substantial statistical noise. Teams can feel overwhelmed with constant alerts that might or might not require attention, and those alerts become useless if developers increasingly ignore them. As a result, critical events go undetected until a catastrophic event occurs.</p> <p>This can be avoided by defining severity levels, filtering alerts at the source and using KPIs that are directly tied to the business impact.</p> <h3>Excessive data collection</h3> <p>In their eagerness to predict every kind of failure, teams often try to collect every type of data obsessively, leading to an accumulation of data that ultimately increases costs without improving insight. Predicting the onset of failure is important, but it can still be difficult and time-consuming to sort through vast amounts of data to identify the root cause.</p> <p>This should be checked by ensuring selective instrumentation, enabling dynamic logging and implementing tracing controls that also <a href="https://www.techtarget.com/searchdatamanagement/opinion/Unlock-the-value-of-data-through-AI-modern-data-platforms">measure data ROI</a>.</p> <h3>Mismatched tooling</h3> <p>Choosing platforms or tools without considering the overall system architecture can lead to poor performance or outcome. The consideration should be more holistic.</p> <p>Avoid this by aligning tools to achieve specific objectives, evaluating long-term scalability early on, and testing integration maturity before adopting a platform or a tool. </p> </section> <section class="section main-article-chapter" data-menu-title="Conclusion"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Conclusion</h2> <p>As systems become more distributed and AI-driven, observability provides the critical feedback loop that ensures resilience, maintains user trust and aligns operational behavior with business outcomes. It empowers teams to understand what is happening, why it's happening and how to improve it, turning telemetry into actionable insight rather than inert noise.</p> <p>Observability is no longer just a set of dashboards or diagnostic tools. It's both a technical discipline and a cultural transformation that changes how teams design, operate and evolve modern systems. The organizations that excel treat observability as a foundational capability rather than an add-on.</p> <p>If you're beginning this journey, resist the temptation to build everything at once. Instead, start small, <a href="https://www.techtarget.com/searchitoperations/tip/8-observability-best-practices">adopt best practices</a>, measure effect and scale continuously. Each step you take improves visibility, strengthens reliability and moves your systems and your organization closer to an intelligent, self-evolving future.</p> <p><i>Priyank Gupta is a polyglot technologist who is well versed with the craft of building distributed systems that operate at scale. He is an active open source contributor and speaker who loves to solve a difficult business challenge using technology at scale. </i></p> </section> As distributed software systems grow in scale and complexity, things like monitoring and debugging can become a tangled mess. Here are nine ways to bolster your observability plan. https://cdn.ttgtmedia.com/rms/onlineimages/strategy_g1194728105.jpg https://www.techtarget.com/searchapparchitecture/tip/5-basic-strategies-for-distributed-systems-observability Tue, 03 Feb 2026 00:00:00 GMT 9 steps to implement an observability strategy <p>Many development teams have adopted a microservices architecture that enables them to deploy their applications across distributed environments. Although this makes the applications easier to build, deliver and scale, it can also make it more challenging to track and troubleshoot the components that make up the environment.</p> <p>Organizations need visibility into these components to understand how their applications behave. For this reason, many have turned to observability tools, which help them monitor their distributed systems and respond quickly to any problems with the application delivery.</p> <section class="section main-article-chapter" data-menu-title="What are observability tools?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What are observability tools?</h2> <p>An <a href="https://www.techtarget.com/searchitoperations/definition/observability">observability</a> tool provides a centralized platform for aggregating and visualizing telemetric data collected from application and infrastructure components in a distributed environment. The tool monitors and analyzes application behavior, as well as the various types of infrastructure that support application delivery, enabling proactive issue resolution.</p> <p>An effective observability platform is more than just a monitoring tool. It <a href="https://www.techtarget.com/searchitoperations/tip/Observability-vs-monitoring-Whats-the-difference">builds on traditional monitoring</a> capabilities, but it provides deeper insights into the data that can help IT administrators optimize performance, ensure availability and improve the customer experience (CX). To achieve this, most observability tools collect and aggregate three types of telemetry data:</p> <ol type="1" start="1" class="default-list"> <li><b>Metrics.</b> Measurements of how a service or component performs over time. For example, an observability tool might gather metrics about memory usage, bandwidth utilization, HTTP requests per second or an assortment of other systems.</li> <li><b>Logs.</b> Records of events that occur on a specific system or application. The event information might be recorded as plain text, structured data or in a binary format. Event logs are often the first thing administrators and developers look at when troubleshooting system or application issues.</li> <li><b>Traces.</b> Representational profiles of entire processes as they're carried out across a distributed system. A trace links together the events in a single request or transaction to provide a complete picture of how it flows from one point to the next. For example, traces can show how applications are contending for network and storage resources.</li> </ol> <p>These three types of telemetry data are often referred to as the <a href="https://www.techtarget.com/searchitoperations/tip/The-3-pillars-of-observability-Logs-metrics-and-traces"><i>pillars of observability</i></a> because of the important roles they play. Metrics, logs and traces provide organizations with the data they need to understand when and why a distributed application is behaving the way it is. With the right observability platform, organizations gain visibility into all layers of the application stack, enabling them to gain comprehensive insights into their distributed systems over the long term.</p> </section> <section class="section main-article-chapter" data-menu-title="Top observability tools in 2026"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Top observability tools in 2026</h2> <p>Several vendors offer observability tools, but it's not always clear how they differ or which ones might provide the most benefits for an organization's particular circumstances. To compile the following list, Informa TechTarget editors researched observability tools extensively, focusing on leading characteristics, such as telemetry capabilities, open source optioning and security. Our research included data from user review analysis and reports from respected research firms, including Gartner.</p> <p>Here are eight of the leading observability tools on the market, presented in alphabetical order.</p> <h3>1. Amazon CloudWatch</h3> <p>Amazon CloudWatch is an observability platform that provides a set of cloud-based tools for monitoring resources and applications hosted on AWS, on-premises systems or hybrid environments. The platform enables administrators to collect and track metrics, logs and traces from Elastic Compute Cloud instances and in-house servers that run either Linux or Windows Server. CloudWatch provides administrators with full visibility into application performance, resource utilization and operational health, including infrastructure and network resources.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> CloudWatch is implemented as an AWS product.</li> <li><b>Coverage.</b> The platform monitors AWS resources and applications, on-premises applications, network connectivity between AWS applications, and the internet connection between AWS applications and end users. CloudWatch can also collect system-level metrics and log data from on-premises databases, servers and OSes.</li> <li><b>Communications.</b> Most AWS offerings automatically generate metrics that CloudWatch can use when monitoring AWS systems or applications. Amazon also provides the CloudWatch agent for gathering additional metrics from AWS offerings as well as on-premises systems.</li> <li><b>Plans.</b> CloudWatch is available in both a free tier and a paid tier. The free tier supports only a limited number of operations, although it can still be useful for many types of applications. The paid tier is based solely on usage, with no upfront commitments or minimum fees.</li> <li><b>Free trial.</b> Customers can try CloudWatch by signing up for the free tier. The free tier is limited to 5 GB of data and 1,800 minutes of live trial data per month.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_1-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_1-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_1-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_1-f.jpg 1280w" alt="An example of an Amazon CloudWatch dashboard." height="341" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Amazon CloudWatch observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>2. Datadog</h3> <p>The Datadog observability platform provides full visibility into every layer of a distributed environment, with built-in support for over 900 third-party integrations. The platform provides a single pane of glass for troubleshooting distributed systems, optimizing application performance and supporting cross-team collaboration. Datadog pairs automatic scaling and deployment with intuitive tools that incorporate machine learning for more reliable insights into applications and infrastructure.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> Datadog is delivered as SaaS.</li> <li><b>Coverage.</b> The platform can monitor infrastructure, applications, databases, logs, network performance and the full DevOps stack, with support for user and network monitoring, <a href="https://www.techtarget.com/searchsoftwarequality/definition/synthetic-monitoring">synthetic monitoring</a>, and log and incident management. Datadog has also introduced observability for large language models (LLMs).</li> <li><b>Communications.</b> Open source agents running on the monitored systems report metrics and events to the Datadog platform. The agents can run at the OS level or within containers. Additionally, Datadog provides an API that customers can use to instrument their own applications.</li> <li><b>Plans.</b> Datadog offers a wide range of subscription plans, including Infrastructure, Log Management, Incident Response, Application Performance Monitoring, Continuous Profiler and many others. Many of these plans are broken down into multiple subplans.</li> <li><b>Free trial.</b> A 14-day free trial is available.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/2024_updated_image-1d_dashboard_2024-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/2024_updated_image-1d_dashboard_2024-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/2024_updated_image-1d_dashboard_2024-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/2024_updated_image-1d_dashboard_2024-f.jpg 1280w" alt="An example of a Datadog dashboard." height="315" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Datadog's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>3. Dynatrace</h3> <p>Dynatrace provides an integrated platform for monitoring infrastructure and applications, including networks, mobile apps and server-side services. More recently, Dynatrace has introduced observability features for monitoring generative AI applications, including LLMs and agents. The platform can also analyze the performance of user interactions with applications and includes an AI-driven engine called Davis AI, which supports root cause analysis. Dynatrace supports over 750 third-party technologies and is built on open standards that enable organizations to extend the platform by using the Dynatrace API, SDK or plugins.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> Dynatrace is delivered as SaaS.</li> <li><b>Coverage.</b> Dynatrace can monitor infrastructure, applications, microservices and application security, as well as support digital experience monitoring and business analytics.</li> <li><b>Communications.</b> The Dynatrace OneAgent runs on each monitored host, collecting system, application, network and log data, and sends the data to the Dynatrace platform.</li> <li><b>Plans.</b> The platform supports a wide variety of plans, ranging from application and infrastructure observability to log analytics and digital experience monitoring.</li> <li><b>Free trial.</b> A 15-day free trial is available.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/2024_updated_image_2_dynatrace_dashboard_example_1-2024-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/2024_updated_image_2_dynatrace_dashboard_example_1-2024-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/2024_updated_image_2_dynatrace_dashboard_example_1-2024-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/2024_updated_image_2_dynatrace_dashboard_example_1-2024-f.jpg 1280w" alt="An example of a Dynatrace dashboard." height="315" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Dynatrace's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>4. Grafana</h3> <p>Grafana offers a centralized platform for exploring and visualizing metrics, logs and traces. The platform includes alerting capabilities and provides tools for turning time series database <a href="https://www.techtarget.com/iotagenda/tip/IoT-data-visualization-Tips-and-challenges">data into insightful graphs and visualizations</a>. From a central interface, users can create a rich set of dashboards that display telemetric data from a wide range of sources, including Kubernetes clusters, multiple cloud services, Raspberry Pi devices and services such as Google Sheets.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> Grafana Cloud is available as a fully managed cloud service.</li> <li><b>Coverage.</b> Grafana can monitor infrastructure, applications, data sources, microservices and third-party platforms.</li> <li><b>Communications.</b> Grafana's open source agent runs on monitored devices and collects metrics, logs and traces. The agent is based on open source telemetry standards, such as OpenTelemetry and Prometheus.</li> <li><b>Plans.</b> Grafana Cloud is available in three subscription plans: Free, Pro and Enterprise. The Pro plan starts at $19 per month, and the Enterprise plan starts at $25,000 per year.</li> <li><b>Free trial.</b> Organizations can try Grafana Cloud through the free service. The free tier is an ongoing service that includes 10,000 metrics and up to 50 GB of logs. Users can access the free plan for as long as they want.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_2-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_2-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_2-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_2-f.jpg 1280w" alt="An example of a Grafana dashboard." height="206" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Grafana's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>5. IBM Instana Observability</h3> <p>Instana is an observability platform that automatically discovers and monitors applications across various environments, including microservices, containers and mobile applications. The platform offers upstream and downstream visibility into over 300 platforms. Additionally, Instana can trace end-to-end mobile, web and application transactions, providing full context across the entire application stack. When an incident is detected, IBM uses agentic AI to investigate and resolve the problem without the need for manually creating runbooks.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> IBM offers the Instana back end as a SaaS tool or as a self-hosted system that can be deployed on-premises or in an IaaS environment. Administrators can access the back end through the Instana web interface or through the Instana REST API.</li> <li><b>Coverage.</b> Instana supports a wide range of systems and services, including cloud platforms and services, database platforms, Kubernetes environments, log management systems, messaging apps, OSes, web platforms and more.</li> <li><b>Communications.</b> Instana uses a single-agent architecture to collect data from participating systems. Each host is configured with one agent, which in turn deploys technology-specific sensors that send metrics back to the agent and communicate tracer-related information.</li> <li><b>Plans.</b> Instana comes in two subscription plans: the Essentials Tier and the Standard Tier. The Essentials Tier starts at $20 per month per managed virtual server (MVS), while the Standard tier lists for $75 per month per MVS.</li> <li><b>Free trial.</b> IBM offers a sandbox environment where users can try out Instana.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_3-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_3-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_3-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_3-f.jpg 1280w" alt="An example of an IBM Instana dashboard." height="294" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>IBM Instana's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>6. New Relic</h3> <p>The New Relic observability platform comprises multiple tools that provide full-stack monitoring across applications and infrastructure. This includes Kubernetes, browser, mobile, network and synthetic monitoring. The platform also provides <a href="https://www.techtarget.com/searchsecurity/tip/Security-log-management-and-logging-best-practices">log management and error tracking</a>, as well as CodeStream integration, which offers a developer collaboration platform. Additionally, New Relic integrates with over 780 third-party technologies and uses applied intelligence to provide automatic insights into the root causes of incidents.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> New Relic is implemented as SaaS.</li> <li><b>Coverage.</b> New Relic monitors infrastructure, applications, networks, Kubernetes environments and other platforms. It also supports log management, as well as mobile and browser monitoring.</li> <li><b>Communications.</b> Agents installed on hosts or within applications send performance data to the New Relic platform. There are various agents available – application performance management, browser, infrastructure and mobile -- each requiring a license key and an application name.</li> <li><b>Plans.</b> New Relic offers four subscription plans: Free, Standard, Pro and Enterprise. However, New Relic doesn't publicly disclose pricing information for these plans.</li> <li><b>Free trial.</b> Organizations can try New Relic through the Free plan. This plan supports a single user and allows for 100 GB of data.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_4-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_4-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_4-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_4-f.jpg 1280w" alt="An example of a New Relic dashboard." height="292" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>New Relic's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>7. Splunk AppDynamics</h3> <p>Splunk AppDynamics is a <a href="https://www.techtarget.com/searchenterprisedesktop/definition/Application-monitoring-app-monitoring">performance monitoring</a> and analytics platform that provides real-time visibility into applications and infrastructure across hybrid environments. It helps organizations proactively detect, diagnose and resolve issues using detailed insights into application performance, user behavior and the health of the underlying infrastructure. One thing that makes AppDynamics unique is that its root cause analysis capabilities are not based solely on the infrastructure and application stack. AppDynamics can also detect problems at the code level.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> Splunk AppDynamics is offered as an on-premises platform and as SaaS.</li> <li><b>Coverage.</b> The platform can monitor many types of applications, including microservices, cloud-native and legacy applications. It provides visibility into cloud environments, including AWS, Azure and Google Cloud, as well as on-premises applications and hybrid environments. AppDynamics integrates with Kubernetes and Docker, as well as databases, web servers and network infrastructure.</li> <li><b>Communications.</b> AppDynamics offers several methods for ingesting data from applications and systems. It uses agents, including AppDynamics Java, .NET, Node.js and other language-specific agents, to collect performance data. AppDynamics supports integration with cloud-native services and offers automatic application discovery to help map complex environments.</li> <li><b>Plans.</b> Splunk AppDynamics offers multiple pricing tiers, including Infrastructure, App & Infra, and End to End. The starting prices -- per host, per month -- for these tiers are $15, $60, and $75, respectively.</li> <li><b>Free trial.</b> A 30-day free trial is available.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_5-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_5-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_5-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_5-f.jpg 1280w" alt="An example of an AppDynamics dashboard." height="294" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>AppDynamics' observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>8. Sumo Logic</h3> <p>Sumo Logic is a log analytics SaaS platform built on a cloud-native, distributed architecture. The platform offers a scalable, multi-tenant environment for ingesting structured and unstructured logs. Customers can monitor, troubleshoot and <a href="https://www.techtarget.com/searchsecurity/feature/Guide-to-cloud-security-management-and-best-practices">secure their cloud</a> and on-premises applications across various environments and systems, including microservices, containers and Kubernetes. The platform uses machine learning and advanced analytics to ingest and analyze system data, while providing continuous infrastructure and compliance monitoring.</p> <ul type="disc" class="default-list"> <li><b>Platform.</b> Sumo Logic is delivered as SaaS.</li> <li><b>Coverage.</b> The platform can ingest log data from cloud providers, such as AWS, Azure and Google Cloud, as well as from container environments, including Kubernetes and Docker. The platform can also pull log data from web servers, database servers, productivity tools and security applications.</li> <li><b>Communications.</b> The platform provides several options for ingesting log data from source systems. The company's hosted connectors live in the cloud and provide connectivity to cloud services. Installed connectors can be installed on local machines. There is also an agent built on OpenTelemetry that can be used as a unified agent.</li> <li><b>Plans.</b> Sumo Logic offers two plans: Essentials and Enterprise Suite.</li> <li><b>Free trial.</b> A 30-day free trial is available. Users can also view interactive demos or request a live demo from a Sumo Logic expert.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/observability_6-f.jpg "> <img data-src="https://www.techtarget.com/rms/onlineimages/observability_6-f_mobile.jpg " class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/observability_6-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/observability_6-f.jpg 1280w" alt="An example of a Sumo Logic dashboard." height="293" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Sumo Logic's observability platform dashboard. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="How to choose the best observability tool for your business"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to choose the best observability tool for your business</h2> <p>Selecting an observability tool is no small task. Decision-makers must choose from a growing number of platforms whose differences aren't always apparent. At the same time, they must determine which tools best meet their specific needs -- both now and in the foreseeable future -- and are flexible enough to accommodate changing business requirements. When evaluating observability platforms, decision-makers should consider the following guidelines:</p> <ul type="disc" class="default-list"> <li>The platform should be easy to deploy and manage, <a href="https://www.techtarget.com/searchitoperations/feature/IT-process-automation-6-examples-to-boost-efficiency">automate multiple processes</a> and provide an interface that's intuitive and easy to navigate.</li> <li>The vendor should provide ongoing support that includes timely updates and product improvements regularly.</li> <li>The platform's underlying infrastructure and supporting components should be reliable and provide easy scalability without adding undue overhead to IT operations.</li> <li>The platform should support and easily integrate with the languages, frameworks, platforms and tools that an organization is already using or plans to use to support its distributed applications.</li> <li>The platform should provide organizations with comprehensive, real-time visibility into their monitored applications and infrastructure, while delivering the data necessary to make critical business decisions.</li> <li>Administrators should be able to easily access telemetry data, reports, visualizations, KPIs and other information from a centralized dashboard to gain real-time insights into the collected data quickly and easily.</li> <li>The platform should have the ability to generate alerts and notifications that ensure critical information gets to the right people as quickly as possible.</li> <li>The platform should incorporate AI, machine learning, advanced analytics or other advanced technologies to help better use the collected telemetry data.</li> <li>The platform should offer predictable and competitive pricing that lets customers operate within budget.</li> </ul> <p>Ultimately, an observability tool must be able to help organizations optimize application delivery, improve the CX and meet their business goals. To this end, decision-makers should evaluate prospective platforms based on the tools, processes and infrastructure they use to support their distributed applications, looking for platforms that help them gather and understand their telemetry data. Only then can they implement an <a href="https://www.techtarget.com/searchapparchitecture/tip/5-basic-strategies-for-distributed-systems-observability">observability strategy</a> that helps them meet the challenges that come with <a href="https://www.techtarget.com/searchitoperations/tip/7-principles-of-observability-in-modern-applications">modern applications</a>.</p> <p><b>Editor's note:</b> <i>This article was originally written by Robert Sheldon in 2022 and updated by Informa TechTarget editors in February 2025. Brien Posey reviewed and updated this article in January 2026.</i></p> <p><i>Robert Sheldon is a freelance technology writer. He has written numerous books, articles and training materials on a wide range of topics, including big data, generative AI, 5D memory crystals, the dark web and the 11th dimension.</i></p> <p><i>Brien Posey is a former 22-time Microsoft MVP and a commercial astronaut candidate. In his more than 30 years in IT, he has served as a lead network engineer for the U.S. Department of Defense and a network administrator for some of the largest insurance companies in America. </i></p> </section> Observability tools can help developers and IT administrators improve the delivery, performance and customer experience of applications and avoid potential issues. https://cdn.ttgtmedia.com/rms/onlineimages/security_a395732039.jpg https://www.techtarget.com/searchitoperations/tip/Top-observability-tools Tue, 20 Jan 2026 15:45:00 GMT Top 8 observability tools for 2026 <p>In Agile software development scenarios, acceptance criteria play an essential role in aggregating customer requirements and creating benchmarks for application performance. Specifically, they communicate functionality between the software development team roles within product, development and QA. These descriptions assist team members in understanding users' requests.<br><br>Acceptance criteria help developers make sense of individual <a href="https://www.techtarget.com/searchsoftwarequality/definition/user-story">user stories</a>, while also providing the details necessary to code and test a particular application.</p> <p>Teams must determine how to calibrate acceptance criteria to meet specific business needs and goals. Dive further into the purpose of acceptance criteria in Agile development and learn how an organization can use different criteria styles to <a href="https://www.techtarget.com/searchsoftwarequality/answer/What-are-requirements-types">shore up requirements gathering efforts</a>.</p> <section class="section main-article-chapter" data-menu-title="What are acceptance criteria?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What are acceptance criteria?</h2> <p>Acceptance criteria are a set of conditions that a product or feature must meet to be considered complete. These conditions help ensure a product or features provides positive customer experiences, aligning development teams with user expectations and needs.</p> <p>For development teams, acceptance criteria clarify what functionality users are looking for and how the application should behave. Acceptance criteria should contain a customer-centric focus that enables development teams to ensure expected functionality throughout the coding process. Ideally, the product team should define the acceptance criteria within the user story before the development team gets involved.</p> <p>From a testing standpoint, acceptance criteria provide specific objectives for application QA teams <a href="https://www.techtarget.com/searchsoftwarequality/tip/User-acceptance-testing-best-practices-for-Agile-teams">and user acceptance testers</a> (UATs). The criteria should describe customers' requirements and demands when it comes to application features and functionality. Ideally, product managers or teams would create acceptance criteria alongside user stories and form those criteria descriptions into testable benchmarks.</p> <p>There are two distinctive approaches to writing acceptance criteria: scenario-based and rule-based. Each one takes a slightly different focus and has its own set of appropriate use cases. Both can play a key role in <a href="https://www.techtarget.com/searchsoftwarequality/tip/7-techniques-for-better-Agile-requirements-gathering">defining user requirements</a> and design goals.</p> <h3>Acceptance criteria vs. user stories</h3> <p>Acceptance criteria and user stories are both similar Agile development concepts. While acceptance criteria are designed to describe the specific, testable conditions that define when a feature or product is complete, a user story is a high-level description of a product or feature from the user’s perspective.</p> <p>Both ideas relate to the user perspective, but the user story focuses more on the <i>what </i>and <i>why </i>behind a product from the user perspective, while acceptance criteria focuses on <i>how</i> to get the product or feature to behave in a way that meets user needs.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/VKFKypbvoUI?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> </section> <section class="section main-article-chapter" data-menu-title="What to include in acceptance criteria"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What to include in acceptance criteria</h2> <p>It's important that all the statements within acceptance criteria are succinct and to the point. They should describe exactly what a specific application function does and what users expect from it. Acceptance criteria should also account for the functional and non-functional needs of both developers and testers, such as:</p> <ul class="default-list"> <li><b>Timing.</b> Development teams need the acceptance criteria to clearly state when certain dependencies or integration points come into play, such as <a href="https://www.techtarget.com/searchapparchitecture/definition/application-program-interface-API">API</a>-enabled database updates. This helps communicate the intended scope of application features and guides the process of updating functionality down the line.</li> <li><b>Clarity.</b> For QA professionals and UATs, acceptance criteria need to provide clearly defined and readily testable workflow expectations. For example, if information saved by the user gets passed to the database using an API, testers need to know when and how that transaction occurs. This way, they can know exactly what to look for when things go wrong.</li> <li><b>Scope.</b> Acceptance criteria should accurately describe what an item or feature should do. They should also state what a product or feature should not do, in accordance with the user story and experience. This can help reduce confusion by focusing on customer needs.</li> <li><b>Consistency.</b> Criteria should be written clearly, so each requirement is interpreted the same way. Clearly written expectations will help a team understand the scope of the work that needs to be done, minimizing the chance of any misunderstandings.</li> <li><b>Continuous improvement.</b> Acceptance criteria should be reviewed after each delivery, to continually improve and refine quality.  </li> </ul> </section> <section class="section main-article-chapter" data-menu-title="How to choose an acceptance criteria approach"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to choose an acceptance criteria approach</h2> <p>The approach to acceptance criteria typically depends on the overall preference of team members. Team members should agree on which acceptance criteria format will be the most effective. Two common approaches include scenario-based and rule-based acceptance criteria.</p> <p>Scenario-based acceptance criteria are useful when describing a workflow that includes multiple entry or exit points or when a new feature is added into an already complex functional sequence. On the other hand, rule-based acceptance criteria documentation leaves little room for interpretation and is often more effective at <a target="_blank" href="https://www.pmi.org/learning/library/controlling-scope-creep-4614" rel="noopener">limiting scope creep</a>. Teams must be mindful to include all the rules, and every rule needs a clear description of the expected result.</p> <p>The format of the acceptance criteria isn't what matters most. What matters is that the product team communicates customer requirements so that the development and testing teams understand.</p> <h3>Scenario-based acceptance criteria</h3> <p>The scenario-based approach aims to describe how a function or general application task operates within the context of a user scenario. Using a scenario-based acceptance criteria format reinforces a focus on patterns regarding the user's expected workflow and navigation of the application.</p> <p>This process might follow an approach called the Given-When-Then syntax, also called the Gherkin acceptance criteria:</p> <ul class="default-list"> <li><b>Given</b> the start of a scenario,</li> <li><b>When</b> a specific action is made,</li> <li><b>Then</b> the expected outcome occurs.</li> </ul> <p>In some instances, an additional “And” step is added at the end to indicate the continuation of any previous statements.</p> <p>For example, imagine a healthcare tracking application that enables patients to create daily medication logs. In a scenario-based acceptance criteria format, the scope of each field that the user interacts with, as well as actions they'll need to perform, define the specific workflow steps and expected application behavior:</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Scenario-based format</h3> <p>Users log in to the application daily via a dedicated login screen. After the app successfully authenticates the user's identity, they are brought to a screen that displays where they are in their dosage schedule for a specific medication. The interface uses a MM/DD/YYYY format that overlays a monthly calendar background. For each day's login, the interface shows three data entry fields:</p> <ol type="1" start="1" class="default-list"> <li>Dose taken.</li> <li>Dosing method.</li> <li>Patient signature.</li> </ol> <p>Once the patient enters both the dose taken and dosing method -- pill, injection or patch -- fields, they are required to provide a signature to confirm that the information is accurate. The user is required to complete all fields before the application saves and records the data. Once saved, the screen refreshes and displays the patient's progress to date with the updated information included.</p> </div> </div> <p>In the Given-When-Then format, this process might be:</p> <ul class="default-list"> <li><b>Given</b> a patient logs into a healthcare tracking application.</li> <li><b>When</b> the patient submits a daily medication log with all required fields entered.</li> <li><b>Then</b> the system saves the data and displays the patient's up-to-date progress.</li> </ul> <h3>Rule-based acceptance criteria</h3> <p>Similarly, rule-based acceptance criteria define the scope and functionality of a user story, but does so against a list of functional and behavioral parameters. This rule-based format for acceptance criteria bears a close resemblance to the requirements documentation typically found in traditional <a href="https://www.techtarget.com/searchsoftwarequality/definition/waterfall-model">Waterfall development</a> scenarios, where each expected function is listed individually.</p> <p>Using the same patient logging application example above, this is how rule-based acceptance criteria style would look:</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Rule-based format</h3> <p>Once the user is authenticated, they are brought to a daily logging interface screen. This daily screen includes three data entry fields -- dose taken, dosing method and patient signature -- displayed against a monthly calendar backdrop. These data fields are actionable.</p> <p>In the 'dose taken' field, users must select an amount from a drop-down list of valid dosages for their medication.</p> <p>In the 'dosing method' field, users must select from a dropdown list of valid methods: mouth, injection or adhesive.</p> <p>The 'patient signature' field must be manually signed by the user with the cursor acting as a virtual pen. This signature is required to enable the <b>Save & Continue</b> button at the bottom of the form.</p> <p>Once a user clicks the <b>Save & Continue</b> button, the application records the data and returns the user to a screen showing their updated progress.</p> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="Who should write acceptance criteria?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Who should write acceptance criteria?</h2> <p>Writing acceptance criteria is often a collaborative process, with anyone on cross-functional teams able to add input. Commonly, however, the product owner or manager is the role that writes the acceptance criteria -- or at least the role that takes ownership of it.  </p> <p>Development teams also commonly have input on acceptance criteria, as they have the technical knowledge to contribute realistic and testable criteria. QA teams, likewise, also shape acceptance criteria by ensuring the criteria are verifiable and testable -- while also being able to identify additional criteria.</p> <p>Other individuals that can write, add to or facilitate conversations around acceptance criteria include <a href="https://www.techtarget.com/whatis/definition/scrum-master">Scrum masters</a>, requirements analysts and business analysts.</p> </section> <section class="section main-article-chapter" data-menu-title="When should you write acceptance criteria?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>When should you write acceptance criteria?</h2> <p>Although its best to write them before development begins, acceptance criteria can be written in the different stages of a sprint. For example, they can be written during:</p> <ul class="default-list"> <li><b>Initial planning. </b>At the start of a project, the team defines what the acceptance criteria are for the first few sprints. Creating acceptance criteria at the start will create a clear direction from the beginning.</li> <li><b>Before each sprint.</b> Acceptance criteria are created during the planning stages of each sprint. This ensures an agreed upon scope of work before each sprint begins.</li> <li><b>Sprint backlogs.</b> Acceptance criteria can be created or adjusted during sprint backlogs, giving teams a chance to further clarify requirements and reduce any uncertainties.</li> <li><b>Mid-sprint.</b> Acceptance criteria can be adjusted or changed mid-sprint as long as they do not interfere with ongoing work. This is less ideal but can be useful for adapting to sudden changes.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Common challenges of writing acceptance criteria"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Common challenges of writing acceptance criteria</h2> <p>While acceptance criteria can help organizations by clarifying what conditions a product or feature must meet to be considered complete, they still come with a number of challenges. Some, for example, include:</p> <ul class="default-list"> <li><b>Ambiguity.</b> The use of unclear language and miscommunications between teams can lead to different interpretations, leading to less effective acceptance criteria.</li> <li><b>Disagreements among stakeholders.</b> Team members might find it difficult to find a balance between criteria that are not too specific or too vague.</li> <li><b>Overcomplications.</b> Some teams might be too specific when coming up with criteria, making the process overly cumbersome.</li> <li><b>Scope increases.</b> Adding to a project in development might change the acceptance criteria needed, making it more difficult to change the criteria in process.</li> <li><b>Inconsistencies.</b> Switching between rule-based and scenario-based criteria can make the defining of criteria more complicated.</li> <li><b>Collaboration.</b> Not involving relevant teams, such as development, QA, product managers or analysts, could result in knowledge gaps.</li> </ul> <p><i>Switching between rule-based and scenario-based criteria will make the criteria harder to follow. Learn more about how each works and <a href="https://www.techtarget.com/searchsoftwarequality/tip/The-fundamentals-of-writing-effective-acceptance-criteria">how to choose between the two</a>. </i></p> </section> Acceptance criteria plays a key role in shaping an application from the user standpoint. We review some of the basic things to remember when it comes to acceptance criteria. https://cdn.ttgtmedia.com/rms/onlineimages/check_g1182594295.jpg https://www.techtarget.com/searchsoftwarequality/tip/The-fundamentals-of-writing-effective-acceptance-criteria Mon, 24 Nov 2025 13:57:00 GMT Acceptance criteria: What it is and its best practices <p>SAN FRANCISCO -- Household name companies showcased the benefits of AI automation in software development -- along with the lessons learned -- at GitHub Universe here this week.</p> <p>During one breakout session, software engineers from Nordstrom detailed how a set of AI agents built in-house for a utility called NordAssist is expected to save significant developer time and toil during a migration of 10,000 code repositories from GitLab to GitHub Actions. During another, IT leaders from Cathay Pacific Airways described using <a href="https://www.techtarget.com/searchsoftwarequality/news/366614786/GitHub-Copilot-Autofix-expands-as-AI-snags-software-delivery">GitHub Copilot Autofix</a> and <a target="_blank" href="https://github.com/security/advanced-security/code-security" rel="noopener">Code Security</a> tools to make fixing security vulnerabilities more manageable for its 2,500 microservices.</p> <p>"Before NordAssist, it took up to four hours for an engineer to create [GitHub] workflow files and migrate to GitHub -- now it's just one hour," said Anabelle Watt, a software engineer at the department store chain based in Seattle. "That's about three hours saved per repo, adding up to the nearly 15,000 hours we expect to save across 5,000 repos on our standard pipeline. This reclaimed time empowers engineers to focus on higher-impact work that drives Nordstrom technology forward, rather than repetitive migration tasks."</p> <section class="section main-article-chapter" data-menu-title="Nordstrom NordAssist's evolution"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Nordstrom NordAssist's evolution</h2> <p>Migrating each of Nordstrom's code repositories from <a href="https://www.techtarget.com/searchitoperations/news/366622842/Availity-eyes-GitLab-Duo-with-Amazon-Q-for-code-refactoring">GitLab</a> to GitHub required a fundamental restructuring because of differences in how the two software development platforms handle configuration files.</p> <p>"In GitLab, a developer's pipeline is generated at runtime," said co-presenter Ella Ordona, senior software engineer at Nordstrom, during the session. "We use the include keyword, which is GitLab's flavor of reusability and local variables, to construct one large, monolithic file assembled behind the scenes. GitHub Actions works completely differently: it favors reusable workflows and Actions which are smaller, composable files that teams can call directly."</p> <p>Moving existing repos from one platform to the other required extracting configurations from GitLab's files and converting them to GitHub Actions workflows. That's where NordAssist came in, for developers using Nordstrom's Standard Pipeline internal developer platform.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Agents aren't perfect. … Know where you need 100% accuracy and always keep a human in the loop before merging. </figure> <figcaption> <strong>Anabelle Watt</strong>Software engineer, Nordstrom </figcaption> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>NordAssist's AI agents are built using Microsoft's Azure OpenAI service, OpenAI vector stores and the AutoGen <a href="https://www.techtarget.com/searchenterpriseai/feature/AI-agent-frameworks-A-guide-to-evaluating-agentic-platforms">AI agent framework</a>, according to Watt. Initially, NordAssist took a single-agent approach to automating the conversion between GitLab CI files and GitHub workflow files, where one agent handled the entire process of extracting variables, generating templates, populating values and creating the final GitHub pull request for developer review.</p> <p>This resulted in some pain, Watt said.</p> <p>"We quickly learned one agent doing everything doesn't scale well," Watt said. "Variables weren't always mapped correctly. Values were missing or misinterpreted. Jobs were skipped or incorrectly generated, and most importantly, the agent didn't follow rules 100% of the time and took a long time to generate the final output."</p> <p>With the single NordAssist agent, only 54% of the configuration code was generated by AI and only 28% of pull requests were merged without manual commits. The NordAssist team went back to the drawing board, replacing the first iteration with a multi-agent system that also incorporated more traditional deterministic automation code to improve the results.</p> <p>In this second system, variable extraction, mapping and filtering from GitLab files is handled using deterministic logic. It's handed off to two specialized agents, a template generator agent that creates the new GitHub workflow files and a populator agent that fills in variables.</p> <p>"Template generation requires pattern recognition, adaptability and contextual awareness. This agent doesn't just copy and paste; it constructs," Watt said. "It lists valid job options to guide engineers and inserts smart defaults based on known patterns and at least placeholders where values are unknown, signaling where human [intervention] and further automation is needed. By focusing solely on structure, this agent ensures every workflow is well-formed, logically organized and ready for the next phase."</p> <p>Similarly, the populator agent has its own sense of the context of variables and their scopes, and can apply them intelligently and format them correctly across production and non-production environments, Watt said. With the newer multi-agent system, 70% of code during the migration is generated by NordAssist and 40% is merged without manual commits.</p> <p>"These stats are still growing as of today, and as we're early in our migration, we're hopeful that these stats will continue to grow," Watt said.</p> <p>Among her takeaways for the audience was that "agents aren't perfect. They can miss constraints, run over time or produce unexpected results. Know where you need 100% accuracy and always keep a human in the loop before merging."</p> </section> <section class="section main-article-chapter" data-menu-title="Cathay Pacific applies AI to DevSecOps"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Cathay Pacific applies AI to DevSecOps</h2> <p>As with many enterprise IT presenters at GitHub Universe this year, Cathay Pacific, an airline based in Hong Kong, has recently adopted platform engineering and tool consolidation to enhance its software development practices. The company transitioned from more than 50 separate toolchains to the GitHub platform in 2024, which included GitHub Copilot, Advanced Security, Code Security and Autofix. It began applying these tools to improve <a href="https://www.techtarget.com/searchitoperations/definition/DevSecOps">DevSecOps</a> this year.</p> <p>Before this consolidation and adoption of AI to scan code for security vulnerabilities, automatically fixing some and suggesting fixes for others, it was common for projects to run into late-stage security fixes that took up between 10% and 25% of sprint times, according to Cathay Pacific presenters. Now, more than 600 of the company's 1,000 developers use Copilot, 95% of whom are active users, and 89% of whom use <a href="https://www.techtarget.com/searchsoftwarequality/news/366622962/JetBrains-GitHub-add-coding-agents-to-IDEs">Copilot agent mode</a>.</p> <p>So far, the results include 15% velocity gains and up to a 30% code completion acceptance rate. More dramatic improvements in application security feature a 40% improvement in security fixes compared to last year, a 16% higher vulnerability remediation rate, and a 63% drop in developers' mean time to remediate vulnerabilities, according to Naveen Jaisankar, DevSecOps practice lead at Cathay Pacific, during his breakout session presentation.</p> <p>"We started by shifting left," Jaisankar said. "We made sure that all those tools are embedded in the development environment itself, and all the vulnerabilities that were there, we were able to bring those in context back to the IDE [integrated development environment] for developers to fix."</p> <p>As with Nordstrom, it took some massaging of AI-based systems to improve their accuracy before the company started seeing these returns.</p> <p>"What we have seen is a bit more of a low adoption rate at the initial stage, and then come the LLM [large language model] hallucinations," he said. "Incomplete context and older models did not help us … which caused confusion among the developers and contributed to productivity slowdowns instead of productivity gains."</p> <p>Moving to Copilot agent mode and tying in data from other corporate systems, such as Atlassian's collaboration software suite using <a href="https://www.techtarget.com/searchitoperations/news/366621932/Model-Context-Protocol-fever-spreads-in-cloud-native-world">Model Context Protocol</a>, boosted the accuracy of AI responses, Jaisankar said.</p> <p>Cathay Pacific's story was also similar to Nordstrom's in that the airline's platform teams created and maintain homegrown tools to improve processes for developers. In Cathay's case, GitHub Advanced Security presents vulnerabilities in a way that enables <a href="https://www.techtarget.com/searchsecurity/definition/risk-based-vulnerability-management-RBVM">risk-based vulnerability management</a>. However, the company has added its own internal system to deduplicate and prioritize alerts among GitHub and the multiple types of third-party security scanning tools it's required to use for regulatory compliance.</p> <p>"We reduced the noise so that people can focus on addressing the real issues with guardrails … that push people to address critical or high [severity] vulnerabilities," Jaisankar said.</p> <p>AI automation has helped developers address more security vulnerabilities, but the security of AI itself has also been a major consideration for Cathay Pacific, Jaisankar said, especially the potential for <a href="https://www.techtarget.com/searchsecurity/news/366628186/News-brief-Rise-of-AI-exploits-and-the-cost-of-shadow-AI">shadow AI</a>.</p> <p>"Keeping humans in the loop for all the critical approvals and following software development best practices is much more critical than ever," he said. "This required frequent training [for humans] and having governance built into the whole workflow. … While we are focusing on ensuring that velocity goes up, we need to make sure that we aren't growing the risk."</p> <p><i>Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? </i><a href="mailto:beth.pariseau@informatechtarget.com?subject=News%20tip"><i>Email her</i></a><i> or reach out </i><a target="_blank" href="https://x.com/PariseauTT" rel="noopener"><i>@PariseauTT</i></a><i>.</i></p> </section> Nordstrom saved 15,000 developer hours during a migration with AI agents, while Copilot Autofix helped Cathay Pacific address DevSecOps challenges, but there are also caveats. https://cdn.ttgtmedia.com/rms/onlineimages/ai_a264431831.jpg https://www.techtarget.com/searchsoftwarequality/news/366633832/GitHub-Universe-Large-IT-orgs-share-AI-automation-gains Thu, 30 Oct 2025 17:11:00 GMT GitHub Universe: Large IT orgs share AI automation gains <p>SAN FRANCISCO -- GitHub isn't just about Copilot anymore.</p> <p>The software engineering platform will open its doors to custom and third-party agents in the coming months, according to plans unveiled at the annual GitHub Universe conference this week. It will manage them through new tools, including an agent control plane, embedded agentic code review and a mission control interface for developers. Launch partners include OpenAI, Anthropic, Google and xAI.</p> <p>Overall, the strategy and tool set, most of which is in preview, is dubbed Agent HQ. With it, GitHub is setting its sights on becoming a home for all the coding agents used by IT organizations, and placing agents alongside human developers at the core of software development workflows.</p> <p>Microsoft chairman and CEO Satya Nadella framed Agent HQ as a reflection of a critical moment in coding agent adoption in an appearance at the conference keynote on Tuesday.</p> <p>"We can all fall into the pit of success -- [we need] tools and patterns and practices that allow us to use these tools most effectively," Nadella said. "Otherwise, I think it can be super chaotic. And that's kind of where my fear is. My fear is that we will stall … if we don't understand how to deal with the errors these models generate."</p> <p>Agent HQ represents a significant shift in GitHub's strategy to one that views AI agents and humans as equal participants in the software development process, said Katie Norton, an analyst at IDC.</p> <p>"GitHub is reframing itself as the home for both developers and AI agents, introducing new primitives that treat agents as first-class collaborators," Norton said. "Agent HQ positions GitHub as the coordination fabric for agentic software development where humans, agents, and enterprise policies converge across [integrated development environments (IDEs)], models, and repositories."</p> <p>GitHub is far from alone in its ambition to become the control plane for AI agents. Most other large incumbent enterprise IT vendors have a similar proposition for their customers, and the market is <a href="https://www.techtarget.com/searchitoperations/news/366633613/Glut-of-AI-agent-tools-faces-paradox-of-choice-skills-gap">flooded with AI agent tools</a> that make buying choices difficult.</p> <p>"It takes a big player to create a lasting ecosystem," said Jason Andersen, an analyst at Moor Insights & Strategy. "The initial round of partners is interesting, but to really get traction, what can GitHub do to entice other platforms like SAP or Salesforce to participate? Right now, the partners are largely LLM [large language model] providers who are trying to woo developers."</p> <p>However, GitHub's Octoverse report on usage trends within its platform showed 180 million developer users this year, an increase of 36 million from 2024, demonstrating its clout among developers.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> It takes a big player to create a lasting ecosystem. </figure> <figcaption> <strong>Jason Andersen</strong>Analyst, Moor Insights & Strategy </figcaption> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>"There really is not another company out there with the install base [of developers] like GitHub has," Andersen said. "So, Agent HQ could be very promising."</p> <p>For existing GitHub users who have begun to explore multiple coding agents, the news is welcome.</p> <p>"It's right at the heart of what I'm trying to solve for my team," said Scott Gainous, vice president of engineering at hiring software maker Hireology, based in Chicago. "We've used GitHub Copilot for a long time and recently paused it with the benchmarks we were seeing with Claude Code and Sonnet models, so we started to lean more that way. Having said that, this could very well swing us back."</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/satya_nadella_github_universe2025-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/satya_nadella_github_universe2025-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/satya_nadella_github_universe2025-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/satya_nadella_github_universe2025-f.jpg 1280w" alt="Satya Nadella at GitHub Universe 2025." data-credit="Beth Pariseau" height="420" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Microsoft Chairman and CEO Satya Nadella made an appearance during the GitHub Universe 2025 keynote. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <section class="section main-article-chapter" data-menu-title="GitHub reins in coding agents with fresh controls"> <h2 class="section-title"><i class="icon" data-icon="1"></i>GitHub reins in coding agents with fresh controls</h2> <p>GitHub's new agent control plane allows IT administrators to set policies governing coding agents' access to resources and collect audit logs. Mission control offers end users "a consistent interface across GitHub, [Visual Studio] Code mobile and the CLI that lets you direct, monitor and manage every AI-driven task … from any device," according to a GitHub blog post.</p> <p>New agent management features within mission control include <a href="https://www.techtarget.com/searchitoperations/news/366622025/AI-agents-raise-stakes-in-identity-and-access-management">identity management and access control mechanisms</a> "to control which agent is building [a] task, managing access and policies just like you would with any other developer on your team," the post reads.</p> <p>For <a href="https://www.techtarget.com/searchsoftwarequality/news/366623845/New-GitHub-Copilot-agent-edges-into-DevOps">GitHub Copilot</a>, another service launched in public preview this week, GitHub Code Quality, provides visibility, governance and reporting for every repository as an extension of Copilot. A new code review step in Copilot's default workflow addresses issues with code health before humans review it. A new Copilot metrics dashboard displays usage metrics across an organization.</p> <p>"GitHub is moving beyond vanity metrics like number of users and code completions to more meaningful indicators such as acceptance rates, model utilization by language, cost per inference unit and team-level productivity trends," Norton said. "From a market standpoint, this reflects a clear signal from enterprise buyers: many organizations are piloting AI-assisted development but remain skeptical of generalized productivity claims. They're asking vendors for transparent, first-party evidence of impact within their own environments."</p> <p>That said, enterprise AI agent adoption is at an early, messy stage, Norton said.</p> <p>"Most organizations are still in the earliest phase of this transition," she said. "Few have defined governance models, accountability structures or measurement frameworks for how agents participate in the software lifecycle."</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/github_agent_control_plane-h.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/github_agent_control_plane-h_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/github_agent_control_plane-h_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/github_agent_control_plane-h.jpg 1280w" alt="GitHub Agent Control Plane screenshot." data-credit="GitHub"> <figcaption> <i class="icon pictures" data-icon="z"></i>GitHub's Agent Control Plane is part of a wider strategy to centralize coding agent management on its platform. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Visual Studio Code adds AGENTS.md files"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Visual Studio Code adds AGENTS.md files</h2> <p>GitHub also updated Copilot integrations with Microsoft's Visual Studio Code IDE, which includes a new AGENTS.md file format that specifies rules and guardrails for custom agents. Users building custom agents in VS Code also have the option to use a new plan mode to build Copilot tasks, which asks clarifying questions along the way to ensure workflow steps aren't missed. Finally, VS Code users can access a centralized Model Context Protocol (MCP) server repository through new integration with GitHub's <a target="_blank" href="https://github.blog/ai-and-ml/github-copilot/meet-the-github-mcp-registry-the-fastest-way-to-discover-mcp-servers/" rel="noopener">MCP Registry</a>.</p> <p>"Plan mode strikes me as a great way to engage more casual or new developers," Andersen said. "I also like the notion of the AGENTS.md file, and if it were to become a standard for agentic development somehow, it would go a long way toward improving agent management."</p> <p><i>Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? </i><a href="mailto:beth.pariseau@informatechtarget.com?subject=News%20tip"><i>Email her</i></a><i> or reach out </i><a target="_blank" href="https://x.com/PariseauTT" rel="noopener"><i>@PariseauTT</i></a><i>.</i></p> </section> GitHub will support and orchestrate agents from partners including OpenAI, Anthropic, Google and xAI through an agent control plane and mission control interface. https://cdn.ttgtmedia.com/rms/onlineimages/code_g1133924836.jpg https://www.techtarget.com/searchsoftwarequality/news/366633584/GitHub-Agent-HQ-opens-platform-to-third-party-coding-agents Tue, 28 Oct 2025 11:31:00 GMT GitHub Agent HQ opens platform to third-party coding agents <p>When implemented correctly, API caching can reduce an application's load and increase responsiveness.</p> <p>Caching can be a more efficient way of serving data to customers that reduces costs and improves performance. Without proper implementation and testing, caching problems can lead to unmanageable loads, cascading failures and ultimately the breakdown of an application.</p> <p>Many <a href="https://www.techtarget.com/searchapparchitecture/tip/A-quick-breakdown-of-Postman-vs-Insomnia">management tools</a> -- including open source tools -- can easily integrate with an application to perform API caching processes. With the right combination of tools and techniques, development and testing teams can ensure caching works properly and doesn't unnecessarily drain application performance.</p> <section class="section main-article-chapter" data-menu-title="What is API caching?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What is API caching?</h2> <p>API caching is a process that places commonly requested objects in a secondary data store to avoid continuous calls to a primary database or any other type of data store. A<a href="https://www.techtarget.com/searchstorage/definition/cache"> </a><a href="https://www.techtarget.com/searchstorage/definition/cache">cache</a>'s primary advantage is processing speed, as it enables an application to fetch commonly requested objects from sources that it can access efficiently.</p> <p>Choosing between a primary data store and a cache comes down to speed vs. size. Data in a primary database might have more structure and searchability, but it can still be harder to access than data in a dedicated cache.</p> </section> <section class="section main-article-chapter" data-menu-title="Why API caching is important"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why API caching is important</h2> <p>API caching can often be an inexpensive way to improve performance. By using tools that store the most commonly requested data from an application, developers can reduce the load on the application and speed up requests for most users.</p> <p>Caching can also be a rudimentary stopgap to manage scaling issues, since most requests will ideally be answered by the cache and a large amount of traffic gets offloaded from directly hitting application servers. In the event of an underlying application failure, a well-implemented cache can also help <a href="https://www.techtarget.com/searchdatabackup/feature/The-cost-of-downtime-and-how-businesses-can-avoid-it">avoid downtime</a> by at least serving stale data, rather than serving nothing at all.</p> </section> <section class="section main-article-chapter" data-menu-title="Types of API caching strategies"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Types of API caching strategies</h2> <p>There are several well-known API caching strategies, including cache-aside, read-through, write-through, write-back and write-around.</p> <h3>Cache-aside</h3> <p>The most common caching strategy, cache-aside, uses the application itself to manage the cache. If there is a cache miss, the application retrieves the value from the database and inserts it into the cache. On writes of new data, the application stores the data in the database and simply invalidates any cache entry for that data. This strategy is also known as <a href="https://www.techtarget.com/searchsoftwarequality/definition/lazy-loading">lazy loading</a> because nothing saves to the cache until it's requested from the application. Lazy loading ensures that the cache contains the most requested data.</p> <h3>Read-through</h3> <p>In a read-through cache setup, the cache sits between the application and the database. When data is requested from the application, the application makes a request to the cache. If there is no entry for the data, the cache fetches the value from the database and returns it to the application, saving it in the cache along the way.</p> <h3>Write-through</h3> <p>The write-through strategy is similar to read-through. When data is written to the application, the cache handles writing the data to the database, caching the value that is written to the database.</p> <h3>Write-back</h3> <p>In the write-back strategy, the application writes data to the cache and then the cache <a href="https://www.techtarget.com/searchapparchitecture/tip/Synchronous-vs-asynchronous-communication-The-differences">asynchronously writes</a> to the database. The idea behind this caching strategy is to prioritize write performance by caching writes, since the cache is responsible for writing new data to the database. Data is read by the application through the cache, so data is guaranteed to be up to date even if the cache hasn't yet updated the database.</p> <h3>Write-around</h3> <p>Write-around caching refers to the application writing directly to the database rather than through the cache. The idea behind the write-around strategy is that data written to a cache on writes might simply go unused. Depending on the context of the data and the way the application works, writing to the cache only on reading data might be much more efficient.</p> </section> <section class="section main-article-chapter" data-menu-title="API caching best practices to know"> <h2 class="section-title"><i class="icon" data-icon="1"></i>API caching best practices to know</h2> <p>Development teams should keep these best practices in mind when implementing API caching.</p> <h3>1) Establish a time-to-live (TTL)</h3> <p>TTL is an incredibly important setting for caching tools. Defining a TTL is simply choosing a duration of time for how long a cache entry is valid before it expires and must be re-read from the database. The duration of the TTL depends on the application and the data involved. For example, for product inventory, it would be better to have a shorter TTL that would expire more often and ensure the cache is updated. For data that isn't often updated, like pricing or user profile information, a longer TTL can be used.</p> <h3>2) Determine baseline performance</h3> <p>When integrating API caching into an application, developers should understand performance<a href="https://www.techtarget.com/searchcio/definition/benchmark"> </a>benchmarks, specifically to compare an application's performance with caching against its performance without caching enabled.</p> <p>To begin, developers can<a href="https://www.techtarget.com/searchsoftwarequality/feature/What-to-look-for-in-application-load-testing-tools"> </a><a href="https://www.techtarget.com/searchsoftwarequality/feature/What-to-look-for-in-application-load-testing-tools">create load tests</a> targeted at API requests using tools such as Apache JMeter or Locust. These two open source tools enable developers to scale the number of API requests to simulate various request loads from different types of users. The results of these early load tests can provide an upfront benchmark of the application's performance.</p> <p>A computer's network bandwidth, latency and processing power can have a<a href="https://www.techtarget.com/searchnetworking/answer/What-are-the-3-most-common-network-issues-to-troubleshoot"> </a><a href="https://www.techtarget.com/searchnetworking/answer/What-are-the-3-most-common-network-issues-to-troubleshoot">significant effect</a> on the amount of request loads generated. Developers must keep this in mind when comparing load test results, as the results from one run to another might not prove a valid comparison. To avoid these discrepancies, consider adding a cloud-based load testing tool that uses stable, isolated servers that offer consistent network bandwidth and latency. BlazeMeter or CloudTest are some examples of tools that can do this.</p> <h3>3) Run test scenarios for requests</h3> <p>After getting a baseline benchmark, developers can implement caching and reassess the application's performance. Ideally, the application's ability to handle load under stress should improve -- and, hopefully, its overall performance will too. Regardless of performance, however, teams should also validate the responses that requests return to ensure the cache is behaving properly.</p> <p>One way to confirm this is to <a href="https://www.techtarget.com/searchsoftwarequality/tip/The-crucial-role-of-test-scenarios-especially-in-automation">create test scenarios</a> that check for updated values, which developers can run in just a few steps. For example:</p> <ol type="1" start="1" class="default-list"> <li>Configure a group of requests to specifically use the application's cache exclusively.</li> <li>Make an update to a value located within the application's primary database.</li> <li>Send a request to the application after the cache's expected expiration time to validate that the updated value was returned.</li> </ol> <p>Depending on cache implementation, developers can also run test scenarios to validate certain features.</p> <h3>4) Use key-value stores</h3> <p>Many open source caching tools -- like Memcached -- use a key-value approach to fill the cache in memory as requests come through. Before a value exists in the cache, an application checks the cache for the specified key, which identifies the<a href="https://www.techtarget.com/searchapparchitecture/definition/object"> </a><a href="https://www.techtarget.com/searchapparchitecture/definition/object">objects</a> to return as part of the response.</p> <p>If no key is present in the cache, the tool will query a database and provide a response along with the expected key for the cache to use. Subsequent requests for that same key won't require a query to the database, as they are now stored in the cache.</p> <h3>5) Avoid the thundering herd problem</h3> <p>Imagine there are 10 servers, each serving the same webpage application. The webpage is stored in a cache, with the cache set to expire every five minutes to ensure users consistently see the most recent version of the page. The cache could expire while those 10 servers are under heavy load, leading each server to simultaneously query the cache, find no webpage and attempt to directly access the primary database.</p> <p>Caching under a heavy load like this -- particularly in a distributed system -- can lead to the so-called<a href="https://distributed-computing-musings.com/2021/12/thundering-herd-cache-stampede/"> </a><a href="https://distributed-computing-musings.com/2021/12/thundering-herd-cache-stampede/">thundering herd</a> problem. Allowing 10 servers to query the database at once creates a heavy load, and a computationally intense query could easily cause a cascading number of requests to time out as the database continues to struggle. Furthermore, when those failed requests retry, they'll continue to put even more load on the database and potentially render the application useless.</p> <p>Fortunately, there are a few ways to avoid a thundering herd scenario. For one, lock the cache to ensure only one process can update the cache at a time. With the lock in place, applications trying to update the cache can use previously stored values until the update is complete. Developers can also use an external process to update the cache rather than relying on the application itself.</p> <p>Another useful way to avoid a thundering herd is to update the cache expiration to a predicted value as the cache's expiration time nears. In a case like this, applications that rely on the cache can also calculate expected expiration times and provide a better way to ensure they don't all expire at once.</p> <h3>6) Design with security in mind</h3> <p>Because caching is storing data, it's important to consider the security implications when using caching tools. Any type of personally identifiable information shouldn't be cached as a general rule. Access to the cache should also be restricted, as it would be a vulnerability to a possible attack.</p> <p>If an attacker can access the cache, they could insert malicious data that could then be used to compromise user accounts or other sensitive data. There should be specific controls in place to validate any data inserted into the cache to prevent these types of attacks. The cache should only be accessible by the application or database required for it to function.</p> <p><i>Matt Grasberger is a DevOps engineer with experience in test automation, software development and designing automated processes to reduce work.</i></p> </section> API caching can increase the performance and response time of an application, but only if it's done right. Learn about some of the caching tools and techniques worth implementing. https://cdn.ttgtmedia.com/rms/onlineimages/code_g1289411982.jpg https://www.techtarget.com/searchapparchitecture/tip/API-caching-strategies-and-best-practices Mon, 27 Oct 2025 16:15:00 GMT API caching strategies and best practices <p>User experience design, or UX design, is the process of building a product that's user-friendly and provides enhanced user experiences through elements like the user interface (<a href="https://www.techtarget.com/searchapparchitecture/definition/user-interface-UI">UI</a>), visuals and navigation features. The main objective of UX design is to focus on the end user's needs and accordingly design (or redesign) a product that effectively meets those needs. Such products tend to resonate more with users, which then enables organizations to drive customer satisfaction and garner their loyalty.</p> <section class="section main-article-chapter" data-menu-title="What is user experience design?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What is user experience design?</h2> <p>The goal of UX design is to design and implement a product that will provide positive and relevant interactions with users. UX design, sometimes called <i>user-centric</i> or <i>user-centered design</i>, involves all aspects of <a href="https://www.techtarget.com/searchcio/definition/product-development-or-new-product-development-NPD">product development</a> and design, such as the following:</p> <ul class="default-list"> <li>Packaging and branding.</li> <li>Installation and setup.</li> <li>Operation, usability and performance.</li> </ul> <p>In short, UX design helps designers create products that are both practical and usable. <a href="https://www.techtarget.com/searchsoftwarequality/tip/UX-design-principles-Why-should-testers-know-them">UX design addresses</a> six major areas:</p> <ul class="default-list"> <li><b>Usefulness.</b> The product must fill a practical need for the user.</li> <li><b>Desirability. </b>The product should use attractive and consistent aesthetics, such as visual design.</li> <li><b>Usability.</b> The product must be simple to use and provide a familiar suite of features and functions.</li> <li><b>Accessibility.</b> The product must be usable by everyone, including users with disabilities.</li> <li><b>Supportability.</b> The product must be well-supported so that users can resolve problems quickly and easily.</li> <li><b>Credibility.</b> The product must be trustworthy, such as from a reputable company or implementing effective security.</li> </ul> <p>While UX design is often associated with <a href="https://www.techtarget.com/searchsoftwarequality/tip/A-guide-to-software-design-documentation-and-specifications">software design</a> or digital services design, the term is also readily applied to any physical product or construct.</p> <p>Furthermore, the scope of UX design is not limited to external users or customers. UX teams can also implement UX design best practices to enhance UX for internal and/or business users rather than individual consumers.</p> <p>For example, UX in <a href="https://www.techtarget.com/searchcio/definition/enterprise-IT-enterprise-class-IT">enterprise IT</a> involves designing software and applications for businesses and their employees. For such projects, UX teams perform <a href="https://www.techtarget.com/searchsoftwarequality/definition/UX-research">UX research</a> to understand business requirements so they can focus on meeting business needs for specific user groups and improving complex or unique business workflows.</p> </section> <section class="section main-article-chapter" data-menu-title="Why is UX design important?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Why is UX design important?</h2> <p>The user experience is a critical consideration in attracting and retaining users or customers.</p> <p>Consider any physical or <a href="https://www.techtarget.com/whatis/definition/digital">digital</a> product. If users don't need the product, don't enjoy using the product or can't reasonably use the product without undue difficulty, they will simply stop using the product and possibly adopt a competitor's product instead.</p> <p>Conversely, an effective and reliable product that meets a clear need and offers good performance and support can drive business revenue, boost business reputation and enhance user loyalty to the business and its brand.</p> <p>Because users provide the business revenue derived from products or services, a good user experience is critical for the businesses that provide those products and services. Ignoring or taking shortcuts around UX processes, such as usability testing or <a href="https://www.techtarget.com/searchsoftwarequality/definition/user-acceptance-testing-UAT">user acceptance testing</a>, can be a risky decision for <a href="https://www.techtarget.com/searchcio/definition/project-management">project managers</a> and product <a href="https://www.techtarget.com/searchcio/definition/stakeholder">stakeholders</a>.</p> <p>Finally, UX design should be treated as a dynamic part of any product design. UX design decisions aren't permanent, so user experience strategies can be regularly updated and modified as market demands, competitive forces, user expectations and enabling technologies evolve. User research and user experience testing are often employed to periodically reassess UX design choices.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/software_quality-ux_into_devops.png"> <img data-src="https://www.techtarget.com/rms/onlineImages/software_quality-ux_into_devops_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/software_quality-ux_into_devops_mobile.png 960w,https://www.techtarget.com/rms/onlineImages/software_quality-ux_into_devops.png 1280w" alt="A chart showing how to bring UX into DevOps." height="359" width="520"> <figcaption> <i class="icon pictures" data-icon="z"></i>For UX design to be successful, it should be considered an essential component of product design and development. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="UX design principles and best practices"> <h2 class="section-title"><i class="icon" data-icon="1"></i>UX design principles and best practices</h2> <p>UX design should not be a haphazard or unstructured effort which could result in poor quality products that negatively affect UX. UX design should be a systematic, structured and repeatable process that helps in the development of products that are usable, accessible and intuitive. Such products deliver <a href="https://www.techtarget.com/searchcontentmanagement/definition/digital-user-experience">digital user experiences</a> that are frictionless, enjoyable and foster customer engagement and loyalty.</p> <p>A structured UX process is made possible by applying several UX design best practices and principles that enhance the business value of UX, including the following:</p> <ul class="default-list"> <li><b>Focus on the end user. </b>UX design should always consider user needs and pain points at every step of the design and <a href="https://www.techtarget.com/searchcustomerexperience/definition/implementation">implementation</a> process. A user-centric design process never loses sight of the end goal: to create a product that enables target users to solve their problems and reach their goals in an easy, quick and enjoyable way.</li> <li><b>Prioritize product simplicity and usability.</b> A simple product tends to be easy to use, allowing users to effortlessly find what they need and accomplish what they set out to do. One way to determine what users are looking for is usability testing. Usability testing enables designers to understand how users want to navigate within the product, and whether they are facing any issues impeding navigation that should be addressed. It also provides useful insights that can pinpoint design problems and highlight gaps that should be closed to improve the product's UX.</li> <li><b>Ensure a visually consistent design.</b> A visually consistent design goes a long way toward improving UX. Consistency in the layout, format, elements, visuals and other interface elements makes the product more intuitive and helps to eliminate confusion for users during product navigation.</li> <li><b>Balance simplicity with function.</b> Simplicity should not come at the cost of functionality. A simple design can also deliver great functionality when UX designers aim to balance both. <a href="https://www.techtarget.com/searchsoftwarequality/definition/functional-testing">Functional testing</a> will help ensure that the end product functions as intended without inconveniencing the user.</li> <li><b>Focus on hierarchical design</b>. A well-thought-out visual hierarchy enables users to intuitively understand the various product elements and navigate to them easily. It focuses on key aspects like scale, color and contrast to create a user-friendly and engaging product. Within such products, users can easily understand the content and find what they are looking for without losing their way or getting frustrated.</li> <li><b>Simplify accessibility and navigability.</b> UX-focused products are intuitive and easy to use by all kinds of users, even users with vision, hearing or other limitations. To design accessible products, UX designers can refer to reliable sources, such as the W3C consortium's <i>Web Content Accessibility Guidelines</i> (<a href="https://www.w3.org/WAI/standards-guidelines/wcag/">WCAG</a>). These recommendations are meant to help product designers and developers to "make web content more accessible to people with disabilities." The term <i>web content</i> means the information provided in both web pages and web applications.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="UX vs. UI vs. CX: What's the difference?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>UX vs. UI vs. CX: What's the difference?</h2> <p>The terms UI and UX are often used interchangeably. This is a common mistake because the UI is the primary mechanism for user interaction with a product and is central to the overall user experience.</p> <p>In practice, UI design is a subset of UX design. User experience design involves all aspects of a product and its behavior, while user interface design focuses on the look, shape and other user interactions with the overall product.</p> <p>Consider a software product with a menu-based UI. Even though the software product might fill a practical need and operate flawlessly as part of the overall UX, a software UI with cumbersome, inconsistent, poorly defined, multilayered menus or visually confusing button placement can have a negative effect on the user experience.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/software_quality-ux_and_ui_table.jpg"> <img data-src="https://www.techtarget.com/rms/onlineImages/software_quality-ux_and_ui_table_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/software_quality-ux_and_ui_table_mobile.jpg 960w,https://www.techtarget.com/rms/onlineImages/software_quality-ux_and_ui_table.jpg 1280w" alt="Compairson of UX and UI." height="168" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>While both are user-centric, there are some differences in the approaches and methodologies employed for UX and user interface design. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>Similarly, the terms customer experience (<a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-experience-CX">CX</a>) and UX are also used synonymously. The two concepts both aim to improve user interactions with a brand and ultimately enhance their experiences during interactions. However, the scope and focus of a customer experience strategy is much broader than that of UX.</p> <p>Where UX focuses on enhancing user interactions with a specific product or service, CX aims to enhance the entire user journey with a brand. Customer brand journeys typically include multiple interactions over multiple touchpoints. These touchpoints in the <a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-journey-map">customer journey map</a> might be offline or online, direct or indirect.</p> <p>For example, User A might see an ad for a product on social media, prompting them to think about purchasing it. They might then research the product through a Google search and then go to the company's website to purchase it. A few days later, they might interact with the company's <a href="https://www.techtarget.com/searchcustomerexperience/definition/contact-center">contact center</a> via a phone call or an automated <a href="https://www.techtarget.com/searchcustomerexperience/definition/chatbot">chatbot</a> to get clarification about a specific feature or functionality. A couple of months later, they might fill out a survey form to provide product feedback or they might join the brand's online community to share their experiences using the product. They might also purchase other products from the same company after receiving email newsletters.</p> <p>All of these are various touchpoints and CX aims to improve user-brand interactions on all of them. Thus, where UX focuses on ensuring that users can easily achieve their objectives with a particular product, CX is about enhancing user perceptions and experiences across all stages of their relationship with the brand.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/lqaO53DJsYk?si=uaI_yv_W2PFDOtwo?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <p></p> </section> <section class="section main-article-chapter" data-menu-title="Benefits of a strong user experience"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Benefits of a strong user experience</h2> <p>By designing products that enhance user experiences, companies can enjoy the following benefits:</p> <ul class="default-list"> <li><b>Enhanced customer satisfaction.</b> User-centric products enable users to easily find what they need, solve their problems and reach their goals. Users don't encounter issues that might otherwise cause resistance, so they enjoy their interactions with the product.</li> <li><b>Increased customer loyalty and retention. </b>Customers are more likely to be loyal to user-friendly, intuitive, consistent products with enhanced UXs, which can result in higher <a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-retention">customer retention</a>.</li> <li><b>Stronger revenues and profitability</b>. When users enjoy seamless product experiences, they are more open to interacting with the product, engaging with its content and taking actions such as purchasing more products (cross-sell) or higher-value products (upsell).</li> <li><b>Elevated brand reputation. </b>Products that consistently deliver an improved UX enhance the brand's reputation. Brands that are considered customer-focused, trustworthy and reliable can boost the company's market standing and <a href="https://www.techtarget.com/searchcio/definition/competitive-advantage">competitive posture</a>.</li> <li><b>Lower customer acquisition costs.</b> Products that have a reputation for offering a superior UX stand out from competitor products. This can be an important unique selling point (<a href="https://www.techtarget.com/whatis/definition/unique-selling-point-USP">USP</a>) in crowded markets saturated with similar products. By prioritizing UX, businesses can attract more potential customers while reducing the cost of acquiring those customers.</li> <li><b>Lower support costs.</b> User-friendly products allow users to easily work with the product the way it's intended to be used, so they are less likely to contact customer support with enquiries or complaints.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="How to measure and evaluate the user experience"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to measure and evaluate the user experience</h2> <p>UX is a measurable concept that informs how businesses approach and optimize product design. It's important to evaluate and measure the impact of UX to ensure that the product is enhancing user lives in some way and empowering them to meet their goals.</p> <p>Some effective ways to measure UX include:</p> <ul class="default-list"> <li><b>Conduct usability testing and gather user feedback.</b> A usability test involves a small group of actual users who interact with a product to assess its usefulness, features, intuitiveness and accessibility. The product's designers and developers observe the behaviors of these users and ask them for detailed feedback via forms or surveys to identify issues and pinpoint improvement areas. They then implement these findings to improve the product design and, ultimately, deliver a more intuitive, user-centric product.</li> <li><b>Run a split test (A/B test).</b> In an <a href="https://www.techtarget.com/searchmobilecomputing/tip/Benefits-of-mobile-app-A-B-testing-for-developers">A/B test</a>, different groups of users are shown different versions of the same product to determine which version performs better against a certain goal, such as more newsletter sign-ups, more button clicks, more in-app purchases and so on. The two versions might differ in terms of layout, theme, color scheme, navigation elements, headlines, etc. The tester tracks user behaviors with each version and measures the outcomes of each group to identify the winning product version to implement real-world deployment.</li> <li><b>Collect UX metrics for executives and business decision-makers. </b>Executives and decision-makers can use many metrics to measure UX and gauge whether the product meets user expectations and needs. These metrics include the following: <ul style="list-style-type: circle;" class="default-list"> <li><b>Page load time.</b> How long a page takes to load -- a lower load time is desirable.</li> <li><b>Bounce rate.</b> The percentage of users who leave the product after viewing only a single page -- a lower bounce rate is desirable.</li> <li><b>Time on task.</b> The amount of time a user takes to complete a specific activity -- the lower this time, the easier the product is to use and navigate.</li> <li><b>Error rate.</b> The number of <a href="https://www.techtarget.com/searchsoftwarequality/definition/bug">bugs</a> or crashes that negatively impact UX -- fewer errors means that users encountered fewer problems while interacting with the product.</li> <li><b>Session length.</b> The amount of time users spend per visit -- a longer session along with a higher interaction rate suggests that users like the product and are willing to spend more time using it.</li> <li><b>Click-through rate (CTR).</b> The percentage of users who click on a button or call-to-action link -- a higher CTR indicates greater user satisfaction and a willingness to keep engaging with the product.</li> </ul> </li> </ul> <p>In addition to gathering the above metrics, UX teams can implement end-user experience monitoring (<a href="https://www.techtarget.com/searchenterprisedesktop/definition/end-user-experience-monitoring-EUEM">EUEM</a>) to monitor the product performance from a user's perspective. EUEM helps highlight performance issues that need to be resolved to improve UX.</p> <ul class="default-list"> <li><b>Use customer service metrics (NPS/CSAT/CES).</b> Quantitative metrics like Net Promoter Score (<a href="https://www.techtarget.com/searchcustomerexperience/definition/Net-Promoter-Score-NPS">NPS</a>) and customer satisfaction (<a href="https://www.techtarget.com/whatis/definition/customer-satisfaction-CSAT">CSAT</a>) are typically used to measure CX. However, they can also be used to measure and optimize UX. For example, NPS can highlight how pleased a user is with the product and how likely they are to recommend it to others. The company can then determine what they need to do to improve UX and NPS to try to enhance the user's product (and brand) loyalty. Similarly, a CSAT score shows how satisfied a user is with their product experience. A low score indicates that there is room for improvement. Brands can also use customer effort score (<a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-effort-score-CES">CES</a>) to measure how easily a customer is able to use the product. They can then determine what changes are required to improve the product's usability, accessibility or navigability.</li> <li><b>Determine actions from measured data points.</b> It's important to analyze all the gathered data points. Deep analyses enable teams to identify improvement areas and take appropriate actions to resolve issues and enhance UX.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="What does a UX designer do?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What does a UX designer do?</h2> <p>In general terms, a UX designer plays a central role in product design and is typically responsible for the user's overall product or service satisfaction. A UX designer can often approach the role as a customer advocate by looking for new and innovative ways to improve the customer's experience through the product or service using the following <i>why</i>, <i>what </i>and <i>how </i>considerations:</p> <ul class="default-list"> <li><b>Why. </b>Addresses user motivations in selecting and using a product.</li> <li><b>What. </b>Addresses the features and functionalities of the product.</li> <li><b>How. </b>Addresses the accessibility and aesthetics of the product.</li> </ul> <p>In more specific terms, UX designers perform a variety of design-related tasks, including the following:</p> <ul class="default-list"> <li>Understand the business, the brand and the user base, as well as the problem the product is intended to solve.</li> <li>Research users to identify behaviors, needs, goals and challenges through tools such as surveys, interviews, focus groups and user acceptance testing.</li> <li>Use that understanding and research to visualize how user <a href="https://www.techtarget.com/searchcio/definition/workflow">workflows</a> should operate; for example, what does a clear and concise software menu or interface look like?</li> <li>Design the product using mockups, wireframes, models or other <a href="https://www.techtarget.com/searcherp/definition/prototype">prototypes</a> to give other stakeholders and designers a clear picture of the product, including the UI.</li> <li>Test the product to validate user interactions and acceptance; make changes to the design as needed to optimize the design for user experience.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/steps_in_the_ux_design_process-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/steps_in_the_ux_design_process-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/steps_in_the_ux_design_process-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/steps_in_the_ux_design_process-f.png 1280w" alt="Visual showing 6 steps of the UX design process." height="255" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>These six steps are part of virtually all UX design projects, and might require the participation of a number of business groups besides the interface design team. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>UX designers employ a wide range of technical and interpersonal skills to accomplish their tasks successfully. Technical skills can involve strong research, data organization and prototyping skills, as well as basic visual design and coding skills for software development environments. Interpersonal skills include strong communication, collaboration and critical thinking.</p> </section> <section class="section main-article-chapter" data-menu-title="How to become a UX designer"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to become a UX designer</h2> <p>There are no formal requirements to become a UX designer. Most engineers and developers start with a basic technical degree and gain experience in UX concepts through their day-to-day projects.</p> <p>Professionals who seek a dedicated <a target="_blank" href="https://www.coursera.org/professional-certificates/google-ux-design" rel="noopener">UX design role</a> can:</p> <ul class="default-list"> <li>Take advantage of educational opportunities to study UX concepts and tools.</li> <li>Become involved with projects that use UX design skills and perhaps volunteer as a member of a product design/UX team.</li> <li>Develop a portfolio of successful UX designs.</li> <li>Apply for related UX design jobs inside or outside of the company.</li> </ul> <p>UX roles can go by many names, including product designer, service designer, user interaction designer and UX designer. Smaller organizations typically provide a broader scope of UX roles and responsibilities, while larger organizations might expect greater levels of specialization from UX designers, such as research, analysis or engineering. Senior UX designers can often move into management roles, such as project manager or UX director.</p> </section> <section class="section main-article-chapter" data-menu-title="How to align enterprise goals with UX strategy"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to align enterprise goals with UX strategy</h2> <p>Aligning UX strategy with broader enterprise goals enables organizations to enhance customer engagement and retention. Satisfied customers are more loyal and play a big role in boosting enterprise revenues, profits and growth. Alignment between UX and business goals also reduces support costs, which again, contributes to higher profits.</p> <p>Some strategies to achieve alignment between UX strategy and enterprise goals include the following:</p> <ul class="default-list"> <li><b>Define measurable UX goals.</b> Vague goals like "we want to increase our customer base" or "we want to increase revenues from Product X" are hard to understand and even harder to achieve. Instead, organizations should define clear UX goals like "decrease bounce rates by 10%" or "reduce page load time from 7 seconds to 3 seconds." It's also helpful to tie UX goals with business <a href="https://www.techtarget.com/searchbusinessanalytics/definition/key-performance-indicators-KPIs">KPIs</a> like NPS, CSAT or customer acquisition cost (<a href="https://www.techtarget.com/searchcustomerexperience/definition/customer-acquisition-cost">CAC</a>). Such alignment ensures that the UX team never loses sight of the company's broader goals and consistently works toward achieving them during the UX design process.</li> <li><b>Break down larger goals into smaller more specific tasks.</b> A broad goal can be overwhelming for some teams because it often states the "what" but does not clarify the "how." One way to remedy this situation is to break down the goal into smaller action items. For example, goal of "reduce page load time from 7 seconds to 3 seconds" can be split into the following smaller goals: <ul class="default-list"> <li>Resize images to reduce their file size.</li> <li>Implement <a href="https://www.techtarget.com/searchsoftwarequality/definition/lazy-loading">lazy loading</a> for images to improve initial load size.</li> <li>Reduce the size of <a href="https://www.theserverside.com/definition/HTML-Hypertext-Markup-Language">HTML</a>, <a href="https://www.theserverside.com/definition/cascading-style-sheet-CSS">CSS</a> and <a href="https://www.theserverside.com/definition/JavaScript">JavaScript</a> files.</li> <li>Reduce page size.</li> <li>Distribute content across multiple servers with a content delivery network (<a href="https://www.techtarget.com/searchnetworking/definition/CDN-content-delivery-network">CDN</a>).</li> <li>Minimize redirects.</li> <li>Limit third-party scripts.</li> <li>Change or upgrade hosting to boost server response time.</li> </ul> </li> <li><b>Encourage cross-functional collaboration. </b>Successful organizations don't just build customer-centric products, they <i>are</i> customer-centric. In a customer-centric organization, all departments collaborate closely to define UX goals and the various tactics that are most likely to achieve those goals. This means removing communication siloes between product, design, engineering, sales, marketing, support and any other department that is directly or indirectly involved in UX or CX design and optimization. Breaking down siloes ensures that everyone is always on the same page and working together to solve user problems and deliver useful, user-centric products.</li> <li><b>Build a </b><strong>feedback loop</strong><b> into the design process</b>. User <a href="https://www.techtarget.com/searchitchannel/definition/feedback-loop">feedback</a> can help firms to continually improve their products and ensure that those products align with their business goals. Real-world inputs received via surveys, interviews, usability testing, A/B testing and so forth, reflect the behavior of real users. Design teams can then analyze the information to bridge the gap between what users want and what the product actually delivers.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/7_ux_design_principles-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/7_ux_design_principles-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/7_ux_design_principles-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/7_ux_design_principles-f.png 1280w" alt="Visual of 7 principles of UX design" height="280" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>These seven UX design principles outline the process of developing user-friendly application and web page experiences. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Common UX design mistakes"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Common UX design mistakes</h2> <p>Some common UX design mistakes that limit digital product usability and might diminish UX include:</p> <ul class="default-list"> <li><b>Not putting the user at the center of all product decisions. </b>Teams that don't put the user first might end up with products that fail to satisfy user needs. Conducting user surveys and gathering user feedback can help them to design products where the user is front and center.</li> <li><b>Not defining clear UX goals. </b>Every part of the product design should be aimed at enhancing UX. This requires defining clear goals and <a href="https://www.techtarget.com/searchcustomerexperience/definition/business-metric">metrics</a> that inform design strategies and decisions and also enable UX teams to measure whether they are progressing appropriately.</li> <li><b>Making too many changes.</b> Too many or too frequent design changes in an ad hoc manner can confuse users and diminish UX. When making changes, it's vital to consider the user's perspective and the expected benefits of the changes. It's also important to make a clear business case for the changes. If the benefits and business case are not clear, it's better to pause or abandon the redesign effort or to reduce the redesign scope.</li> <li><b>Not gathering user feedback.</b> Many teams fail to gather user feedback prior to product launch, usually due to time constraints and tight schedules.</li> <li><b>Not testing the product regularly. </b>Regular testing can reveal bugs and usability issues<b> </b>early during development. It's easier and less expensive to fix issues early in the design and development cycle. Testing pre-launch product iterations also ensures that the end product actually meets user needs and improves UX.</li> <li><b>Complicating the design.</b> A simple, user-friendly design is usually better than a design that offers too many options and features. If a feature (button, link, text, etc.) is not absolutely necessary, it shouldn't be included.</li> <li><b>Not coordinating with other customer-facing teams.</b> UX and CX are closely related, so the UX and design teams must collaborate with other customer-facing teams, such as marketing and support. Regular check-ins and clear communication among all teams will help ensure that they can coordinate their efforts to improve UX and build a customer-centric organization.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="History of UX"> <h2 class="section-title"><i class="icon" data-icon="1"></i>History of UX</h2> <p>User experience is basically the notion of how well people and machines interact. Thus, UX as a discipline can trace its roots back to the 19th-century industrial era when factories proliferated and required people to operate the factory production machines. The ways that production equipment and factory workflows brought efficiency to manufacturing are often considered the precursor to UX.</p> <p>Eventually, traditional factory environments and workflows evolved to improve working conditions for people, bringing concepts of human factors, safety and <a href="https://www.techtarget.com/whatis/feature/5-workplace-ergonomic-tools-to-improve-employee-experience">ergonomics</a> into the design of equipment and devices -- designing systems and workflows that better fit human capabilities and behaviors.</p> <p>As computer technology emerged and evolved, the ideas of UX translated into early computer designs. These early innovations included the graphical user interface (GUI) and the mouse, physical and virtual mechanisms still standard today. The actual term <i>user experience</i> is thought to have originated in the 1990s when cognitive psychologist Donald Norman joined Apple with the title <i>user experience architect</i>. Norman's book, <i>The Design of Everyday Things</i>, is still standard reading for UX studies.</p> <p>By the 1990s, the field of human-computer interaction emerged, blending fields of GUIs, <a href="https://www.techtarget.com/searchenterpriseai/definition/cognitive-modeling">cognitive sciences</a> and human-centric design concepts to refine and expand what UX entails. As technology introduced devices such as PCs, tablets and smartphones, the role and importance of UX in technology continued to expand.</p> </section> <section class="section main-article-chapter" data-menu-title="The future of UX and UX design"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The future of UX and UX design</h2> <p>Enhancing UX and focusing on UX design continue to be high priorities for customer-centric organizations. In the coming years, it's likely that these businesses will continue to maintain this focus, but they will also explore newer ways to design and deliver memorable UX to their users and customers.</p> <p>To do this consistently and cost-effectively, they will leverage advanced technologies like <a href="https://www.techtarget.com/searchenterpriseai/definition/AI-Artificial-Intelligence">AI</a> and machine learning (<a href="https://www.techtarget.com/searchenterpriseai/definition/machine-learning-ML">ML</a>) to inform their UX design strategies. These technologies will enable UX teams to design hyper-personalized UX. AI will allow them to deliver tailored content to match the needs and expectations of individual users. AI tools will help them to seamlessly adapt product interfaces in response to user actions, thus ensuring natural and intuitive real-time user-product interactions.</p> <p>AI features and <a href="https://www.techtarget.com/searchenterpriseai/definition/AI-agents">AI agents</a> are already being integrated into popular UX tools like Figma and Dovetail. As AI technology develops further, more tools will include AI capabilities that will help to streamline many time-consuming UX-related tasks, such as user research. This will enable UX designers and developers to save time and focus on more strategic tasks where their human skills can provide more value than AI, such as conducting qualitative research, building user maps and personas, and analyzing user feedback to inform design decisions.</p> <p>Also, small and domain-specific LLMs will improve in the near future. These models will power AI-enabled UX products for specific domains and environments. For example, organizations in regulated industries like healthcare and finance will be able to use these products to enhance UX for their user base, while also maintaining compliance with applicable user <a href="https://www.techtarget.com/searchcio/definition/privacy-compliance">privacy laws</a> and regulations.</p> <p><a target="_blank" href="https://uxpa.org/wp-content/uploads/sites/9/2024/11/UXPA_SalarySurvey_2024_v1.pdf" rel="noopener">Recent research</a> by the User Experience Professionals Association (<a target="_blank" href="https://uxpa.org/" rel="noopener">UXPA</a>) International, an organization that champions the advancement of UX through education, community, shared knowledge and collective action, suggests that many UX professionals are already using AI in their roles. According to the research report, in 2024, 47% of them said that they "found some value" by applying AI to their work. Many more (53%) expect to use AI in the coming years as they gain a better understanding of not only the appropriate uses of AI for enhancing UX, but also the potential pitfalls and weaknesses of AI that might lead to UX deterioration.</p> <p>Apart from AI and ML, UX specialists will also embrace technologies like augmented reality (<a href="https://www.techtarget.com/whatis/definition/augmented-reality-AR">AR</a>), virtual reality (<a href="https://www.techtarget.com/whatis/definition/virtual-reality">VR</a>) and the internet of things (<a href="https://www.techtarget.com/iotagenda/definition/Internet-of-Things-IoT">IoT</a>) to reshape how users interact with products and to enhance the experiences delivered by those products. They will also leverage the human-centered <i>design thinking</i> approach to develop innovative solutions that effectively address human problems and needs.</p> <p>To effectively use these technologies, UX professionals should invest in continuous learning. They should also keep themselves updated on emerging developments in areas like human-centered ethics, data privacy, CX and even cognitive psychology. An understanding of the key concepts within these areas will enable UX specialists to create products that resonate with users and deliver memorable UX.</p> </section> User experience design, or UX design, is the process of building a product that's user-friendly and provides enhanced user experiences through elements like the user interface (UI), visuals and navigation features. https://cdn.ttgtmedia.com/visuals/digdeeper/6.jpg https://www.techtarget.com/searchcio/definition/UX-user-experience Tue, 21 Oct 2025 13:02:00 GMT What is user experience and UX design? Why should you care? <p>Kubernetes manifests are crucial to managing Kubernetes clusters and the software running on them.</p> <p>Manifests are the configuration files for Kubernetes resources -- so any organization using Kubernetes can benefit from understanding more about manifests and how to validate them.</p> <p>Without validating manifests before applying, there is a significant risk of failing a deployment by applying an invalid manifest. Malformed manifests can cause downtime, as some misconfigurations result in an unreachable or unlaunchable application. In most cases, an invalid manifest will cause an error when applying and have no effect on the cluster. The resource won't be created if the apply command fails.</p> <p>Learn a basic method of validating Kubernetes manifests using <span style="font-family: 'courier new', courier, monospace;">kubectl</span>, a command line tool included with Kubernetes. Analyze a typical manifest, see how to validate it and learn how to take validation to the next level with policy as code tools.</p> <section class="section main-article-chapter" data-menu-title="Sample Kubernetes manifest"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Sample Kubernetes manifest</h2> <p>Below is a basic manifest that contains a deployment of two nginx containers:</p> <pre><span style="font-family: 'courier new', courier, monospace;">apiVersion: apps/v1</span><br><span style="font-family: 'courier new', courier, monospace;">kind: Deployment</span><br><span style="font-family: 'courier new', courier, monospace;">metadata:</span><br><span style="font-family: 'courier new', courier, monospace;">  name: nginx-deployment</span><br><span style="font-family: 'courier new', courier, monospace;">spec:</span><br><span style="font-family: 'courier new', courier, monospace;">  replicas: 2</span><br><span style="font-family: 'courier new', courier, monospace;">  selector:</span><br><span style="font-family: 'courier new', courier, monospace;">    matchLabels:</span><br><span style="font-family: 'courier new', courier, monospace;">      app: nginx</span><br><span style="font-family: 'courier new', courier, monospace;">  template:</span><br><span style="font-family: 'courier new', courier, monospace;">    metadata:</span><br><span style="font-family: 'courier new', courier, monospace;">      labels:</span><br><span style="font-family: 'courier new', courier, monospace;">        app: nginx</span><br><span style="font-family: 'courier new', courier, monospace;">    spec:</span><br><span style="font-family: 'courier new', courier, monospace;">      containers:</span><br><span style="font-family: 'courier new', courier, monospace;">      - image: nginx:1.14.2</span><br><span style="font-family: 'courier new', courier, monospace;">        name: nginx</span><br><span style="font-family: 'courier new', courier, monospace;">        ports:<br></span><span style="font-family: 'courier new', courier, monospace;"> - containerPort: 80 </span></pre> <p>In general, a manifest specifies how the application runs. Different resource types have different schemas that control the different variables of the resource. For example, a deployment has a <span style="font-family: 'courier new', courier, monospace;">replicas</span> attribute that represents how many containers should run as part of the deployment. Getting these attributes right ensures that Kubernetes deploys the application properly.</p> </section> <section class="section main-article-chapter" data-menu-title="How to validate a Kubernetes manifest"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to validate a Kubernetes manifest</h2> <p>Fortunately, there is a built-in method from Kubernetes to validate manifests: the <span style="font-family: 'courier new', courier, monospace;">--dry-run=server</span> flag in <span style="font-family: 'courier new', courier, monospace;">kubectl</span>. Using <span style="font-family: 'courier new', courier, monospace;">kubectl</span> is sensible because it is the same command that applies the manifests after validation. There are third-party tools that might offer different style or formatting checks, but <span style="font-family: 'courier new', courier, monospace;">kubectl --dry-run=server</span> is the best test for users determining if their manifest is valid for the cluster they are currently connected to.</p> <p>The<span style="font-family: 'courier new', courier, monospace;"> --dry-run=server</span> flag prompts <span style="font-family: 'courier new', courier, monospace;">kubectl</span> to send the manifest to the API server of the Kubernetes cluster, which processes the request as if it were a real creation or update -- but without creating the resources. This way, if the dry-run command succeeds, users can be certain that the manifest is valid for their specific cluster.</p> <p>For example, the <span style="font-family: 'courier new', courier, monospace;">--dry-run=server</span> command generates the following output:</p> <pre><span style="font-family: 'courier new', courier, monospace;">❯ kubectl apply -f nginx-test.yaml --dry-run=server</span><br><span style="font-family: 'courier new', courier, monospace;">deployment.apps/nginx-deployment created (server dry run) </span></pre> <p>The <span style="font-family: 'courier new', courier, monospace;">kubectl</span> command ran successfully. The output shows that the manifest, <span style="font-family: 'courier new', courier, monospace;">deployment.apps/nginx-deployment</span>, was "created". The output also reports that this <span style="font-family: 'courier new', courier, monospace;">apply</span> was run as a server dry run command, so nothing was actually created.</p> <p>If the user makes a change to the manifest that isn't valid, the output will include a failure from the <span style="font-family: 'courier new', courier, monospace;">kubectl apply</span> command that reports the invalid section.</p> <p>For example, if the user accidentally creates a mismatch between <span style="font-family: 'courier new', courier, monospace;">labels</span> and <span style="font-family: 'courier new', courier, monospace;">matchLabels</span>, as in the update manifest below, the manifest is no longer valid and cannot be applied.</p> <pre><span style="font-family: 'courier new', courier, monospace;">apiVersion: apps/v1</span><br><span style="font-family: 'courier new', courier, monospace;">kind: Deployment</span><br><span style="font-family: 'courier new', courier, monospace;">metadata:</span><br><span style="font-family: 'courier new', courier, monospace;">  name: nginx-deployment</span><br><span style="font-family: 'courier new', courier, monospace;">spec:</span><br><span style="font-family: 'courier new', courier, monospace;">  replicas: 2</span><br><span style="font-family: 'courier new', courier, monospace;">  selector:</span><br><span style="font-family: 'courier new', courier, monospace;">    matchLabels:</span><br><span style="font-family: 'courier new', courier, monospace;">      app: nginx-deployment</span><br><span style="font-family: 'courier new', courier, monospace;">  template:</span><br><span style="font-family: 'courier new', courier, monospace;">    metadata:</span><br><span style="font-family: 'courier new', courier, monospace;">      labels:</span><br><span style="font-family: 'courier new', courier, monospace;">        app: nginx</span><br><span style="font-family: 'courier new', courier, monospace;">    spec:</span><br><span style="font-family: 'courier new', courier, monospace;">      containers:</span><br><span style="font-family: 'courier new', courier, monospace;">      - image: nginx:1.14.2</span><br><span style="font-family: 'courier new', courier, monospace;">        name: nginx</span><br><span style="font-family: 'courier new', courier, monospace;">        ports:</span><br><span style="font-family: 'courier new', courier, monospace;">        - containerPort: 80 </span></pre> <p>When running the <span style="font-family: 'courier new', courier, monospace;">kubectl</span> command with the modified manifest above, the following output is generated:</p> <pre><span style="font-family: 'courier new', courier, monospace;">❯ kubectl apply -f nginx-test.yaml --dry-run=server</span><br><span style="font-family: 'courier new', courier, monospace;">The Deployment "nginx-deployment" is invalid: spec.template.metadata.labels: Invalid value: map[string]string{"app":"nginx"}: `selector` does not match template `labels` </span></pre> </section> <section class="section main-article-chapter" data-menu-title="Potential validation problems"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Potential validation problems</h2> <p>The most common problems that would cause a Kubernetes manifest to be invalid are the following:</p> <ul class="default-list"> <li>YAML syntax errors.</li> <li>Missing mandatory fields.</li> <li>Schema violations.</li> <li>Invalid resource references.</li> </ul> <p>Kubernetes manifests are formatted with indents, much like the formatting in Python, because it uses <a href="https://www.techtarget.com/searchitoperations/tip/Learn-YAML-through-a-personal-example">YAML style</a>. In other formatting styles, such as<a href="https://www.theserverside.com/definition/JSON-Javascript-Object-Notation"> </a><a href="https://www.theserverside.com/definition/JSON-Javascript-Object-Notation">JSON</a>, the start/stop of a block is inside brackets. YAML uses whitespace, specifically indents. When indenting a Kubernetes manifest, the tab character isn't valid. Instead, indentation must use spaces. Whitespace formatting can be tricky, since it's not as easy to tell if whitespace in a file consists of spaces, tabs or some mix of the two. Most text editors have a setting to show whitespace characters, which will then show a different symbol to represent what specific type of whitespace character is present.</p> <p>Mandatory fields might create problems for a Kubernetes manifest. Some fields are required, and the manifest cannot be applied without them. If a certain mandatory field is not incorporated, the manifest will fail to be applied to a cluster.</p> <p>If a value is not the correct type -- such as a string where a number is expected -- the manifest is invalid as it does not match the schema definition for that resource. If there are any misspellings in resource fields, such as <span style="font-family: 'courier new', courier, monospace;">apiVerson</span> instead of <span style="font-family: 'courier new', courier, monospace;">apiVersion</span>, the manifest will also fail to match the schema definition.</p> <p>When using <span style="font-family: 'courier new', courier, monospace;">CustomResourceDefinitions,</span> manifests might incorrectly reference a resource before the <span style="font-family: 'courier new', courier, monospace;">CustomResourceDefinition</span> is applied to a cluster. If a resource type is not installed on the cluster, then a manifest that references that resource type will not be valid. This is why it's important to use the <span style="font-family: 'courier new', courier, monospace;">kubectl --dry-run=server</span> flag -- a third-party validation tool often only validates the format and style of a manifest, not actually connecting to the Kubernetes cluster to confirm the manifest can be applied.</p> </section> <section class="section main-article-chapter" data-menu-title="What about policy as code?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What about policy as code?</h2> <p>Validating manifests and using policy as code tools are one and the same. Validating a manifest in the most basic sense means checking to see if the manifest is properly written such that it can be applied to a cluster. Policy as code refers to tools that enforce policies based on configurations stored in version control. An example of a policy as code tool is <a href="https://github.com/kyverno/kyverno" target="_blank" rel="noopener">Kyverno</a>, which is described on its Github repo as "a Kubernetes-native policy engine designed for platform engineering teams. It enables security, compliance, automation and governance through policy-as-code."<br><br>Using Kyverno, teams can improve manifest validation beyond the built-in tool of Kubernetes. Kyverno policies validate and enforce characteristics such as what images are permitted to run on a cluster or whether a pod manifest meets the proper security standards. A common example of a Kyverno policy is only allowing images from a specific repository to run on a cluster. Enforcing this policy ensures that if an attacker did get access to a cluster, they wouldn't automatically be able to start running any container image they wanted.</p> <p>Policy as code tools, such as Kyverno, automate the enforcement of best practices and security policies by treating them as version-controlled definitions. They operate by validating, mutating or generating Kubernetes resources based on these policies -- often applied through admission controllers to enforce rules at the time of creation or update. Using Kyverno policies prevents invalid or non-compliant manifests from ever being applied to the cluster, offering an extra layer of shift-left security and governance beyond basic schema validation.</p> <p><i>Matt Grasberger is a DevOps engineer with experience in test automation, software development and designing automated processes to reduce work.<br></i></p> <p><i>Michael Levan is a seasoned engineer and consultant in the Kubernetes and Security space who spends his time working with startups and enterprises around the globe on Kubernetes consulting, training and content creation. He is a trainer, 4x published author, podcast host, international public speaker, CNCF Ambassador and was part of the Kubernetes v1.28 and v1.31 Release Team.</i></p> </section> Dev teams must validate Kubernetes manifests. Developers can navigate validation and issues that arise with the help of native and third-party tools and other coding methods. https://cdn.ttgtmedia.com/rms/onlineimages/container_g1128254725.jpg https://www.techtarget.com/searchsoftwarequality/tip/How-to-validate-a-Kubernetes-manifest Fri, 17 Oct 2025 12:09:00 GMT How to validate a Kubernetes manifest <p>Hyperledger started as a collection of open source projects created to support the development of blockchain-based distributed ledgers. This included frameworks, standards, tools and libraries to build <a href="https://url.us.m.mimecastprotect.com/s/60vICzpBnGHx8RRl1s4fAu9zltn?domain=techtarget.com">blockchains</a> and related applications. In 2021, Hyperledger Foundation became the official governing body and community for Hyperledger. In 2024, the Linux Foundation, which created Hyperledger in 2015, launched LF Decentralized Trust, which now hosts and owns the Hyperledger projects and a number of other technologies and standards.</p> <p>Since Hyperledger's creation, the project has had contributions from various industries and organizations, such as American Express, IBM, Intel, Microsoft, Samsung and VMware, and blockchain startups, such as Blockstream and Digital Asset. This collaboration includes banking, supply chain management, <a href="https://www.techtarget.com/iotagenda/definition/Internet-of-Things-IoT">internet of things</a>, manufacturing and production-based fields.</p> <p>Hyperledger acts as a hub for different distributed ledger frameworks and libraries. With this, a business could use one of Hyperledger's frameworks to improve efficiency, performance and transactions in its business processes, for example.</p> <p>Hyperledger provides the needed infrastructure and standards for developing blockchain systems and applications. Developers can also use Hyperledger-provided tools to create business blockchain projects. Network participants are all known to each other and can participate in consensus-making processes.</p> <p>Hyperledger-based technology works using the following layers:</p> <ul class="default-list"> <li>A consensus layer, which makes an agreement on order and confirms if the transactions in a block are correct.</li> <li>A <a href="https://www.techtarget.com/searchcio/definition/smart-contract">smart contract</a> layer, which processes and authorizes transaction requests.</li> <li>A communication layer, which manages <a href="https://www.techtarget.com/searchnetworking/definition/peer-to-peer">peer-to-peer</a> message transport.</li> <li>An application programming interface (<a href="https://www.techtarget.com/searchapparchitecture/definition/application-program-interface-API">API</a>), which enables other applications to communicate with the blockchain.</li> <li><a href="https://www.techtarget.com/searchsecurity/definition/identity-management-ID-management">Identity management</a> services, which validate the identities of users and systems.</li> </ul> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/Ppq9WbQL0rw?si=5WFbxUdaI_V_0XAH?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <section class="section main-article-chapter" data-menu-title="Notable frameworks: Hyperledger Fabric and Hyperledger Besu"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Notable frameworks: Hyperledger Fabric and Hyperledger Besu</h2> <p>Two notable Hyperledger projects include Hyperledger Fabric and Hyperledger Besu:</p> <h3>Hyperledger Fabric</h3> <p>This is one of the most popular projects in Hyperledger. It is a <a href="https://www.techtarget.com/searchcio/tip/Permissioned-vs-permissionless-blockchains-Key-differences">permissioned blockchain infrastructure</a> used to build blockchain-based products, software and applications. Hyperledger Fabric was made in cooperation with IBM and Digital Asset. It provides a modular architecture that defines roles between nodes, execution of smart contracts and configurable consensus services. Features of Fabric include the use of smart contracts, as well as pluggable Hyperledger Fabric consensus protocols. Fabric also supports different programming languages through the installation of modules. Hyperledger Fabric is used with <a href="https://www.techtarget.com/searchcustomerexperience/definition/integration">integration</a> projects that need a distributed ledger.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/cio-distributed__vs_central_ledger-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/cio-distributed__vs_central_ledger-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/cio-distributed__vs_central_ledger-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/cio-distributed__vs_central_ledger-f.png 1280w" alt="An image comparing a centralized vs. distributed ledger." height="378" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Hyperledger Fabric is used to build decentralized ledgers. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>Hyperledger Besu</h3> <p>This is an open source <a href="https://www.techtarget.com/whatis/definition/Ethereum">Ethereum</a> codebase that can run on private permissioned platforms or the Ethereum public network. It features the Ethereum Virtual Machine (EVM), <a href="https://www.techtarget.com/whatis/definition/consensus-algorithm">consensus algorithms</a>, user-facing APIs and monitoring. Besu is useful for projects that need interoperability within the Ethereum ecosystem, like decentralized applications, for example.</p> <h3>Other Hyperledger tools and projects</h3> <p>Hyperledger Fabric and Besu are not the only two projects Hyperledger has. Hyperledger offers multiple projects and tools currently active or under incubation -- meaning they require certain exit criteria before being declared active and production-ready. Some of these projects include the following:</p> <ul class="default-list"> <li><b>Hyperledger AnonCreds.</b> This ledger-agnostic project specifies anonymous credentials --anoncreds -- a type of verifiable credential.</li> <li><b>Hyperledger Aries.</b> This toolkit enables creating, transmitting and storing digital credentials and decentralized key management.</li> <li><b>Hyperledger Bevel. </b>An accelerator for <a href="https://www.techtarget.com/searchcio/definition/distributed-ledger">distributed ledger technology</a> deployment, Bevel enables DLT set-up, deployment and integration with new organizations.</li> <li><b>Hyperledger Cacti. </b>An interoperability and plugin-based framework for connecting and running transactions across multiple different types of ledgers.</li> <li><b>Hyperledger Caliper.</b> This blockchain benchmark tool is used to evaluate the performance of blockchain implementations. However, it doesn't come with predefined standards because blockchain implementations might all require different sets of standards.</li> <li><b>Hyperledger Cello.</b> This project is a blockchain-as-a-service toolkit and operating system used to create, terminate and manage blockchain services.</li> <li><b>Hyperledger FireFly. </b>This is an open source software stack of middleware for <a target="_blank" href="https://www.techtarget.com/whatis/definition/Web-30" rel="noopener">Web3</a> applications.</li> <li><b>Hyperledger Indy.</b> A framework made for decentralized identities, it comes with components, tool sets and libraries. It also includes <a href="https://www.techtarget.com/searchsecurity/definition/self-sovereign-identity">self-sovereignty</a>, which securely stores all identity-based documentation.</li> <li><b>Hyperledger Iroha.</b> A blockchain framework used to integrate with existing networks, Iroha has a modular design, control-based access, access to many libraries, and asset and identity management. It is used in industries such as financial services, healthcare and education.</li> <li><b>Hyperledger Solang. </b>This is a Solidity compiler -- which is a compiler that translates Solidity code into bytecode for EVMs -- that enables smart contract portability.</li> </ul> <p>Hyperledger has also moved several projects to a dormant, or end-of-life status. Some examples include Avalon, Burrow, Explorer, Quilt and Sawtooth.</p> </section> <section class="section main-article-chapter" data-menu-title="History and mission of Hyperledger"> <h2 class="section-title"><i class="icon" data-icon="1"></i>History and mission of Hyperledger</h2> <p>The Linux Foundation announced the creation of the Hyperledger Project in 2015, one year before its release. Brian Behlendorf, who was appointed executive director in 2016, stated that the Hyperledger project would never build its own <a href="https://www.techtarget.com/whatis/definition/cryptocurrency">cryptocurrency</a>.</p> <p>That same year, the project also started to accept proposals for the incubation of codebases and other core element technologies. Two of the initial blockchain framework codebases accepted were Hyperledger Fabric and libconsensus. Later, Intel's distributed ledger, Sawtooth, was incubated.</p> <p>In 2018, the production-ready Sawtooth 1.0 was added. In 2019, a long-term-support version of Hyperledger Fabric was announced.</p> <p>In October 2021, Behlendorf passed the executive director position to Daniela Barbosa. That same month, Hyperledger was rebranded to the Hyperledger Foundation to draw a "clearer line between Hyperledger as an organization and individual Hyperledger projects," according to the organization's <a target="_blank" href="https://www.hyperledger.org/blog/2021/10/27/staff-corner-introducing-hyperledger-foundation" rel="noopener">blog post</a> announcing the change.</p> <p>Between 2021 and 2022, some early projects like Sawtooth and Avalon were retired. And in 2024, the Hyperledger Foundation became a part of the Linux Foundation Decentralized Trust, which is an open source foundation with the initiative to bring together decentralized technologies.</p> <p>In 2025, a joint initiative between IBM Research and the Hyperledger community created a set of enhancements to Hyperledger Fabric known as Fabric-X.</p> <p><i>Hyperledger Fabric isn't the only blockchain platform option available. Learn more about Hyperledger Fabric, along with seven other </i><a href="https://www.techtarget.com/searchcio/feature/Top-9-blockchain-platforms-to-consider"><i>blockchain platforms to consider</i></a><i>.</i></p> </section> Hyperledger is a collection of open source projects created to support the development of blockchain-based distributed ledgers. https://cdn.ttgtmedia.com/visuals/digdeeper/3.jpg https://www.techtarget.com/searchcio/definition/Hyperledger Mon, 06 Oct 2025 11:18:00 GMT What is Hyperledger? <p>Linux administrators often juggle several responsibilities, such as maintaining connections to multiple servers to manage services, <a href="https://www.techtarget.com/searchcio/feature/Replacing-vs-maintaining-legacy-systems">maintaining software</a>, updating configurations and reviewing log files. Instead of repeatedly establishing and closing connections, it's easier and more time-efficient to establish multiple terminals from a single workstation's shell.</p> <p>The terminal multiplexer (tmux) application enables administrators to connect and disconnect from multiple sessions without closing terminals, which would exit the processes running in them.</p> <p>This article gets administrators started with tmux. It covers the installation process, basic usage, configuration options and the essential key bindings that make tmux such a useful tool.</p> <section class="section main-article-chapter" data-menu-title="Primary benefits and features of tmux"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Primary benefits and features of tmux</h2> <p>There are several primary benefits to integrating tmux into a standard Linux system administration workflow. These benefits include:</p> <ul class="default-list"> <li>Maintaining persistent sessions that run after disconnecting, enabling long-running tasks such as software compilation or script execution to continue.</li> <li>Providing vertical and horizontal split-screen panes for viewing multiple sessions in the local shell.</li> <li>Enabling key bindings for efficient task switching.</li> </ul> <p>Most administrators establish an SSH connection and then run tmux. SSH provides security, and tmux offers flexibility.</p> <p>In addition to persistent sessions, tmux enables many other use cases, such as:</p> <ul class="default-list"> <li>Splitting terminal windows into multiple panes to run several applications simultaneously, such as system administration tasks and Python development.</li> <li>Connecting multiple users to one session for collaboration, pair programming or troubleshooting.</li> <li>Conducting continuous monitoring of multiple systems, including various log files and services.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="How to install tmux"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to install tmux</h2> <p>Tmux offers various installation options for Linux and macOS, since most current distributions do not typically include it. The installation process assumes the OS is using the <a href="https://www.techtarget.com/searchITOperations/tip/How-to-use-Linux-package-managers">preferred package manager</a>. Like many Linux applications, tmux is open source. Users can <a href="https://github.com/tmux" target="_blank" rel="noopener">download the source code</a> and compile the program themselves.</p> <h3>Red Hat-based Linux distributions</h3> <p>For distributions such as RHEL, Fedora, <a href="https://www.techtarget.com/searchDataCenter/tip/Rocky-Linux-vs-AlmaLinux-Which-is-better">AlmaLinux and Rocky Linux</a>, type:</p> <p><span style="font-family: 'courier new', courier, monospace;">dnf install tmux</span></p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/dnf-info-tmux-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/dnf-info-tmux-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/dnf-info-tmux-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/dnf-info-tmux-f.jpg 1280w" alt="Screenshot of tmux installation details on Fedora." data-credit="Damon Garn" height="178" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Details of a tmux package installed on Fedora system (version 3.3a, aarch64 architecture). </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>Debian-based distributions</h3> <p>For Debian-based distributions, including Ubuntu and Linux Mint, type:</p> <p><span style="font-family: 'courier new', courier, monospace;">apt install tmux</span></p> <h3>macOS</h3> <p>Mac users frequently rely on the Homebrew package manager. After <a href="https://www.techtarget.com/searchVirtualDesktop/tip/How-to-install-Homebrew-on-macOS-for-software-distribution">installing Homebrew</a>, run the following command to add tmux:</p> <p><span style="font-family: 'courier new', courier, monospace;">brew install tmux</span></p> <h3>Windows</h3> <p>Windows users must rely on the Windows Subsystem for Linux (<a href="https://www.techtarget.com/searchwindowsserver/definition/Microsoft-Windows-Subsystem-for-Linux">WSL</a>). After installing WSL, use the <span style="font-family: 'courier new', courier, monospace;">apt</span> package manager to install tmux:</p> <p><span style="font-family: 'courier new', courier, monospace;">apt install tmux</span></p> <p>Users might also run tmux on OpenBSD, FreeBSD and NetBSD.</p> </section> <section class="section main-article-chapter" data-menu-title="How to perform basic actions in tmux"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to perform basic actions in tmux</h2> <p>Run the application by typing the tmux command. Once it's running, use the <b>Ctrl+B</b> combination to initiate commands. Pressing <b>Ctrl+B</b> on a Linux system alerts tmux that the next key presses are commands for tmux itself.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/tmux-greenbox-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/tmux-greenbox-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/tmux-greenbox-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/tmux-greenbox-f.jpg 1280w" alt="Screenshot of a new tmux session in the terminal." data-credit="Damon Garn" height="124" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>A tmux session with a status bar at the bottom that shows the active shell, host name and timestamp. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>For example, disconnecting from a tmux session relies on the <b>d</b> command. Make sure to press <b>Ctrl+B</b> first, alerting tmux that the subsequent command -- the <b>D</b> disconnect command -- applies to it.</p> <h3>Start and detach from sessions</h3> <p>Begin by starting a new tmux session. Give it a unique session name -- something descriptive. Once the session is running, it will continue executing scripts and commands after disconnecting from the session.</p> <p>Create a new session named <span style="font-family: 'courier new', courier, monospace;">backup-script</span> by typing this command:</p> <p><span style="font-family: 'courier new', courier, monospace;">tmux new -s backup-script</span></p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/tmux-start-detach-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/tmux-start-detach-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/tmux-start-detach-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/tmux-start-detach-f.jpg 1280w" alt="Screenshot of starting, detaching from and listing tmux sessions." data-credit="Damon Garn" height="120" width="558"> <figcaption> <i class="icon pictures" data-icon="z"></i>Starting a session called backup-script, detaching from that session and listing running tmux sessions, including both the default session (0) and the new backup-script session. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>After launching the tmux session, use SSH to connect to a remote system. For example, the command within the tmux window might resemble <span style="font-family: 'courier new', courier, monospace;">ssh damon@192.168.2.200</span>.</p> <p>Use the SSH session to launch backup scripts, conduct sysadmin tasks or update software.</p> <p>Detach from the tmux session by using the <b>D</b> key. Don't forget to use <b>Ctrl+B</b> to inform tmux that the next command applies to it.</p> <p><b>Ctrl+B</b></p> <p><b>D</b></p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/detached-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/detached-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/detached-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/detached-f.jpg 1280w" alt="Screenshot of the user detaching from the default tmux session." data-credit="Damon Garn" height="122" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Detaching from the default tmux session after starting it. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p></p> <h3>Display existing sessions</h3> <p>Display existing sessions by using the <span style="font-family: 'courier new', courier, monospace;">tmux ls</span> command, as seen below.</p> <p><span style="font-family: 'courier new', courier, monospace;">tmux ls</span></p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/tmux-ls-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/tmux-ls-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/tmux-ls-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/tmux-ls-f.jpg 1280w" alt="Screenshot of the user listing existing tmux sessions." data-credit="Damon Garn" height="121" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Displaying the existing tmux sessions including backup-script and 0. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <h3>Reattach to sessions</h3> <p>Reattach to a running session by using the <span style="font-family: 'courier new', courier, monospace;">attach</span> subcommand and specifying the session name.</p> <p><span style="font-family: 'courier new', courier, monospace;">tmux attach -t backup-script</span></p> <p>This example shows why descriptive names are important.</p> <h3>Kill sessions</h3> <p>Kill an existing session by using the following command:</p> <p><span style="font-family: 'courier new', courier, monospace;">tmux kill-session -t backup-script</span></p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/tmux-kill-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/tmux-kill-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/tmux-kill-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/tmux-kill-f.jpg 1280w" alt="Screenshot of the user killing the backup-script session, then listing remaining sessions." data-credit="Damon Garn" height="121" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Killing the backup-script session, then listing the existing sessions, which now only includes session 0. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="How to use copy mode in tmux"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How to use copy mode in tmux</h2> <p>The standard local command history feature within a Linux distribution might not work reliably with tmux. Instead, rely on tmux's own copy mode.</p> <p>Copy mode lets the user select and copy commands from the terminal history and paste them into tmux panes.</p> <p>The tmux copy mode process follows six steps.</p> <ol class="default-list"> <li>Press <b>Ctrl+B</b> and then the <b>[</b> key.</li> <li>Use navigation keys -- typically the arrow keys -- to move to the desired text.</li> <li>Press <b>Space</b> to begin the text selection process.</li> <li>Use the navigation keys to select the text.</li> <li>Press <b>Enter</b> after selecting the text.</li> <li>Paste the text using the <b>]</b> key.</li> </ol> </section> <section class="section main-article-chapter" data-menu-title="Quick reference guide of tmux key bindings"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Quick reference guide of tmux key bindings</h2> <p>Use the following quick reference list to take advantage of the available key bindings.</p> <ul class="default-list"> <li><b>Ctrl+B C</b>. Create a new window.</li> <li><b>Ctrl+B N</b>. Switch to the next window.</li> <li><b>Ctrl+B P</b>. Switch to the previous window.</li> <li><b>Ctrl+B W</b>. List all windows to select one.</li> <li><b>Ctrl+B %</b>. Split the current pane vertically.</li> <li><b>Ctrl+B "</b>. Split the current pane horizontally.</li> <li><b>Ctrl+B D</b>. Detach from the current session.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/multiple-windows-f.jpg"> <img data-src="https://www.techtarget.com/rms/onlineimages/multiple-windows-f_mobile.jpg" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/multiple-windows-f_mobile.jpg 960w,https://www.techtarget.com/rms/onlineimages/multiple-windows-f.jpg 1280w" alt="Screenshot displaying multiple windows in a tmux session." data-credit="Damon Garn" height="249" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Displaying one tmux session split both vertically and horizontally into multiple panes. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>Tmux includes plenty of additional key bindings, but these are sufficient to get started.</p> </section> <section class="section main-article-chapter" data-menu-title="Basic customization options"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Basic customization options</h2> <p>Tmux relies on the <span style="font-family: 'courier new', courier, monospace;">~/.tmux.conf </span>file. Because it's stored in the user's home folder, it is not a global configuration, enabling administrators to customize tmux to their own preferences. Tmux doesn't create the file automatically, although it does check for it when launched. Users must create the file and add customizations if they want to personalize tmux.</p> <p>Some common configuration options include:</p> <ul class="default-list"> <li>Adjusting the tmux prefix command from the <b>Ctrl+B</b> default to <b>Ctrl+A</b> or similar.</li> <li>Enabling status bar colors, borders and styles for easier pane identification.</li> <li>Configuring custom key bindings.</li> <li>Automatically running specific commands, scripts or programs upon starting a new tmux session.</li> </ul> <p>Advanced users <a target="_blank" href="https://github.com/tmux-plugins/tpm" rel="noopener">can add</a> the Tmux Plugin Manager to their system. This utility enables many additional customizations using community-developed plugins.</p> </section> <section class="section main-article-chapter" data-menu-title="Using tmux with SSH"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Using tmux with SSH</h2> <p>SSH provides a critical method of securely connecting to remote systems. Tmux extends its flexibility by enabling multiple running remote sessions. Users can reattach to these sessions later, and they can even reattach from different systems. As an example, this makes it possible to execute a program on a remote server from a workstation at an office and then verify its status from a home computer.</p> <p><i>Damon Garn owns Cogspinner Coaction and provides freelance IT writing and editing services. He has written multiple CompTIA study guides, including the Linux+, Cloud Essentials+ and Server+ guides, and contributes extensively to Informa TechTarget, The New Stack and CompTIA Blogs.</i></p> </section> Learn the basics of using the terminal multiplexer (tmux) for managing remote connections. Walk through the installation process and configuration options for tmux. https://cdn.ttgtmedia.com/rms/onlineimages/code_g684641103.jpg https://www.techtarget.com/searchsoftwarequality/tip/How-to-use-tmux-sessions-to-manage-remote-connections Wed, 10 Sep 2025 13:53:00 GMT How to use tmux sessions to manage remote connections <p>Behavior-driven development (BDD) is an <a href="https://www.techtarget.com/searchsoftwarequality/definition/agile-software-development">Agile</a> development methodology that documents, designs and develops software around the behavior a user expects to experience when interacting with an app. BDD extends the capabilities of test-driven development (<a href="https://www.techtarget.com/searchsoftwarequality/definition/test-driven-development">TDD</a>) and acceptance test-driven development (<a href="https://www.techtarget.com/whatis/definition/acceptance-testdriven-development-ATDD">ATDD</a>) by encouraging collaboration among stakeholders and writing plain-language scenarios that can be used as both executable tests and living documentation.</p> <p>Behavior-driven development aims to ensure that each software release delivers real value that solves a user problem or meets a business need. The methodology's collaborative approach to defining requirements enables all <a href="https://www.techtarget.com/searchcio/definition/stakeholder">stakeholders</a> to understand requirements the same way, and the methodology's <a href="https://www.techtarget.com/searchsoftwarequality/tip/Iterative-vs-incremental-development-Whats-the-difference">iterative sprints</a> can reduce the time it takes to identify and fix issues.</p> <section class="section main-article-chapter" data-menu-title="Benefits of behavior-driven development"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Benefits of behavior-driven development</h2> <p>The main advantage of BDD is that it improves communication and collaboration between stakeholders with different business priorities and/or levels of technical expertise. To help stakeholders understand an application's purpose and expected behavior, requirements are always expressed as real-world scenarios and are written in plain language. This approach reduces ambiguity and makes it easier for BDD teams to understand the scope of each <a href="https://www.techtarget.com/searchsoftwarequality/definition/Scrum-sprint">Agile sprint</a> from a user's perspective.</p> <p>Another benefit of BDD is that once a scenario has been written, it can be automated once and re-run many times in different contexts. This is important because it allows the same scenario to be used for documentation and testing in both stage and production environments. Focusing on user needs also helps to avoid code bloat. Because BDD requires each functionality to be backed by a behavioral requirement, teams can avoid <a href="https://www.techtarget.com/whatis/definition/scope-creep">scope creep</a> and other issues that delay the software development lifecycle (<a href="https://www.techtarget.com/searchsoftwarequality/definition/software-development-life-cycle-SDLC">SDLC</a>).</p> </section> <section class="section main-article-chapter" data-menu-title="How behavior-driven development works (BDD lifecycle)"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How behavior-driven development works (BDD lifecycle)</h2> <p>A typical project that uses behavior-driven development begins with a conversation between software developers, software testers, <a href="https://www.techtarget.com/searchsoftwarequality/definition/product-owner">product owners</a> and potential end users. The goal is to build a shared understanding of requirements that clarifies expected behaviors in plain language and defines acceptance criteria before any code is written.</p> <p>Typically, BDD consists of the following steps:</p> <ul class="default-list"> <li>Discover and gather requirements after discussions with all stakeholders.</li> <li>Define potential scenarios in simple, natural (human) language.</li> <li>Turn scenarios into automated test scripts with tools like <a href="https://cucumber.io/" target="_blank" rel="noopener">Cucumber</a> or <a href="https://concordion.org/index.html" target="_blank" rel="noopener">Concordion</a>.</li> <li>Develop <a href="https://www.techtarget.com/searchapparchitecture/definition/source-code">source code</a> to satisfy defined scenarios.</li> <li>Test code to verify functionality works as expected.</li> <li>Improve code by incorporating stakeholder feedback.</li> <li>Deploy (release) the software when actual system behavior matches expected behavior.</li> <li>Maintain the software as requirements evolve over time to ensure that functionality doesn't break.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/agile_values_and_principles-i.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/agile_values_and_principles-i_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/agile_values_and_principles-i_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/agile_values_and_principles-i.png 1280w" alt="Key values of the Agile development process. Diagram." height="859" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>These key values and principles of Agile development describe how teams should approach the software development process. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Examples of BDD scenarios"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Examples of BDD scenarios</h2> <p>Once requirements have been identified, BDD teams can write real-world scenarios and <a href="https://www.techtarget.com/searchsoftwarequality/definition/automated-software-testing">turn them into automated tests</a>. Typically, this involves using <a href="https://www.guvi.in/blog/understanding-gherkin/" target="_blank" rel="noopener">Gherkin</a>, a domain-specific language (DSL) that doesn't require team members to be experienced programmers.</p> <p>Instead, Gherkin scenarios use a Given-When-Then format to describe how software should behave. <i>Given</i> sets up the initial context or preconditions, <i>when</i> describes an action or event that triggers the behavior and <i>then</i> specifies the expected outcome or result.</p> <p>Here are two examples of such scenarios:</p> <p><b>Scenario: Successful login</b><br><i>Given</i> that the user is on the website's login page<br><i>When</i> the user enters a valid username and password combination and clicks the login button<br><i>Then</i> the user will be logged in successfully</p> <p><b>Scenario: Add item to a shopping cart</b><br><i>Given</i> the user is on a product page<br><i>When</i> the user clicks on "Add to cart"<br><i>Then</i> the item will be added to the user's virtual shopping cart</p> </section> <section class="section main-article-chapter" data-menu-title="Behavior-driven development testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Behavior-driven development testing</h2> <p>In software development, traditional quality assurance (<a href="https://www.techtarget.com/searchsoftwarequality/definition/quality-assurance">QA</a>) testing verifies whether or not code complies with technical specifications. In behavior-driven development, however, acceptance testing verifies how code behaves in different scenarios. The emphasis on <a href="https://www.techtarget.com/searchsoftwarequality/definition/functional-specification">functional specifications</a> instead of technical specifications is beneficial for <a href="https://www.techtarget.com/searchapparchitecture/definition/microservices">microservice</a> deployments in <a href="https://www.techtarget.com/searchsoftwarequality/definition/continuous-integration">continuous integration</a> and <a href="https://www.techtarget.com/searchitoperations/definition/continuous-delivery-CD">continuous delivery</a> (CI/CD) pipelines. Microservices are modular software components that work together as part of a larger application. CI/CD pipelines are automated workflows that integrate code changes, run QA tests to validate the changes and move accepted changes to production quickly and reliably.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/w6Y19RWawc0?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <p>In CI/CD deployments, behavior-specific <a href="https://www.techtarget.com/searchsoftwarequality/definition/acceptance-test">acceptance tests</a> are written before coding begins, so technically, they can be run at the beginning of a project, while a product is still in development or when it is completed. However, it's important to understand that most acceptance tests will fail at the beginning of a project because the functionality hasn't been developed yet. As the development project goes on, however, more tests are likely to pass, and once all acceptance criteria have been met, the software can be released to production.</p> <p>To facilitate behavior-driven testing, development teams should:</p> <ul class="default-list"> <li>Consider using the <a href="https://www.techtarget.com/whatis/definition/5-Whys">5 Whys principle</a> to help stakeholders align <i>needs</i> with <i>priorities</i> and <i>outcomes</i>.</li> <li>Practice writing user-focused scenarios.</li> <li>Consider using automation to turn user-focused scenarios into executable acceptance tests.</li> <li>Align acceptance tests with specific user needs and/or business goals.</li> <li>Provide a centralized repository for stakeholders to review BDD documentation and project progress.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Popular BDD tools and frameworks"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Popular BDD tools and frameworks</h2> <p>Numerous tools and frameworks are available to help development teams adopt BDD and take advantage of its many benefits. Some of the most popular BDD tools include:</p> <p><b>Cucumber</b>. Development and test teams can use Cucumber to write acceptance tests in plain language and then run them automatically.</p> <p><b>Behave</b>. Behave is a BDD tool for <a href="https://www.techtarget.com/whatis/definition/Python">Python</a> developers. Like Cucumber, Behave lets development teams write scenarios in plain text using Gherkin and execute them automatically through step definitions. (A step definition is a snippet that connects a single line of Gherkin syntax to the automation code that executes it.)</p> <p><b>Behave Restful</b>. Python developers and testers can use Behave Restful to test microservices implemented in any language and validate REST APIs.</p> <p><b>JBehave</b>. JBehave is a BDD framework for writing and running <a href="https://www.theserverside.com/definition/Java">Java</a> tests. The framework can be integrated with different integrated development environments (<a href="https://www.techtarget.com/searchsoftwarequality/definition/integrated-development-environment">IDEs</a>), including <a href="https://www.techtarget.com/searchapparchitecture/definition/Eclipse-Eclipse-Foundation">Eclipse</a>, to streamline test creation and execution without leaving the development environment.</p> <p><b>Mocha.</b> Mocha is a popular <a href="https://www.theserverside.com/definition/JavaScript">JavaScript</a> test framework that runs on <a href="https://www.techtarget.com/whatis/definition/Nodejs">Node.js</a> and in web browsers. By default, Mocha executes tests serially to simplify reporting and ensure errors are mapped to the correct test cases. Mocha integrates with a wide range of third-party tools and plugins to support continuous testing and provide Agile workflows with feedback in real time.</p> <p><b>Concordion</b>. Concordion is a lightweight BDD framework for Java developers. Tests are written in <a href="https://whatis.techtarget.com/definition/dynamic-HTML">HTML</a> or <a href="https://www.techtarget.com/searchsoftwarequality/tip/Ultimate-Markdown-guide-Rules-to-know">Markdown,</a> and Java fixtures (classes) link specifications to executable test code.</p> </section> <section class="section main-article-chapter" data-menu-title="Behavior-driven development best practices"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Behavior-driven development best practices</h2> <p>Software development teams can take advantage of BDD's benefits while minimizing its challenges by adopting the best practices highlighted below:</p> <ul class="default-list"> <li>Write test scenarios before writing code.</li> <li>Encourage developers, testers and business stakeholders to collaborate on Gherkin scenarios.</li> <li>Write scenarios from the user's perspective.</li> <li>Keep scenarios short and focused on business, not technology.</li> <li>Ensure each scenario verifies a single, clear outcome.</li> <li>Reuse step definitions for different scenarios whenever possible.</li> <li>Organize scenarios with tags to make them easy to find and use.</li> <li>Shorten feedback loops by running scenarios in CI/CD pipelines.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="Common challenges and drawbacks of BDD"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Common challenges and drawbacks of BDD</h2> <p>Although behavior-driven development has many benefits, it also has some challenges. One important challenge is that adopting and adjusting to a BDD approach can have a high learning curve. Developers and other stakeholders must learn how to write plain-language scenarios reflecting real-world concerns. They must also become familiar with using Gherkin in <a href="https://www.modernanalyst.com/Resources/Articles/tabid/115/ID/3871/BDD-An-introduction-to-feature-files.aspx" target="_blank" rel="noopener">feature files</a> that serve as living documentation and automated acceptance tests.</p> <p>Another challenge is that technical personnel may struggle to collaborate with non-technical personnel (and vice versa). In organizations with clear lines of demarcation between these two teams, overcoming the cultural differences between different departments can be almost as difficult as accommodating different levels of technical skills.</p> <p>Behavior-driven design can also be challenging for development teams that have traditionally used <a href="https://www.techtarget.com/searchsoftwarequality/tip/Waterfall-vs-Agile-methodology-Differences-and-examples">Waterfall development strategies</a>. BDD requires scenarios (and therefore acceptance tests) to be written before code, creating a major workflow shift. Larger or more complex projects can also slow the entire software development lifecycle because hundreds of user-focused scenarios can be time-consuming to develop and maintain.</p> <p>Because BDD can increase complexity and latency in the SDLC, it may not be the right approach for every development project. For small projects, prototypes or highly technical libraries, the additional challenges of BDD deployments may outweigh the benefits, especially in CI/CD pipelines that prioritize speed and simplicity over stakeholder communication.</p> <p><i>Learn more about the </i><a href="https://www.techtarget.com/searchsoftwarequality/CI-CD-pipelines-explained-Everything-you-need-to-know"><i>challenges of CI-CD pipelines and how to overcome them</i></a><i> in this comprehensive guide. </i></p> </section> Behavior-driven development (BDD) is an Agile development methodology that documents, designs and develops software around the behavior a user expects to experience when interacting with an app. https://cdn.ttgtmedia.com/visuals/digdeeper/3.jpg https://www.techtarget.com/searchsoftwarequality/definition/Behavior-driven-development-BDD Fri, 05 Sep 2025 09:00:00 GMT What is behavior-driven development (BDD)? <p>Looking to move into a role in the Agile software development space? Interested in moving away from pure software development and into a role where you can focus on team building and product development? The Scrum Master certification is for you.</p> <p>The focus of most Scrum Master certifications is of course, the <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Basic-Scrum-101-Ten-key-takeaways-from-the-latest-Scrum-guide">Scrum Guide</a>, which means test questions on a wide range of topics, including:</p> <ul class="default-list"> <li>How the <a href="https://www.theserverside.com/video/Scrum-methodology-explained">Scrum methodology</a> works.</li> <li>The difference between <a href="https://www.theserverside.com/video/The-Scrum-framework-or-Agile-software-development">Agile versus Scrum</a>.</li> <li>The <a href="https://www.theserverside.com/video/Do-the-Scrum-values-really-add-value">five Scrum values</a> and three pillars.</li> <li>The role of tools like Jira for <a href="https://www.theserverside.com/video/Jira-story-vs-epic-Whats-the-difference">stories and epics</a>.</li> <li>How <a href="https://www.theserverside.com/video/Agile-software-development-or-the-Waterfall-framework">Agile compares to Waterfall</a>.</li> <li>The role of the <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Agile-Scrum-Process-Steps-Methodology-Sprint-Flow-Principles-Values-Pillars-Guide">Agile Scrum process</a> in modern software development.</li> <li>The role of <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Sprint-vs-Scrum-Whats-the-difference">Agile sprints</a>, <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/who-required-daily-scrum-necessarily-standup-must-developers-product-owner-master">daily Scrums</a>, reviews and retrospectives.</li> </ul> <section class="section main-article-chapter" data-menu-title="The subtleties of the Scrum Guide"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The subtleties of the Scrum Guide</h2> <p>However, there is a great deal of nuance packed into <a target="_blank" href="https://www.scrum.org/resources/scrum-guide" rel="noopener">that 14 page ebook</a>. If you don't understand the nuances, you won't pass the test.</p> <p>That's what this tutorial is all about -- covering dozens of different Scrum Master certification questions. In this video, you'll not only gain a better understanding of the types of questions these exams ask, but also learn from a PSMI- and PSMII-certified expert about the nuance behind the concepts these questions test you on.</p> <p>Are you ready to get Scrum Master certified? These 80 Scrum Certification practice exam questions will expertly guide you on your way.</p> <p><i>Cameron McKenzie has been a Java EE software engineer for 20 years. His current specialties include Agile development; DevOps; Spring; and container-based technologies such as Docker, Swarm and Kubernetes.</i></p> </section> Want to get Scrum Master certified? Think you're ready for the exam? As a final prep, tackle these 80 Scrum practice exam questions to solidify your knowledge. https://www.theserverside.com/video/Certified-Scrum-Master-Exam-practice-questions-and-answers Thu, 04 Sep 2025 11:07:00 GMT Certified Scrum Master Exam practice questions and answers <p>There are various popular options for free website hosting, but for developers who are already familiar with <a href="https://www.theserverside.com/video/Full-Git-and-GitHub-tutorial-for-beginners">Git and the GitHub</a> ecosystem it simply makes sense to use GitHub Pages.</p> <p>This quick GitHub Pages tutorial not only shows you how to enable GitHub Pages and deploy your webpages for free, but also how to map a <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/How-to-Transfer-a-Domain-to-Amazons-Route-53">GoDaddy domain</a> to your GitHub-hosted site.</p> <p>If you're looking for <a href="https://www.theserverside.com/video/Host-a-static-website-on-AWS-with-Amazon-S3-and-Route-53">free hosting in the cloud</a>, and you already use the ubiquitous GitHub <a target="_blank" href="https://github.com/" rel="noopener">version control service</a>, this GitHub Pages tutorial is for you.</p> <p><i>Cameron McKenzie has been a Java EE software engineer for 20 years. His current specialties include Agile development; DevOps; Spring; and container-based technologies such as Docker, Swarm and Kubernetes.</i></p> Looking for free website hosting? For a low traffic site, few options are as reliable and easy to use as GitHub Pages. https://www.theserverside.com/video/Free-website-hosting-with-GitHub-Pages-tutorial Wed, 03 Sep 2025 12:26:00 GMT Free website hosting with GitHub Pages tutorial <p>Most enterprise organizations run on yesterday's software.</p> <p>A significant chunk of <a href="https://www.techtarget.com/searchcio/feature/6-reasons-legacy-systems-are-still-in-use">core business systems are legacy</a> and a large portion of IT budgets are often dedicated to keeping them alive. Legacy tech can restrict growth and block strategy, with many companies identifying it as a major barrier to digital transformation and a main <a href="https://www.cfodive.com/news/dont-over-budget-for-transformation-in-2025/724939/">driver of IT spend</a>. This impact team productivity directly as they end up devoting time to legacy system maintenance.</p> <p>AI won't fix that magically. It does change the slope of a team's productivity curve when used well, however. Instead of flat output or incremental gains, AI can help teams modernize faster over time.</p> <p>Generative AI can read code and logs, suggest safe refactors, generate tests, and sketch platform moves. People still make the calls -- set the target architecture, check behavior and decide when to ship. Learn some practical ways AI can drive legacy code modernization efforts.</p> <section class="section main-article-chapter" data-menu-title="Challenges of legacy code"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Challenges of legacy code</h2> <p>Legacy code hurts in two ways: what's in the code and what's around it.</p> <p>Inside the code, there can be years of <a href="https://www.networkcomputing.com/network-security/managing-application-dependencies-in-containerized-environments">tangled dependencies</a>, hidden side‑effects, mixed concerns, deprecated libraries and little in the way of tests or documentation. Data and behavior are coupled in surprising places; a seemingly harmless change in a handler ripples into reporting jobs or batch interfaces.</p> <p>Around the code, environments are difficult to recreate, deploys are fragile, <a href="https://www.itprotoday.com/it-operations/observability-in-2025-open-source-use-rising-as-complexity-challenges-grow">observability is thin</a> and compliance and security posture lags. Addressing this isn't as simple as modifying the code. It's important to keep SLAs, manage risk and coordinate teams while choosing the right approach.</p> <p>The hardest part of working around fragile systems is getting the order of changes -- code, configuration and data -- right and making sure the system continues to function. That means <a href="https://www.techtarget.com/searchsoftwarequality/answer/What-are-requirements-types">setting clear requirements</a>, testing before changing anything, breaking work into safe steps, moving data without hiccups and avoiding the temptation to throw everything out and start over. Teams should work incrementally with guardrails and rollback mechanisms to gain progress without betting the business.</p> </section> <section class="section main-article-chapter" data-menu-title="7 approaches to legacy code modernization"> <h2 class="section-title"><i class="icon" data-icon="1"></i>7 approaches to legacy code modernization</h2> <p>Modernizing legacy applications involves <a href="https://www.techtarget.com/searchapparchitecture/tip/Refactor-vs-rewrite-Deciding-what-to-do-with-problem-software">more than a rewrite plan</a>. It is a business decision about how to reduce risk, improve operations and unlock new strategies. A good starting point is application rationalization. Take inventory, score each system on value, cost to maintain, technical fitness and business risk, then decide which ones to invest in, consolidate, keep as-is or retire. With that short list in hand, development teams can match each system to a practical application modernization path that fits the budget, timeline and cloud roadmap.</p> <h3>1. Encapsulate</h3> <p>Wrap the legacy system with stable APIs or events so teams can build new features around it without changing the core. This protects consumers from outdated interfaces and buys time to plan deeper changes. Encapsulation often pairs well with <a href="https://www.techtarget.com/searchapparchitecture/tip/A-detailed-intro-to-the-strangler-pattern">a strangler-style migration</a>, where new capabilities live outside while old ones shrink over time.</p> <h3>2. Rehost</h3> <p>Lift and shift the workload to new infrastructure with minimal code changes -- such as moving a VM from a data center to the cloud for example. This approach provides quicker wins in reliability, cost transparency and basic automation but the legacy code and architecture stay the same. Use this when speed matters and deeper changes would add undue risk.</p> <h3>3. Replatform</h3> <p>Move to a modern runtime or managed service with small, targeted changes. Common examples are migrating to containers, a managed database or <a href="https://www.techtarget.com/searchapparchitecture/feature/A-feature-rundown-of-6-popular-API-gateway-tools">serverless front doors</a> such as AWS API Gateway. This approach can improve operations and scalability without redesigning the application. This is a solid middle ground that provides cloud benefits quickly while only slightly modifying the code.</p> <h3>4. Refactor</h3> <p>Restructure the code to improve maintainability without changing external behavior. <a href="https://www.techtarget.com/searchsoftwarequality/tip/Essential-refactoring-techniques-to-know">Refactoring can involve</a> splitting large modules, adding tests, removing dead code and updating libraries. The goal is to make the legacy code easier to maintain and safer to evolve. Refactoring pays off when the business logic is still valuable but the codebase has aged.</p> <h3>5. Rearchitect</h3> <p>Change the system's design to meet new quality goals such as scalability, resilience or speed of delivery. Examples include <a href="https://www.techtarget.com/searchapparchitecture/tip/Architecting-beyond-microservices-and-monoliths">moving from a monolith</a> to well-bounded services, adopting event-driven patterns or decoupling data stores. This is where architecture leads the transformation and often unlocks the most long-term agility.</p> <h3>6. Rebuild</h3> <p>Rewrite the application from the ground up while preserving scope and core behavior. This approach offers a clean slate for technology choices and testing practices, which can dramatically improve velocity. Rebuilds are best when the current implementation blocks change, yet the domain logic still matches how the business works.</p> <h3>7. Replace</h3> <p>Retire the custom system and adopt a commercial or SaaS product. This can cut ongoing cost and risk if the market provides what the business needs. Replacing works well for commodity capabilities such as HR, finance or CRM. The tradeoff is <a href="https://www.techtarget.com/searchwindowsserver/tutorial/Try-default-values-in-PowerShell-parameters-for-flexibility">customization flexibility</a>, so validate the replacement's fit and integration early.</p> <p>These paths are not mutually exclusive. Many teams encapsulate first, rehost or replatform to stabilize operations, then refactor and rearchitect targeted areas. Rebuild or replace can follow once the organization is ready. The sequence <a href="https://www.techtarget.com/searchcio/feature/Risk-appetite-vs-risk-tolerance-How-are-they-different">depends on risk tolerance</a>, available talent and the urgency of digital transformation.</p> </section> <section class="section main-article-chapter" data-menu-title="How can AI enable legacy code modernization?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How can AI enable legacy code modernization?</h2> <p>AI is not a magic wand. It is an efficient colleague who reads everything, keeps perfect notes and does the boring parts without complaining. Used well, AI shortens the path from "we should modernize" to running software. Below are eight hands-on examples of AI-assisted code modernization tasks, generated by Claude Code CLI.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> Used well, AI shortens the path from 'we should modernize' to running software. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <h3>1. Turn legacy code into living specs and tests</h3> <p>Capture what the system really does today in plain English and executable tests. This approach freezes current behavior so developers can improve structure, fix design issues or change technology without losing business rules.</p> <p><b>Prompt:</b></p> <p style="padding-left: 40px;">"Scan ./cobol/ and ./jcl/ plus sample outputs in ./samples/ratings.csv. Produce a concise human spec of rating rules and a Python test pack that locks in current behavior. Use golden files based on ratings.csv. Keep the language business friendly."</p> <p><b>Output:</b></p> <pre class="language-python"><code>Premium rules v1 - If driver_age < 25 and vehicle_class in {"sport","performance"} apply surcharge S3 = 0.12 - If prior_claims >= 2 apply penalty P2 = 0.07 - Multi-vehicle discount 0.05 if household_vehicles >= 2 - Round to nearest cent after all adjustments</code></pre> <p>—-</p> <pre class="language-python"><code># tools/build_golden.py import csv, json, os os.makedirs("tests/golden", exist_ok=True) with open("samples/ratings.csv") as f: for i,row in enumerate(csv.DictReader(f), start=1): case = {"input": row, "expected_total": float(row["total_premium"])} with open(f"tests/golden/case_{i}.json","w") as o: json.dump(case, o, indent=2) print("golden files written")</code></pre> <p>—</p> <pre class="language-python"><code># tests/test_rating_rules.py import glob, json, math from legacy_adapter import calc_premium # wrapper around COBOL batch calc def cases(): for path in glob.glob("tests/golden/*.json"): with open(path) as f: yield path, json.load(f) def money_eq(a, b): return math.isclose(a, b, rel_tol=0, abs_tol=0.01) def test_golden_parity(): for path, case in cases(): got = calc_premium(case["input"]) assert money_eq(got, case["expected_total"]), f"mismatch in {path}" def test_young_driver_surcharge_applies(): base = {"driver_age": 22, "vehicle_class": "sport", "prior_claims": 0, "base": 1000} assert money_eq(calc_premium(base), 1120.00)</code></pre> <h3>2. Apply minor, targeted code changes at scale</h3> <p>Make many small, mechanical edits across one or more codebases to meet a platform or runtime goal. Examples include dependency upgrades, API swaps, logging standards or container readiness updates. The business logic stays the same while the code becomes consistent and compatible.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">Create an OpenRewrite recipe to move services from Java 8 to 17 and Spring Boot 2.7 to 3.2. Replace Apache HttpClient with <span style="font-family: 'courier new', courier, monospace;">java.net.http.HttpClient</span>.</p> <p><b>Output</b></p> <pre class="language-python"><code># rewrite.yml type: specs.openrewrite.org/v1beta/recipe name: company.upgrade-java17-spring3-httpclient recipeList: - org.openrewrite.java.migrate.UpgradeToJava17 - org.openrewrite.java.spring.boot3.UpgradeSpringBoot_3_2 - org.openrewrite.java.ChangeType: oldFullyQualifiedTypeName: org.apache.http.client.HttpClient newFullyQualifiedTypeName: java.net.http.HttpClient - org.openrewrite.java.migrate.JavaxToJakarta</code></pre> <h3>3. Build API facades and strangler seams</h3> <p>Put a clean API in front of a legacy system and route traffic through it. The team can attach new features to the facade while gradually moving or rewriting internals behind the scenes. This reduces coupling and buys time to evolve the core safely.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">From ./traffic/*.har derive OpenAPI v3 for Orders with POST /orders and GET /orders/{id}. Generate an Express facade that maps to the legacy endpoints.</p> <p><b>Output</b></p> <pre class="language-python"><code>openapi: 3.0.3 info: { title: Orders API, version: '1.0' } paths: /orders: post: requestBody: required: true content: application/json: schema: { $ref: '#/components/schemas/CreateOrder' } responses: { '201': { description: Created } } /orders/{id}: get: { responses: { '200': { description: OK } } } components: schemas: CreateOrder: type: object required: [customerId, items] properties: customerId: { type: string } items: type: array items: { type: object, required: [sku, qty], properties: { sku: {type: string}, qty: {type: integer} } }</code></pre> <p>—</p> <pre class="language-python"><code>// api/facade.js import express from "express"; import fetch from "node-fetch"; const app = express(); app.use(express.json()); const toLegacyCreate = b => ({ custId: b.customerId, lines: b.items.map(i => ({ sku: i.sku, q: i.qty })) }); const fromLegacy = r => ({ id: r.ordId, status: r.stat, total: r.total }); app.post("/orders", async (req, res) => { const r = await fetch(process.env.LEGACY_URL + "/createOrder", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(toLegacyCreate(req.body)) }); if (!r.ok) return res.status(502).json({ error: "legacy error" }); res.status(201).json(fromLegacy(await r.json())); }); app.get("/orders/:id", async (req, res) => { const r = await fetch(process.env.LEGACY_URL + `/order?id=${req.params.id}`); if (!r.ok) return res.status(404).end(); res.json(fromLegacy(await r.json())); }); app.listen(8080);</code></pre> <h3>4. Discover usage patterns and guide application rationalization</h3> <p>Use real usage and cost data to decide what to keep, consolidate or retire. The goal is to shrink scope before modernizing to ultimately invest in the few applications that matter and remove redundant or idle ones.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">Analyze <span style="font-family: 'courier new', courier, monospace;">api_logs.csv</span> and <span style="font-family: 'courier new', courier, monospace;">service_costs.csv</span>. List endpoints unused in 180 days, cluster services by usage and cost and suggest retire or consolidate actions.</p> <p><b>Output</b></p> <pre class="language-python"><code>import pandas as pd from sklearn.preprocessing import StandardScaler from sklearn.cluster import KMeans logs = pd.read_csv("api_logs_features.csv") # req_per_day, latency_p95_ms, distinct_flows, service costs = pd.read_csv("service_costs.csv") # monthly_cost, service df = logs.merge(costs, on="service") X = StandardScaler().fit_transform(df[["req_per_day","latency_p95_ms","monthly_cost","distinct_flows"]]) df["cluster"] = KMeans(n_clusters=4, n_init="auto").fit_predict(X) candidates = df[(df["req_per_day"] < 5) & (df["monthly_cost"] > 2000)] print("retire candidates:\n", candidates[["service","monthly_cost"]].sort_values("monthly_cost", ascending=False)) — "Retire: hr-letter-2, hr-letter-3 (zero traffic 6 months). Consolidate into hr-letter-1. Replace: expense-legacy with SaaS-X (85 percent feature overlap). Integration cost low. Keep: payroll-core (high traffic, unique features)."</code></pre> <p></p> <h3>5. Synthesize infrastructure, runbooks and smoke tests for safer rehosting</h3> <p>Turn tribal setup knowledge into infrastructure as code (<a href="https://www.techtarget.com/searchitoperations/definition/Infrastructure-as-Code-IAC">IaC</a>), a clear cutover plan and quick health checks. This approach lift and shifts with fewer surprises because provisioning and validation are scripted, repeatable and easy to audit.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">From <span style="font-family: 'courier new', courier, monospace;">/runbooks/windows-farm.md, /scripts/*.ps1</span>, and <span style="font-family: 'courier new', courier, monospace;">/configs/*.ini</span> generate Terraform for EC2, a runbook titled Cutover Tuesday 7 pm, and a bash smoke test that hits <span style="font-family: 'courier new', courier, monospace;">/healthz</span> and creates a sample order.</p> <p><b>Output</b></p> <pre class="language-python"><code># infra/main.tf module "orders" { source = "terraform-aws-modules/ec2-instance/aws" name = "orders-svc" instance_type = "m6i.large" ami = data.aws_ami.al2023.id user_data = file("bootstrap.ps1") vpc_security_group_ids = [aws_security_group.orders.id] } resource "aws_security_group" "orders" { name = "orders-sg" ingress { from_port=8080, to_port=8080, protocol="tcp", cidr_blocks=["10.0.0.0/16"] } egress { from_port=0, to_port=0, protocol="-1", cidr_blocks=["0.0.0.0/0"] } }</code></pre> <p><b>—</b></p> <p>Pre checks</p> <p>- Freeze deploys. Confirm latest AMI. Verify backups < 24h old.</p> <p>Cutover 19:00</p> <p>- Drain target group orders-tg.</p> <p>- Deploy canary to one instance. Run smoke tests.</p> <p>- Shift 10 percent traffic. Observe 15 minutes. If clean, ramp to 100 percent.</p> <p>Rollback</p> <p>- Point target group back to asg-orders-old. Restore snapshot if needed.</p> <p><b>—</b></p> <pre class="language-python"><code>#!/usr/bin/env bash set -euo pipefail BASE=${1:-http://orders.internal:8080} curl -fsS "$BASE/healthz" | grep "ok" curl -fsS -X POST "$BASE/orders" -H 'Content-Type: application/json' \ -d '{"customerId":"demo","items":[{"sku":"ABC","qty":1}]}' | jq -e '.id' echo "smoke tests passed"</code></pre> <h3>6. Extract domains and events to unlock a better architecture</h3> <p>Identify natural boundaries in code and data, then define the events those domains share. For example, teams could split a monolith into well-bounded services in small steps, improving scalability and delivery speed without a risky big bang.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">Analyze <span style="font-family: 'courier new', courier, monospace;">./src</span> and <span style="font-family: 'courier new', courier, monospace;">docs/erd.png</span>. Propose bounded contexts for catalog, pricing, inventory, checkout. Produce JSON schemas for key events and minimal Kafka producer and consumer samples</p> <p><b>Output</b></p> <pre class="language-javascript"><code>{ "event": "PriceChanged", "version": 1, "product_id": "SKU-123", "old_price": 19.99, "new_price": 17.99, "currency": "USD", "occurred_at": "2025-08-20T12:34:56Z", "source": "pricing-service" }</code></pre> <p>—</p> <pre class="language-javascript"><code>from kafka import KafkaProducer import json, time producer = KafkaProducer(bootstrap_servers=["kafka:9092"], value_serializer=lambda v: json.dumps(v).encode()) def publish_price_changed(sku, old, new): evt = {"event":"PriceChanged","version":1,"occurred_at":time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()), "product_id":sku,"old_price":old,"new_price":new,"currency":"USD","source":"pricing-service"} producer.send("price-events", evt)</code></pre> <p>—</p> <pre class="language-javascript"><code>from kafka import KafkaConsumer import json consumer = KafkaConsumer("price-events", bootstrap_servers=["kafka:9092"], value_deserializer=lambda v: json.loads(v.decode())) for msg in consumer: evt = msg.value # TODO update read model or invalidate cache</code></pre> <p>—</p> <pre class="language-javascript"><code>Catalog -> emits ProductUpdated Pricing -> emits PriceChanged Inventory -> emits InventoryAdjusted Checkout -> consumes ProductUpdated, PriceChanged, InventoryAdjusted</code></pre> <h3>7. Guide a rebuild with scaffolds, seeds and property-based tests</h3> <p>Start fresh on a modern stack while proving the new behavior matches the old one during the transition. Scaffolding speeds up setup, dual-run or replay. Property-based tests <a href="https://www.techtarget.com/searchsoftwarequality/tip/The-importance-of-edge-case-testing-When-to-fix-the-bug">catch edge cases early</a>.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">Generate a Go HTTP service with <span style="font-family: 'courier new', courier, monospace;">/price</span>. Add a Python parity test that compares new pricing to the legacy function. Provide a small dual-write adapter for order creation."</p> <p><b>Output</b></p> <pre class="language-python"><code>// cmd/pricing/main.go package main import ("encoding/json"; "log"; "net/http"; "time") type PriceRequest struct{ SKU string; Qty int } type PriceResponse struct{ SKU string; Price float64; Currency string } func priceHandler(w http.ResponseWriter, r *http.Request) { start := time.Now() var req PriceRequest if err := json.NewDecoder(r.Body).Decode(&req); err != nil { w.WriteHeader(400); return } resp := PriceResponse{SKU: req.SKU, Price: 17.99, Currency: "USD"} // TODO call domain json.NewEncoder(w).Encode(resp) log.Printf("path=/price sku=%s qty=%d latency_ms=%d", req.SKU, req.Qty, time.Since(start).Milliseconds()) } func main() { http.HandleFunc("/price", priceHandler); log.Fatal(http.ListenAndServe(":8081", nil)) }</code></pre> <pre class="language-python"><code># tests/test_parity.py from hypothesis import given, strategies as st from new_impl import price as new_price from legacy_impl import price as legacy_price @given(sku=st.from_regex(r"[A-Z0-9\-]{3,12}"), qty=st.integers(min_value=1, max_value=10)) def test_new_matches_legacy_for_many_inputs(sku, qty): assert round(new_price(sku, qty), 2) == round(legacy_price(sku, qty), 2) —</code></pre> <pre class="language-python"><code>import requests def create_order(new_order): r1 = requests.post("http://new/orders", json=new_order, timeout=2) r2 = requests.post("http://legacy/order_create", json=map_to_legacy(new_order), timeout=2) return r1.status_code == 201 and r2.ok</code></pre> <h3>8. Make buy-versus-build decisions with total cost of ownership and fit simulations</h3> <p>Compare long-term cost, feature fit and integration effort across three paths: <a href="https://www.techtarget.com/searchsoftwarequality/tip/When-and-how-to-refactor-code">keep plus refactor</a>, rebuild or replace with SaaS. The outcome is a clear, numbers-backed plan that shows where custom code still adds value.</p> <p><b>Prompt</b></p> <p style="padding-left: 40px;">Using <span style="font-family: 'courier new', courier, monospace;">usage.csv, vendor_pricing.csv</span>, and <span style="font-family: 'courier new', courier, monospace;">run_costs.csv</span>, compute five-year NPV for keep plus refactor, rebuild, and replace with SaaS at a 10 percent discount rate. List top integration hotspots and generate a TypeScript adapter stub for the vendor journal API.</p> <p><b>Output</b></p> <pre class="language-python"><code>import numpy as np, pandas as pd # thousands of dollars per year keep_refactor = [300, 120, 120, 120, 120] rebuild = [800, 90, 90, 90, 90] saas = [400, 70, 70, 70, 70] def npv(stream, rate=0.10): return sum(v / ((1 + rate) ** t) for t, v in enumerate(stream)) print("NPV keep+refactor:", round(npv(keep_refactor), 1)) print("NPV rebuild:", round(npv(rebuild), 1)) print("NPV replace with SaaS:", round(npv(saas), 1))</code></pre> <p><b>—</b></p> <p><span style="font-family: 'courier new', courier, monospace;">1. Journal posting and reconciliation</span><br><span style="font-family: 'courier new', courier, monospace;">2. User provisioning and SSO mapping</span><br><span style="font-family: 'courier new', courier, monospace;">3. Historical report backfill</span></p> <p><b>—</b></p> <pre class="language-python"><code>// adapters/vendorLedger.ts type JournalLine = { account: string; debit?: number; credit?: number }; type JournalEntry = { id: string; date: Date; lines: JournalLine[] }; function mapAccount(a: string): string { const map: Record<string,string> = { "1000": "Assets:Cash", "2000": "Liabilities:AP" }; return map[a] ?? a; } export async function postJournal(entry: JournalEntry): Promise<string> { const payload = { date: entry.date.toISOString().slice(0,10), lines: entry.lines.map(l => ({ account: mapAccount(l.account), debit: l.debit, credit: l.credit })), externalId: entry.id }; const res = await fetch(`${process.env.VENDOR_URL}/journals`, { method: "POST", headers: { "Authorization": `Bearer ${process.env.TOKEN}`, "Content-Type":"application/json" }, body: JSON.stringify(payload) }); if (!res.ok) throw new Error(`Vendor error ${res.status}`); const { id } = await res.json(); return id; }</code></pre> <p>At its best, AI turns modernization plans into working code the user can see and trust. It writes plain-English specs and tests that lock in business rules, runs code mods that clean up APIs and fronts brittle systems with simple facades to let teams improve the core behind them. It trims scope by showing what to keep or retire, scripts rehosting with IaC and <a href="https://www.techtarget.com/searchsoftwarequality/definition/smoke-testing">smoke checks</a>, and suggests clear domain boundaries with events.</p> <p>When a rebuild is right, it proves parity before cutover. A smart replacement strategy backs the call with numbers and adapter stubs. The result is steady, low-risk progress commits, tests and runbooks that make legacy code easier to maintain and primed for a cloud-ready architecture.</p> </section> <section class="section main-article-chapter" data-menu-title="Limitations of AI-driven code modernization"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Limitations of AI-driven code modernization</h2> <p>AI can speed up modernization, but it has real limits to plan around.</p> <ul class="default-list"> <li><b>Context and data quality.</b> Models only see what they're fed. Outdated specs, missing logs and edge cases outside the sample set lead to wrong conclusions and brittle code.</li> <li><b>Behavior coverage.</b> Generated tests and golden files can lock in existing bugs or miss cross-system side effects. SMEs, exploratory testing and production safeguards are still necessary.</li> <li><b>Security, privacy and compliance.</b> Code generation can introduce vulnerabilities, mishandle secrets or reuse licensed snippets. Guardrails, SAST/DAST, <a href="https://www.techtarget.com/searchsecurity/post/The-benefits-and-challenges-of-SBOMs">SBOMs</a> and clear data handling rules are still necessary.</li> <li><b>Architecture and change management.</b> AI can propose edits, not own trade-offs, sequencing or organizational alignment. <a href="https://www.techtarget.com/searchenterpriseai/tip/Agentic-AI-governance-strategies-A-complete-guide">Without governance</a>, CI quality bars and rollback paths, mass changes raise risk.</li> </ul> <p>Used with these limits in mind, AI turns strategy into steady, observable progress, but it is a power tool, not an autopilot.</p> <p><i>Nick Femia is a Tech Lead and full-stack engineer with over six years of experience driving product engineering and AI innovation.</i></p> </section> AI will not be able to refurbish legacy systems at the push of a button. Still, with proper guidance and oversight, AI tools can speed up code modernization projects. https://cdn.ttgtmedia.com/rms/onlineimages/code_g1289411982.jpg https://www.techtarget.com/searchsoftwarequality/tip/Guidelines-for-AI-driven-legacy-code-modernization Wed, 03 Sep 2025 10:50:00 GMT Guidelines for AI-driven legacy code modernization <p>The Capability Maturity Model (CMM) is a methodology used to develop and refine an organization's software development process. The model describes a five-level evolutionary path of increasingly organized and systematically more mature processes.</p> <p>CMM was developed and is promoted by the Software Engineering Institute (<a href="https://www.sei.cmu.edu/" target="_blank" rel="noopener">SEI</a>), a research and development center sponsored by the U.S. Department of Defense (DOD) and now part of Carnegie Mellon University. SEI was founded in 1984 to address <a href="https://www.techtarget.com/whatis/definition/software-engineering">software engineering</a> issues and, in a broad sense, to advance software engineering methodologies. More specifically, SEI was established to optimize the process of developing, acquiring and maintaining heavily software-reliant systems for the DOD. SEI advocates industry-wide adoption of the CMM Integration (CMMI), which is an evolution of CMM. The CMM model is still widely used as well.</p> <p>CMM is similar to <a href="https://www.techtarget.com/searchdatacenter/definition/ISO">ISO</a> 9001, one of the <a href="https://www.techtarget.com/searchdatacenter/definition/ISO-9000">ISO 9000</a> series of standards specified by the International Organization for Standardization. The ISO 9000 standards specify an effective quality system for manufacturing and service industries; ISO 9001 deals specifically with software development and maintenance.</p> <p>The main difference between CMM and ISO 9001 lies in their respective purposes: ISO 9001 specifies a minimal acceptable quality level for software processes, while CMM establishes a <a href="https://www.techtarget.com/whatis/definition/framework">framework</a> for continuous process improvement. It is more explicit than the ISO standard in defining the means to be employed to that end.</p> <section class="section main-article-chapter" data-menu-title="CMM's five levels of maturity for software processes"> <h2 class="section-title"><i class="icon" data-icon="1"></i>CMM's five levels of maturity for software processes</h2> <p>There are five levels to the CMM development process. They are the following:</p> <ol class="default-list"> <li><b>Initial.</b> At the initial level, processes are disorganized, ad hoc and even chaotic. Success likely depends on individual efforts and is not considered to be repeatable. This is because processes are not sufficiently defined and documented to enable them to be replicated.</li> <li><b>Repeatable.</b> At the repeatable level, requisite processes are established, defined and documented. As a result, basic <a href="https://www.techtarget.com/searchcio/definition/project-management">project management</a> techniques are established, and successes in key process areas are able to be repeated.</li> <li><b>Defined.</b> At the defined level, an organization develops its own standard <a href="https://www.techtarget.com/searchsoftwarequality/tip/A-guide-to-software-design-documentation-and-specifications">software development process</a>. These defined processes enable greater attention to documentation, standardization and integration.</li> <li><b>Managed.</b> At the managed level, an organization monitors and controls its own processes through <a href="https://www.techtarget.com/searchcio/definition/data-collection">data collection</a> and analysis.</li> <li><b>Optimizing.</b> At the optimizing level, processes are constantly improved through <a href="https://www.techtarget.com/searchsoftwarequality/tip/6-ways-to-catch-defects-in-software-tighten-feedback-loops">monitoring feedback from processes</a> and introducing innovative processes and functionality.</li> </ol> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model-f.png 1280w" alt="Diagram of the 5 levels of the Capability Maturity Model" height="213" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>The Capability Maturity Model takes software development processes from disorganized and chaotic to predictable and constantly improving. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="CMM vs. CMMI: What's the difference?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>CMM vs. CMMI: What's the difference?</h2> <p>CMMI is a newer, updated model of CMM. SEI developed <a href="https://www.cmmiinstitute.com/" target="_blank" rel="noopener">CMMI</a> to integrate and standardize CMM, which has different models for each function it covers. These models were not always in sync; integrating them made the process more efficient and flexible.</p> <p>CMMI includes additional guidance on how to improve key processes. It also incorporates ideas from <a href="https://www.techtarget.com/searchsoftwarequality/definition/agile-software-development">Agile development</a>, such as continuous improvement.</p> <p>SEI released the first version of CMMI in 2002. In 2013, Carnegie Mellon formed the CMMI Institute to oversee CMMI services and future model development.</p> <p>ISACA, a professional organization for IT governance, assurance and cybersecurity professionals, acquired CMMI Institute in 2016. The next version -- CMMI V2.0 -- came out in 2018. It focused on establishing business objectives and tracking those objectives at every level of business <a href="https://www.techtarget.com/whatis/definition/maturity-model">maturity</a>.</p> <p>The current version of CMMI, Version 3.0, was released in 2023. It leverages comments from users and CMMI partners to improve various elements of the model, including changes to the architecture and development of new practice areas addressing people and <a href="https://www.techtarget.com/searchdatamanagement/definition/data-management">data management</a>, in addition to addressing <a href="https://www.techtarget.com/searchsecurity/tip/Remote-work-cybersecurity-12-risks-and-how-to-prevent-them">virtual (e.g., remote) work environments</a>.</p> <p>CMMI adds Agile principles to CMM to help improve development processes, software configuration management and <a href="https://www.techtarget.com/searchsoftwarequality/tip/Make-quality-a-priority-in-your-software-engineering-culture">software quality</a> management. It does this, in part, by incorporating continuous feedback and continuous improvement into the software development process. Under CMMI, organizations are expected to continually optimize processes, record feedback and use that feedback to further improve processes in a cycle of improvement.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/lHmHKh-QVNQ?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <p>One criticism of CMM is that it is too process-oriented and not goal-oriented enough. Organizations have found it difficult to tailor CMM to specific goals and needs. One of CMMI's improvements is to focus on strategic goals and additional practice areas. CMMI is designed to make it easier for businesses to apply the methodology to specific uses than with CMM.</p> <p>Like CMM, CMMI consists of five process maturity levels. However, they are different from the levels in CMM.</p> <p>The process performance levels of CMMI are the following:</p> <ol class="default-list"> <li><b>Initial.</b> Processes are unpredictable and reactive. They increase risk and decrease efficiency.</li> <li><b>Managed.</b> Processes are planned and managed, but they still have issues.</li> <li><b>Defined.</b> Processes become more proactive than reactive.</li> <li><b>Quantitatively managed.</b> Quantitative data is used to craft predictable processes that fulfill <a href="https://www.techtarget.com/searchcio/definition/stakeholder">stakeholder</a> needs based on more accurate measurement of adherence to business goals.</li> <li><b>Optimizing.</b> The organization has a set of consistent <a href="https://www.computerweekly.com/feature/How-AI-is-helping-to-drive-business-process-optimisation">processes that are constantly being improved and optimized</a>.</li> </ol> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model_integration-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model_integration-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model_integration-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/5_levels_of_the_capability_maturity_model_integration-f.png 1280w" alt="Diagram of the 5 levels of the Capability Maturity Model Integration" height="241" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>The Capability Maturity Model Integration combines various software develop maturity models into one process. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>The Capability Maturity Model Integration combines various software development maturity models into one process.</p> </section> <section class="section main-article-chapter" data-menu-title="Pros and cons of CMMI"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Pros and cons of CMMI</h2> <p>The latest version of the CMMI offers some important advantages, including an updated framework for structured process management, increased scalability to address a wider variety of organizations, and by achieving CMMI certification, an improved competitive position and reputation for excellence.</p> <p>The above benefits also come with a few challenges, including the cost and time needed to achieve and maintain the CMMI model, complexity associated with the program implemented, and possible <a href="https://www.techtarget.com/searchcio/tip/The-importance-of-culture-in-digital-transformation">cultural resistance</a> to CMMI processes and their application.</p> </section> <section class="section main-article-chapter" data-menu-title="Preparing for CMMI assessment and certification"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Preparing for CMMI assessment and certification</h2> <p>Assuming an organization wishes to pursue CMMI accreditation, it must first complete a self-assessment which is followed by a third-party assessment and, hopefully, an <a href="https://cmmiinstitute.com/learning/certifications">CMMI certification</a> by the CMMI Institute.</p> <p>The process has several steps, which start by gathering data on the assessment and certification processes from CMMI Institute or one of its approved partner organizations. The candidate organization may elect to receive training on the CMMI process and then proceed to a self-assessment of its current practices as compared to CMMI requirements. Deficiencies uncovered by the assessment can then be addressed.</p> <p>Once the organization has completed the above steps and addressed the relevant assessment components, an appraisal can be scheduled by an approved third party. This can involve interviews, inspections, program and project reviews and other structured activities. Results of the appraisal report can be turned into an action plan to correct any issues. Working in concert with the third-party appraiser, the organization can then apply for certification by the CMMI Institute.</p> <p>A key consideration of self-assessment, appraisal and certification is that the CMMI process does not end with certification. Instead, CMII processes should be part of <a href="https://www.informationweek.com/it-leadership/why-your-it-organization-needs-to-embrace-continuous-improvement">an organization's continuous improvement</a> activities.</p> </section> <section class="section main-article-chapter" data-menu-title="Organizations that provide CMMI assessments and appraisals"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Organizations that provide CMMI assessments and appraisals</h2> <p>The CMMI Institute provides details on how to organize an assessment and/or appraisal. The CMMI Institute Partner Directory lists all partners worldwide. Following is a brief list of CMMI certified lead appraisers.</p> <ul class="default-list"> <li>ABI Consultants</li> <li>Abridge Technology</li> <li>Accenture LLP</li> <li>ACE Guides, LLC</li> <li>ActioNet, Inc.</li> <li>AFNOR Certification</li> <li>AG Kaizen Group</li> <li>Brightline Performance Group</li> <li>BVSLN System Services Private Ltd.</li> <li>Delivery Excellence, Inc.</li> <li>IBM</li> <li>Layermark</li> <li>Leading Edge Process Consultants, LLC</li> <li>Plowright International LLC</li> <li>Prescient Security</li> <li>RSK Consulting</li> <li>Sandhill Consultants Ltd.</li> <li>Shanghai Fancier Info Tech Ltd.</li> </ul> </section> <section class="section main-article-chapter" data-menu-title="The future of CMMI programs"> <h2 class="section-title"><i class="icon" data-icon="1"></i>The future of CMMI programs</h2> <p>Considering the latest iteration -- Version 3.0 -- of the CMMI model, its expansion into a global set of capability performance metrics, and a greater focus on <a href="https://www.techtarget.com/whatis/feature/Tips-for-learning-new-technologies">advanced technologies</a>, people management, virtual work, and environmental, social and governance (<a href="https://www.techtarget.com/whatis/definition/environmental-social-and-governance-ESG">ESG</a>) issues, the long-term view of CMMI is positive.</p> <p><i>As software permeates all aspects of life, developers have an ethical duty to their users. Learn how to </i><a href="https://www.techtarget.com/searchsoftwarequality/tip/5-examples-of-ethical-issues-in-software-development"><i>uphold this responsibility in software development</i></a><i>. Also, learn about </i><a href="https://www.techtarget.com/sustainability/feature/5-IT-sustainability-approaches-to-consider"><i>constructive approaches to enhancing IT sustainability</i></a><i>, such as prioritizing e-waste reduction and adopting responsible AI practices. </i></p> </section> The Capability Maturity Model (CMM) is a methodology used to develop and refine an organization's software development process. https://cdn.ttgtmedia.com/visuals/digdeeper/6.jpg https://www.techtarget.com/searchsoftwarequality/definition/Capability-Maturity-Model Wed, 03 Sep 2025 09:00:00 GMT What is Capability Maturity Model (CMM)? <p>Functional testing is a type of software testing intended to ensure that the software behaves as expected and its output meets end user or business expectations. During functional testing, each function (or feature) of the software is compared with its requirements and specifications to verify that there's a match between "what is" and "what should be".</p> <p>Software developers use functional testing to perform quality assurance (<a href="https://www.techtarget.com/searchsoftwarequality/definition/quality-assurance">QA</a>). If a system passes functional testing, it can be verified for release to clients or end users. Functional testing is important as it confirms that the application meets customer requirements since the process tries to closely reflect the true <a href="https://www.techtarget.com/searchenterprisedesktop/definition/end-user-experience-monitoring-EUEM">experience of a user</a>.</p> <section class="section main-article-chapter" data-menu-title="Purpose of functional testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Purpose of functional testing</h2> <p>Functional testing determines whether the application produces the expected output. Each function is tested for alignment to documented requirements, specifications, and business rules. For the application to have value or perceived quality, it must meet user expectations and enhance user experiences.</p> <p>Functional testing is a vital part of the testing process and the software development lifecycle (<a href="https://www.techtarget.com/searchsoftwarequality/definition/software-development-life-cycle-SDLC">SDLC</a>). If an application does not pass the functional test, it is usually not deployed to end users.</p> <p>To validate that the system works as intended, some or all of these aspects may be tested during functional testing:</p> <ul class="default-list"> <li>Inputs and outputs (entry and exit points).</li> <li>User-accessible features.</li> <li>User interfaces (<a href="https://www.techtarget.com/searchapparchitecture/definition/user-interface-UI">UIs</a>) and flows (navigation).</li> <li>Database.</li> <li>System-user interactions.</li> <li>User roles and permissions.</li> <li>Database and data manipulation.</li> <li>Application program interfaces (<a href="https://www.techtarget.com/searchapparchitecture/definition/application-program-interface-API">APIs</a>).</li> <li>Security features.</li> <li>Client/server interactions.</li> <li>System integrations.</li> <li>Error handling process.</li> </ul> <p><a href="https://www.techtarget.com/searchsoftwarequality/tip/The-stages-of-the-SDLC-explained"><i>Read about the important stages of the SDLC, including testing here</i></a><i>.</i></p> </section> <section class="section main-article-chapter" data-menu-title="Benefits of functional testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Benefits of functional testing</h2> <p>The main benefit of functional testing is that it ensures, as best as possible, that the application will satisfy the end user. The tests confirm user workflows and interactions to ensure the product meets their needs.</p> <p>Functional testing evaluates how the product responds to different scenarios and conditions. It also checks how different components interact and validates the application's various features and capabilities. The tests prove that the product works as expected and outcomes are as anticipated and grounded in documented functional specifications and requirements.</p> <p>This type of testing also verifies the system's response to various scenarios and conditions. This ensures that when those scenarios occur in real life, the product will not break or impair user experiences (<a href="https://www.techtarget.com/searchcio/definition/UX-user-experience">UX</a>).</p> <p>Besides verifying that all requirements are met, functional testing helps identify functional issues <a href="https://www.techtarget.com/searchsecurity/tip/DevSecOps-tools-to-secure-each-step-of-the-SDLC">early in the SDLC</a>. Developers can then fix issues before they escalate and increase the project cost. Functional testing documents that all identified defects are removed. This enhances overall application quality, usability, reliability, and stability.</p> <p>Through functional testing, dev teams can confirm that the application is compatible across different platforms and works across them seamlessly and without error. Finally, testing versifies that the product's <a href="https://www.techtarget.com/searchsoftwarequality/definition/application-security">security</a> posture is as strong as possible and the software complies with all relevant standards and regulations.</p> </section> <section class="section main-article-chapter" data-menu-title="Example of functional testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Example of functional testing</h2> <p>Consider an <a href="https://www.techtarget.com/searchcio/definition/e-commerce">e-commerce</a> site.</p> <p>Here's what the end-to-end purchase process on the site will look like:</p> <ul class="default-list"> <li>User creates an account by providing an email address and chooses a password.</li> <li>User logs into the site.</li> <li>User browses the site's pages and navigates to a particular section to find their product.</li> </ul> <p>OR</p> <ul class="default-list"> <li>User enters a search term into the site's search box.</li> <li>User selects a product and adds it to their cart.</li> <li>The site automatically applies applicable discounts, free shipping, etc. to the purchased product.</li> <li>User checks the final price and proceeds to payment.</li> <li>Post successful purchase, user gets an on-screen notification.</li> </ul> <p>Before the site is live, functional testing would occur to confirm that this process works properly and consistently. Testers would test all of the requirements:</p> <ul class="default-list"> <li>The site allows users to log in with valid credentials.</li> <li>The login feature correctly handles invalid credentials, for example, by displaying an on-screen error message and preventing access.</li> <li>Users can reset their passwords to regain access.</li> <li>The site returns relevant results in response to user search.</li> <li>Users can add items to their shopping cart.</li> <li>The site correctly calculates and displays the product's final price.</li> <li>The payment gateway accepts a valid payment method and rejects invalid methods.</li> <li>The site processes the user's payment and displays an on-screen notification and/or sends an email to the user's registered email address to confirm the purchase.</li> </ul> <p>Errors in any of these functions could affect the site's overall functionality, availability, or performance adversely and damage user experiences. Functional testing ensures that these errors don't occur and everything works correctly..</p> </section> <section class="section main-article-chapter" data-menu-title="How does functional testing work? Functional testing process"> <h2 class="section-title"><i class="icon" data-icon="1"></i>How does functional testing work? Functional testing process</h2> <p>To perform useful functional tests, testers first identify the test inputs (the functionalities to be tested). They also create functional test cases. A <a href="https://www.techtarget.com/searchsoftwarequality/definition/test-case">test case</a> is a document that provides clear instructions to test a specific function and verify that it behaves in accordance with specifications.</p> <p>To test individual functions or features, the software is fed input and test cases are executed using the identified inputs. Actual output is compared to expected output. If the two match, the system functions as expected. If not, the dresults are incorrect and the application needs changes.</p> <p>The steps typically involved in functional testing are:</p> <ul class="default-list"> <li>Identifying the functions the software is <a href="https://www.techtarget.com/searchsoftwarequality/answer/Functional-and-nonfunctional-requirements">expected to perform</a>.</li> <li>Creating input data based on each function's specs (determining which core features are to be tested).</li> <li>Determining the desired output based on the functional specs.</li> <li>Executing the test case using the identified inputs to see how the system behaves.</li> <li>Comparing actual output to anticipated output.</li> <li>Recording the defect/error.</li> </ul> <p>After these steps are completed, the development team resolves the documented errors.</p> <p>The testing team then re-executes the test cases to confirm that the defect has been addressed. They then mark the defect as closed.</p> </section> <section class="section main-article-chapter" data-menu-title="Types of functional testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Types of functional testing</h2> <p>Functional testing techniques include:</p> <ul class="default-list"> <li><b>Unit testing.</b> The individual components or modules of the <a href="https://www.techtarget.com/searchapparchitecture/definition/source-code">source codebase</a>, such as functions, methods, or classes are tested in isolation to determine whether they match the requirements. The goal is to ensure that these components work correctly under different input conditions. <a href="https://www.techtarget.com/searchsoftwarequality/definition/unit-testing">Unit testing</a> is the fastest, least expensive type of software testing and can help improve code quality, reliability, and maintainability.</li> <li><b>Smoke testing.</b> A series of test cases serve to verify that an application's main features and core functionalities work properly individually before combining them. Smoke testing enables testing teams to determine if the build is flawed and whether it contains any showstopper issues. With <a href="https://www.techtarget.com/searchsoftwarequality/definition/smoke-testing">smoke testing</a>, major issues may be discovered early, giving dev and QA teams time to implement fixes and if needed, initiate <a href="https://www.techtarget.com/searchsoftwarequality/tip/Why-flaky-tests-are-a-problem-you-cant-ignore">more rigorous tests</a>.</li> <li><b>Sanity testing.</b> This occurs after a smoke test to verify that all vital features work correctly together, both individually <i>and</i> as part of the system. It is a subset of regression testing and has a narrow and deep focus. Teams can initiate more extensive tests after a <a href="https://www.techtarget.com/searchsoftwarequality/tip/Smoke-testing-vs-sanity-testing-explainer-on-key-differences">sanity test</a> to further improve software quality.</li> <li><b>Regression testing</b>. This testing ensures that any changes made to the codebase -- such as to add a new feature or functionality, to fix a bug, etc. -- do not break existing functionality. Regression testing ensures that the software remains stable after updates, performance improvements, and bug fixes.</li> <li><b>Black box testing.</b> The functionality of the software under test is studied without looking at its internal workings, code structure, or implementation details. With <a href="https://www.techtarget.com/searchsoftwarequality/definition/black-box">black box testing</a>, the tester also has no knowledge of internal paths. They focus only on the product's external behavior. This type of functional test can help to uncover issues from a user's perspective and enhance user experiences.</li> <li><b>White box testing</b>: The <a href="https://www.techtarget.com/searchsoftwarequality/definition/white-box">white box test</a> explores the system's code structure, application paths, and internal paths. The goal is to optimize code so it meets quality standards and validate the system's internal functions to ensure they do what they are supposed to do.</li> </ul> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/whatis-white_box.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/whatis-white_box_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/whatis-white_box_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/whatis-white_box.png 1280w" alt="A chart comparing white box and black box testing" height="286" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>Black box testing focuses on a product's external behavior while white box testing considers internal matters like code structure. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <ul class="default-list"> <li><b>Gray box testing. </b>This testing combines aspects of black box and white box testing. The tester has partial knowledge about its internal workings. This allows them to design more targeted test cases to increase test coverage and validate the system's external behavior, particularly around high-risk areas.</li> <li><b>Integration testing.</b> <a href="https://www.techtarget.com/searchsoftwarequality/definition/integration-testing"></a><a href="https://www.techtarget.com/searchsoftwarequality/definition/integration-testing">Integration tests</a> determine whether various sub-systems or components are properly compatible to carry out basic functionality. The tests check that the system's individual modules work well together to produce the expected output. APIs should be tested, too.</li> <li><b>User acceptance testing</b><b>.</b> <a href="https://www.techtarget.com/searchsoftwarequality/definition/user-acceptance-testing-UAT">UAT</a> is performed by actual users to ensure that the software can handle required tasks in real-world scenarios, according to specifications. Testers perform UAT before go-live to confirm that it is user-friendly, meets user needs, and is <a href="https://www.techtarget.com/searchsoftwarequality/answer/User-acceptance-testing-vs-system-integration-testing">ready for deployment</a>.</li> </ul> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/YxhxYooPeZI?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> </section> <section class="section main-article-chapter" data-menu-title="Functional testing vs. non-functional testing"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Functional testing vs. non-functional testing</h2> <p>Functional testing focuses on testing an application's ability to execute a task. The aim is mainly to ensure that its functions behave as expected and its operational aspects match stated functional requirements.</p> <p>In contrast, non-functional testing looks at the application's non-functional aspects, such as its overall performance, <a href="https://www.techtarget.com/searchdatacenter/definition/scalability">scalability</a>, reliability, security and compatibility. Instead of checking if the software meets specific requirements, testers assess its performance under various conditions.</p> <p>Functional testing is not concerned with how the processing occurs but rather the results of processing. Although functional testing simulates actual system use, it does not make any system structure assumptions.</p> <p>Testers can use various techniques for both functional and non-functional testing.</p> <p>Popular functional testing techniques include:</p> <ul class="default-list"> <li><b>Decision-based tests.</b> The tester checks for possible outcomes when a particular condition is met using if-then or if-then-else logic.</li> <li><b>End-user-based tests.</b> Testers test if all components of the system are working together correctly and not causing any errors.</li> <li><b>Equivalence tests</b>. Testers create equivalence data cases to verify that two versions of the system behave equivalently under the same conditions.</li> <li><b>Boundary value tests</b>. These tests <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-boundary-value-analysis-boosts-test-efficiency">assess how the system behaves</a> when data boundaries -- minimum, maximum, just above, just below -- are implemented.</li> <li><b>Ad-hoc tests</b>. With these tests, testers test the system without predefined test cases to uncover defects that might have been missed previously.</li> </ul> <p>Popular techniques for non-functional testing include performance testing, load testing, usability testing, and stress testing.</p> </section> <section class="section main-article-chapter" data-menu-title="Functional testing tools"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Functional testing tools</h2> <p>Many tools support functional testing. These include:</p> <ul class="default-list"> <li><b>Selenium.</b> This open source <a href="https://www.techtarget.com/searchsoftwarequality/tip/A-Selenium-IDE-vs-WebDriver-comparison">Selenium</a><b> </b>functional testing framework is used for automating web applications for testing and web-based administration tasks. The tests can be created in many different programming languages and executed on multiple browsers or platforms.</li> <li><b>HPE Unified Functional Testing </b><b>software.</b> Developed by HP, this <a href="https://www.techtarget.com/searchsoftwarequality/feature/Streamline-app-testing-using-HPE-Unified-Functional-Testing">tool automates functional testing</a> across multiple application layers for many major application environments and development technologies. Besides multi-layer testing, it also addresses GUI testing, headless layer testing, and non-GUI testing.</li> <li><b>TestingWhiz.</b> This is a codeless test automation tool for testing multiple scenarios like web, database, regression, and mobile testing within the same test case. It includes numerous useful features, such as a Selenium Java editor, a job scheduler, and test case recording and playback to simplify functional testing. It integrates with many tools, frameworks, and platforms to ensure seamless test case execution across multiple browsers, environments, and conditions..</li> <li><b>JUnit.</b> This is a framework for testing <a href="https://www.theserverside.com/definition/Java">Java</a> applications, although it also help test applications in many other languages. It supports multiple test cases and can print out test results.</li> <li><b>Watir </b><b>(Web Application Testing in Ruby)</b><b>.</b> This is an open source functional testing tool comprised of <a href="https://www.techtarget.com/whatis/definition/Ruby">Ruby </a>scripting language libraries.</li> </ul> <p>Modern functional testing tools streamline the process of verifying software functionality through automation. Many of these tools are easy to use and scalable to handle high-volume test runs. Useful tools allow testers to write test cases in multiple programming languages and execute the cases across multiple platforms and browsers. The best tools integrate with <a href="https://www.techtarget.com/searchsoftwarequality/CI-CD-pipelines-explained-Everything-you-need-to-know">CI/CD pipelines</a> so teams can run any number of automated tests as needed and during every build cycle. These tools also let users reuse test cases so they can save time and effort. Finally, intelligent tools simplify test case maintenance so dev and testing teams can easily modify or update the cases as the application evolves.</p> <p>CI/CD can transform an organization, but there's a lot to consider. This comprehensive guide explains the CI/CD pipeline stages, benefits and challenges, best practices and more.</p> <p><i>CI/CD can change how an organization operates, but several factors must be considered. This </i><a href="https://www.techtarget.com/searchitoperations/tip/How-to-build-a-CI-CD-pipeline-with-examples"><i>guide explains the stages of the CI/CD pipeline</i></a><i>, its benefits and challenges, best practices, and more.</i></p> </section> Functional testing is a type of software testing intended to ensure that the software behaves as expected and its output meets end user or business expectations. https://cdn.ttgtmedia.com/visuals/digdeeper/4.jpg https://www.techtarget.com/searchsoftwarequality/definition/functional-testing Tue, 02 Sep 2025 10:45:00 GMT What is functional testing and how does it work? <p>You don't have to be a full-stack developer to become a Scrum Master, but you should be creative and quick with a whiteboard marker.</p> <p>As a Scrum Master, you facilitate the procedures of Scrum, a framework for Agile development. This person <a href="https://www.techtarget.com/searchsoftwarequality/tip/The-Scrum-events-explained">orchestrates the events</a>, also called ceremonies, such as the daily Scrum and the sprint review. <a href="https://www.techtarget.com/whatis/definition/scrum-master">Scrum Masters</a> enable collaboration, resolve conflict and improve processes; they exist to serve the team.</p> <p>When work interruptions occur, Scrum Masters should lead collaborative efforts to address impediments -- especially if they're external. For example, requirements changes and technical issues stall work during both individual <a href="https://www.techtarget.com/searchsoftwarequality/definition/Scrum-sprint">sprints</a> and the fuller development cycle. To address such problems, the Scrum Master needs to be proficient with the development tools a team uses. A Scrum Master with these advanced skill sets can help a software team greatly.</p> <p>Beyond Agile project management abilities, skilled Scrum Masters are also need broad leadership skills. They build trust, promote healthy conflict and conflict resolution, get commitment, ensure accountability and maintain focus on sprint goals. To do so, they must understand the technical product developers are building.</p> <p>If you're ready to <a href="https://www.techtarget.com/searchsoftwarequality/tip/Scrum-master-interview-questions-and-answers">advance your Agile development career</a>, study up on these essential Scrum Master skills.</p> <section class="section main-article-chapter" data-menu-title="1. Learning to build Scrum knowledge"> <h2 class="section-title"><i class="icon" data-icon="1"></i>1. Learning to build Scrum knowledge</h2> <p>Study core Scrum pillars and <a href="https://www.techtarget.com/whatis/feature/What-are-the-5-Scrum-values">values</a> to become an effective Scrum Master. Three pillars of Scrum exist: adaptation, transparency and inspection. The framework has five values: respect, courage, openness, commitment and focus.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/whatis-scrum_pillars.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/whatis-scrum_pillars_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/whatis-scrum_pillars_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/whatis-scrum_pillars.png 1280w" alt="The pillars of scrum" height="373" width="560"> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>Scrum competency requires knowledge of these concepts and activities.</p> <ul class="default-list"> <li>Daily Scrum.</li> <li>Definition of done.</li> <li>Development team.</li> <li>Increment.</li> <li>Product backlog.</li> <li>Product owner.</li> <li>Sprint.</li> <li>Sprint retrospective.</li> <li>Sprint review.</li> <li>Timeboxing.</li> </ul> <p>The book <em>Essential Scrum</em> by Kenneth S. Rubin is a great resource for Scrum Masters of any skill level. An Agile framework and Scrum trainer, Rubin describes <a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Agile-Scrum-Process-Steps-Methodology-Sprint-Flow-Principles-Values-Pillars-Guide">the Scrum process and characteristics</a> that help teams continually improve.</p> </section> <section class="section main-article-chapter" data-menu-title="2. Execution of Scrum"> <h2 class="section-title"><i class="icon" data-icon="1"></i>2. Execution of Scrum</h2> <p>Scrum Masters must <a href="https://www.theserverside.com/quiz/Tough-Scrum-Master-quiz-questions">demonstrate competency with the framework</a>. A certification proves that you understand Scrum and can apply it in real-world scenarios.</p> <p><a href="https://www.techtarget.com/searchsoftwarequality/tip/Top-Scrum-certifications-Which-path-to-choose">Choose a certification path</a> based on your knowledge level and job. Basic certification covers the fundamentals of the Scrum framework. An experienced Scrum Master might want to pursue advanced certification to test their abilities to apply skills to more complex projects and organizations.</p> <table class="main-article-table"> <thead> <tr> <td valign="top" colspan="7"> <p><span style="color: #ecf0f1;"><strong>Compare the best certifications for Scrum Masters</strong></span></p> </td> </tr> </thead> <tbody> <tr> <td valign="top"> <p>Name</p> </td> <td valign="top"> <p>Difficulty</p> </td> <td valign="top"> <p>Cost</p> </td> <td valign="top"> <p>Accreditations</p> </td> <td valign="top"> <p>Questions</p> </td> <td valign="top"> <p>Duration</p> </td> <td valign="top"> <p>Pass</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://www.scrum.org/assessments/professional-scrum-master-i-certification" rel="noopener">PSM I</a></p> </td> <td valign="top"> <p>Beginner</p> </td> <td valign="top"> <p>$200</p> </td> <td valign="top"> <p>+720,000</p> </td> <td valign="top"> <p>80</p> </td> <td valign="top"> <p>60 mins</p> </td> <td valign="top"> <p>85%</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://www.scrum.org/assessments/professional-scrum-master-ii-certification" rel="noopener">PSM II</a></p> </td> <td valign="top"> <p>Intermediate</p> </td> <td valign="top"> <p>$250</p> </td> <td valign="top"> <p>+52,000</p> </td> <td valign="top"> <p>30</p> </td> <td valign="top"> <p>90 mins</p> </td> <td valign="top"> <p>85%</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://www.scrum.org/assessments/professional-scrum-master-iii-certification" rel="noopener">PSM III</a></p> </td> <td valign="top"> <p>Expert</p> </td> <td valign="top"> <p>$500</p> </td> <td valign="top"> <p>+1,200</p> </td> <td valign="top"> <p>24</p> </td> <td valign="top"> <p>150 mins</p> </td> <td valign="top"> <p>Pass/Fail</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://www.scrum.org/assessments/scaled-professional-scrum-certification" rel="noopener">SPS</a></p> </td> <td valign="top"> <p>Expert</p> </td> <td valign="top"> <p>$250</p> </td> <td valign="top"> <p>+7,300</p> </td> <td valign="top"> <p>40</p> </td> <td valign="top"> <p>60 mins</p> </td> <td valign="top"> <p>85%</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://community.atlassian.com/learning/certifications/jira-software-essentials" rel="noopener">Jira</a></p> </td> <td valign="top"> <p>Intermediate</p> </td> <td valign="top"> <p>$100</p> </td> <td valign="top"> <p>N/A</p> </td> <td valign="top"> <p>30</p> </td> <td valign="top"> <p>60 mins</p> </td> <td valign="top"> <p>72%</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://scaledagile.com/certification/scrum-master/" rel="noopener">SAFe</a></p> </td> <td valign="top"> <p>Expert</p> </td> <td valign="top"> <p>$3000</p> </td> <td valign="top"> <p>N/A</p> </td> <td valign="top"> <p>45</p> </td> <td valign="top"> <p>90 mins</p> </td> <td valign="top"> <p>73%</p> </td> </tr> <tr> <td valign="top"> <p><a target="_blank" href="https://d1.awsstatic.com/onedam/marketing-channels/website/aws/en_US/certification/approved/pdfs/docs-cloud-practitioner/AWS-Certified-Cloud-Practitioner_Exam-Guide.pdf" rel="noopener">AWS</a></p> </td> <td valign="top"> <p>Beginner</p> </td> <td valign="top"> <p>$100</p> </td> <td valign="top"> <p>+400,000</p> </td> <td valign="top"> <p>65</p> </td> <td valign="top"> <p>90 mins</p> </td> <td valign="top"> <p>70%</p> </td> </tr> </tbody> </table> <p>Some certification organizations require applicants to take a course prior to the exam. The certification exams from the two dominant certifiers require passing grades to obtain the certification. CSM from the Scrum Alliance requires 37 out of 50 answers correct, or 74%. The PSM from Scrum.org requires 68 out of 80 answers correct, or 85%. Both exams run for one hour. <br><br>Some Scrum Master certifications expire. For example, the CSM certification is only valid for two years, then needs to be renewed. The PSM, by contrast, is valid for life.</p> <p>Check whether your company supports training classes under its continuing education program. If you already hold a basic Scrum Master certification, consider an advanced certification.</p> </section> <section class="section main-article-chapter" data-menu-title="3. Leadership"> <h2 class="section-title"><i class="icon" data-icon="1"></i>3. Leadership</h2> <p>The Scrum Master is the glue between the product owner and the development team. The relationship between the Scrum Master and the product owner is key to success.</p> <p>The product owner is responsible for <a href="https://www.techtarget.com/searchsoftwarequality/tip/Requirements-vs-user-stories-in-software-development">user story creation</a>. Then, the entire Scrum team reviews these stories to finalize, estimate and prioritize them. The Scrum Master ensures the development team fully supports story refinement, also called <a href="https://www.techtarget.com/searchsoftwarequality/tip/What-productive-backlog-grooming-sessions-entail">backlog grooming</a>. The product owner takes on product challenges and changes in feature prioritization. To assist the product owner, the Scrum Master informs the development team of product changes. Scrum Masters should especially highlight changes that affect work in progress during a sprint.</p> <p>The Scrum Master helps the product owner by being a good leader with well-developed soft skills. A Scrum Master performs the tasks below.</p> <ul class="default-list"> <li>Holds the Scrum team accountable to the defined sprint goals.</li> <li>Implements effective product backlog management.</li> <li>Helps the Scrum team understand story grooming and estimated product backlog items.</li> <li>Arranges the product backlog to maximize value.</li> <li>Facilitates Scrum events.</li> </ul> <p>Conflicts will arise in performing this service. Scrum Masters must be accountable, organized and build consensus throughout an organization. This will help to manage conflict effectively. Work with the team every day to help members achieve sprint goals.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/lM38mXNBIAk?si=CdiBzfKib39tCoWP?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> <p>Learn new skills from books about leadership. Many titles focus on leading Agile teams, but they don't have to pertain to <a href="https://www.theserverside.com/tip/Agile-versus-Scrum-Whats-the-difference">Agile or Scrum</a> specifically. I recommend <em>The Five Dysfunctions of a Team </em>by Patrick Lencioni. Find a book that resonates with your personal approach to leadership.</p> <p>Sharpen your leadership skills through practice. Take on a nontechnical leadership role outside of your job. Look into community volunteer opportunities, such as coaching a youth sports team. The same elements of collaboration and teamwork that win soccer games can apply to successful Agile software delivery.</p> </section> <section class="section main-article-chapter" data-menu-title="4. Collaboration"> <h2 class="section-title"><i class="icon" data-icon="1"></i>4. Collaboration</h2> <p>Scrum Masters' responsibilities extend beyond their own development teams. To remove impediments for their teams, Scrum Masters collaborate with stakeholders and other dev teams. Some Scrum experts say this interaction falls outside of the traditional Scrum Master role, but it's necessary work, and you're the right person to do it. As a Scrum Master, use <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-Agile-and-DevOps-leadership-empowers-the-whole-team">leadership skills</a> to collaborate across teams, negotiate schedules and facilitate technical meetings.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/software_quality-scrum_master-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/software_quality-scrum_master-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/software_quality-scrum_master-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/software_quality-scrum_master-f.png 1280w" alt="Diagram illustrating the Scrum team roles." height="485" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>A Scrum team consists of the product owner, the Scrum Master and the development team. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="5. Organization"> <h2 class="section-title"><i class="icon" data-icon="1"></i>5. Organization</h2> <p>Scrum teams require structure and planning, so Scrum Masters must facilitate a process to keep everyone on track. While a Scrum Master should be an organized individual, the role requires more than just personal management skills.</p> <p>The Scrum Master needs to have honed skills in team management. A <em>team agreement</em> is in the Scrum Master's toolbox to get everyone on the same page. The team agreement, or team operating procedure, is a document that defines procedures for the team, such as core working hours, Scrum ceremony formats, escalation paths and stakeholder involvement. The agreement is a living document; the team should modify it as the group changes. These guidelines should enable transparency across personalities and roles.</p> <p>Organizational skills are also key to collaboration with the product owner on the product backlog. The Scrum master ensures team members complete their task assignments and that the overall feature is tracking to delivery. Scrum teams can use project management tools to keep the entire team connected and organized.</p> </section> <section class="section main-article-chapter" data-menu-title="6. Project management tools expertise"> <h2 class="section-title"><i class="icon" data-icon="1"></i>6. Project management tools expertise</h2> <p>Scrum Masters should develop advanced skills on project management Kanban boards and collaboration and documentation software, including calendars.</p> <p><a href="https://www.techtarget.com/searchsoftwarequality/tutorial/Project-management-tools-and-strategies-Gantt-charts-PERT-charts-and-PM-planning-tools">Task boards</a> are the primary tool Scrum teams use to manage, organize and track work. Teams should be able to look at the task board and know how the sprint and project overall are tracking. Task boards are common online list-making, issue-tracking and project-management tools; options include Asana, and Atlassian's Trello and Jira.</p> <p>The task board structure illustrates project workflows and the dependencies and hierarchical relationships between tasks. The Scrum Master should be able to set up the task board, establish workflows and move tasks, and help team members move tasks properly. Kanban boards are a specific type of task board.</p> <p>Development teams use collaboration software for documentation and group communication throughout the development cycle. Teams capture user stories, discuss work and resolve problems. Inefficient use of messaging tools can overburden a team, interrupting the work. The Scrum Master must set guidelines, choose channels and otherwise manage these team communication tools.</p> <p>The Scrum Master also runs all Scrum events. Use a calendar tool, such as Microsoft Outlook or Google Calendar -- or a calendar within the collaboration platform -- to send and manage event invites.</p> <div class="extra-info"> <div class="extra-info-inner"> <h3 class="splash-heading">Scrum master skills checklist</h3> <ul class="default-list"> <li>Facilitates Scrum team agreement and activities: standups, backlog meetings, sprint planning, team review, retrospectives.</li> <li>Knows Scrum values, principles and practices.</li> <li>Adapts Scrum framework for team needs.</li> <li>Coordinates with other teams and stakeholders.</li> <li>Understands the technical product and processes.</li> <li>Resolves issues and removes impediments.</li> <li>Communicates and listens well.</li> <li>Collaborates with groups and organizes team tasks.</li> <li>Coaches colleagues to success.</li> <li>Adapts to change.</li> </ul> </div> </div> </section> <section class="section main-article-chapter" data-menu-title="7. Agile and software development knowledge"> <h2 class="section-title"><i class="icon" data-icon="1"></i>7. Agile and software development knowledge</h2> <p>At its core, Scrum helps software development teams build products adaptively. Technical knowledge on how to develop software in an Agile environment can help Scrum Masters move teams ahead with the proper tools and techniques.</p> <p>Scrum Masters should be familiar with the technical product under development and with the development tool suite. A Scrum Master does not need to be able to write software. However, a high level understanding of the product's technical features and use cases is essential to effectively run the Scrum project.</p> <p>Scrum Masters can even participate in end-to-end acceptance testing of the product.</p> </section> <section class="section main-article-chapter" data-menu-title="8. Listening"> <h2 class="section-title"><i class="icon" data-icon="1"></i>8. Listening</h2> <p>Be a good leader, which starts with being a good listener; consider the <a href="https://www.techtarget.com/searchcio/definition/Servant-Leadership">servant leader</a> model. Listening is a must-have Scrum Master skill. Pay close attention at daily standups, backlog meetings, sprint planning, team review and the retrospective. Hear where issues arise, raise awareness of them and lead the team to a resolution.</p> </section> <section class="section main-article-chapter" data-menu-title="9. Adaptability"> <h2 class="section-title"><i class="icon" data-icon="1"></i>9. Adaptability</h2> <p>Many Scrum Masters fixate on following the framework. Instead, think of Scrum as a foundational tool rather than the goal. The Agile methodology centers upon the concept of change, and the framework and processes necessary to manage change. The Scrum framework must adapt to best support the team. Every team executes Scrum ceremonies but works differently from others.</p> </section> <section class="section main-article-chapter" data-menu-title="10. Risk management"> <h2 class="section-title"><i class="icon" data-icon="1"></i>10. Risk management</h2> <p>The Scrum Master should be knowledgeable in <a href="https://www.techtarget.com/searchcio/feature/Top-12-risk-management-skills-and-why-you-need-them">common processes to manage risk</a>. They can facilitate that process, from risk identification through mitigation and monitoring.</p> <p>Some risks are related to process, skills or <a href="https://www.techtarget.com/searchcio/feature/Key-technical-debt-reduction-strategies">technical debt</a>. All projects accept some level of debt. However, during development, issues can arise that are impediments to tasks. These issues might result in risks that add to quality, feature or UX debt. The Scrum Master helps to identify dangers, and works with the development team to analyze, rank and communicate them. This skill helps the product owner and stakeholders make decisions to best mitigate or reduce the risk.</p> <p>A Scrum Master who learns, leads and listens, and applies their knowledge of processes, associated tools and team dynamics where needed, is in the right position to <a href="https://www.techtarget.com/searchcio/feature/career-advice-for-aspiring-cios-5-tips">make the team run efficiently</a>. These Scrum Master skills support rapid, predictable delivery at every iteration. That kind of high-quality software delivery is ultimately why the team chose Scrum.</p> <p><i>Diane Hoffman is the principal consultant at Intelopment Group LLC. Her areas of expertise include Agile software development and project management.</i></p> </section> From sprint planning to servant leadership, Scrum Masters help Agile developers, product owners and other team members perform at their best. Here's what makes a good Scrum Master. https://cdn.ttgtmedia.com/rms/onlineimages/maze_g1261411056.jpg https://www.techtarget.com/searchsoftwarequality/tip/Why-essential-Scrum-Master-skills-are-elementary Tue, 02 Sep 2025 10:44:00 GMT 10 essential Scrum Master skills in 2025 <p>In software development and systems engineering, technical requirements define what is needed to ensure a desired system function or behavior will work as expected. Also known as <i>technical specifications</i> or <i>tech specs</i>, technical requirements cover all the technical issues a <a href="https://www.techtarget.com/searchapparchitecture/opinion/Top-developer-relations-trends-for-building-stronger-teams">development team</a> must address to ensure a project's successful development and completion.</p> <p>Technical requirements commonly refer to <a href="https://www.techtarget.com/searchapparchitecture/definition/software">software</a> projects, but can also refer to other kind of projects, including electronic <a href="https://www.techtarget.com/searchnetworking/definition/hardware">hardware</a> devices, software-driven electronic devices, and services.</p> <section class="section main-article-chapter" data-menu-title="Importance of technical requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Importance of technical requirements</h2> <p>Before a software project can begin, it's vital to first define its technical requirements such as its:</p> <ul class="default-list"> <li><a href="https://www.techtarget.com/searchsecurity/tip/5-essential-programming-languages-for-cybersecurity-pros">programming language</a>,</li> <li>technologies (<a href="https://www.techtarget.com/searchdatamanagement/definition/database-management-system">DBMS</a>, search and analytics engine, integrations, streaming platform, etc.),</li> <li>operating system,</li> <li><a href="https://www.techtarget.com/searchdatamanagement/definition/database">database</a> architecture,</li> <li>hardware requirements,</li> <li>data transfer speeds,</li> <li>security protocols,</li> <li>regulatory standards.</li> </ul> <p>Defining the technical requirements for a project gives development teams clarity on how the product will address the end user's specific need or challenge. Finding the right solutions to technical issues can involve examining various factors, such as availability, performance, accessibility, and reliability, that can be conveyed in technical requirements . The technical requirements can clarify project scope, minimize the probability of <a href="https://www.techtarget.com/searcherp/feature/How-to-prevent-scope-creep-in-your-ERP-implementation">scope creep</a> and delays, and measure and quantify how the product will function. Once they have clarity on all these considerations, developers can determine the technical resources needed to successfully execute the project.</p> <div class="youtube-iframe-container"> <iframe id="ytplayer-0" src="https://www.youtube.com/embed/nXOCnDQ05kA?autoplay=0&modestbranding=1&rel=0&widget_referrer=null&enablejsapi=1&origin=https://www.techtarget.com" type="text/html" height="360" width="640" frameborder="0" loading="lazy"></iframe> </div> </section> <section class="section main-article-chapter" data-menu-title="What are the factors in technical requirements?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What are the factors in technical requirements?</h2> <p>In defining a product's technical requirements, teams typically consider some or all of these factors:</p> <ul class="default-list"> <li><b>Availability. </b>How available is the software? Is it prone to downtime that disrupts user experiences and workflows?</li> <li><b>Accessibility.</b> Is the product accessible to the target users?</li> <li><b>Adaptability.</b> Does the software perform, evolve, and maintain (or ideally, enhance) its value over time?</li> <li><b>Usability.</b> Is the product easy to learn and efficient? Does it do what it's supposed from the user's perspective? Does it optimize user experiences?</li> <li><b>Reliability.</b> Does the software work correctly and consistently? How does it behave under unexpected or abnormal conditions? How does it <a href="https://www.computerweekly.com/news/366625359/UKs-error-prone-eVisa-system-is-anxiety-inducing">handle errors</a> and failures?</li> <li><b>Auditability.</b> Can the system's processes, functionality, infrastructure, data, and actions be traced and <a href="https://www.techtarget.com/searchenterpriseai/tip/How-to-audit-AI-systems-for-transparency-and-compliance">verified by an auditor</a>? Can modifications be tracked to ensure system integrity?</li> <li><b>Maintainability.</b> How easy or difficult is it to modify, enhance, or adapt the software in response to changing user needs or challenges? How much effort and additional expense is likely to be required to maintain or improve the product over its lifespan?</li> </ul> <p>An additional and important set of factors involve performance, which refers to how the system should operate under specific conditions in terms of its:</p> <ul class="default-list"> <li><b>Processing speed</b>. The system's response time following a user request or action,</li> <li><b>Throughput</b>. The amount of work the system can handle in a certain time period,</li> <li><b>Scalability</b>. <a href="https://www.techtarget.com/searchenterpriseai/tip/Tips-to-prevent-machine-learning-scalability-problems">Scalability</a> refers to whether a product can handle increased load without appreciable negative affect on output or UX,</li> <li><b>Resource usage</b>. The amount of resources, such as CPU and memory, the software needs to perform its functions,</li> <li><b>Efficiency</b>.<b> </b>The degree to which the system uses available resources to achieve its results.</li> </ul> <p>Performance is so important it has given rise to a niche area called <i>performance engineering, </i>a discipline that, when executed properly, helps development teams ensure that the product will run efficiently and effectively and meet user expectations.</p> <p>A key responsibility of a performance engineer is to identify the project key performance indicators (<a href="https://www.techtarget.com/searchbusinessanalytics/definition/key-performance-indicators-KPIs">KPIs</a>) -- the measurable, achievable values related to system performance and user satisfaction aligned to the project's end goals.</p> </section> <section class="section main-article-chapter" data-menu-title="Process to collect and define technical requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Process to collect and define technical requirements</h2> <p>A consultation process at the start of the requirements gathering process is necessary to select and prioritize factors to consider. =</p> <p>A development team representative, such as the software architect, collects inputs from multiple stakeholders, such as business contacts, end users, and project managers. They may do this using surveys, interviews, or other touchpoints. The goal is to understand stakeholders' minimum expectations, get a headstart on defining the requirements, and clarify the need or justification for each requirement.</p> <p>After gathering the basic technical requirements, the gatherer researches market trends and user behavior patterns. Based on this information, they try to elucidate the required performance level for the product. They also prepare <a href="https://www.techtarget.com/searchsoftwarequality/definition/use-case">use cases</a> and case diagrams and quantify the product's technical qualities to guide work on a product prototype.</p> <p>Before prototyping starts, it's crucial to validate the technical requirements gathered and to compile all validated requirements into a detailed technical requirements document (TRD), which is shared with the development team, and in some cases, with end users, customers, and business leaders to finalize the requirements and initiate development.</p> </section> <section class="section main-article-chapter" data-menu-title="Examples of technical requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Examples of technical requirements</h2> <p>Technical requirements vary by project. Here are some examples.</p> <h3>Example 1: e-commerce website</h3> <p>An <a href="https://www.techtarget.com/searchcio/definition/e-commerce">e-commerce</a> website connects buyers and sellers of products or services so they can engage in sales transactions. Since money changes hands through the website, it must be able to handle payment processing quickly and securely. So, two core technical requirements will be:</p> <ul class="default-list"> <li>Secure payment gateway that integrates with various payment methods to secure process online transactions.</li> <li><a href="https://www.techtarget.com/searchsecurity/definition/Secure-Sockets-Layer-SSL">SSL</a> certificate that ensures secure transactions by encrypting the data transmitted between the site and its users.</li> </ul> <p>The site should also have a responsive design so it can adapt to different devices and screen sizes. Search engines should be able to find it. It should display the correct content to users when they search for a product, making <a href="https://www.techtarget.com/searchcontentmanagement/feature/GEO-vs-SEO-Whats-the-difference">search engine optimization</a> (SEO) an important technical requirement.</p> <p>Next, the site should be easy to manage. The site owner should be able to <a href="https://www.techtarget.com/searchcontentmanagement/tip/6-enterprise-content-management-best-practices-for-deployment">update its content easily</a>, They should be able to back up and restore all content and data, including product listings, descriptions, images, and videos. This introduces the technical requirement for a content management system (<a href="https://www.techtarget.com/searchcontentmanagement/definition/content-management-system-CMS">CMS</a>).</p> <p>E-commerce sites also have all the technical requirements common for other sites:</p> <ul class="default-list"> <li>favorable site uptime,</li> <li>unique web address (domain name)</li> <li>reliable hosting provider</li> <li>page responsiveness (fast load times)</li> <li>support for commonly used browsers</li> <li>page redirects</li> <li>sitemaps</li> <li><a href="https://www.techtarget.com/searchcontentmanagement/tip/Checklist-to-create-accessible-Word-documents">alt text</a> for images</li> <li>compliance with <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-to-run-an-ADA-compliant-website-test">accessibility standards</a> (e.g., WCAG)</li> <li>steady performance (rcopes well with traffic spikes or troughs)</li> <li>frequent, automatic backups</li> </ul> <h3>Example 2: CRM software</h3> <p>Businesses use Customer Relationship Management (<a href="https://www.techtarget.com/searchcustomerexperience/definition/CRM-customer-relationship-management">CRM</a>) software to manage customer information and analyze their various interactions with customers throughout the <a href="https://www.techtarget.com/searchcustomerexperience/definition/Customer-Life-Cycle">customer lifecycle</a>. Besides consolidating and tracking customer data, a CRM provides useful insights about customer preferences and behaviors that help companies identify new sales opportunities, enhance customer experiences, and make better decisions to strengthen brand value and recall.</p> <p>Since data is foundational to a CRM, <a href="https://www.techtarget.com/searchsecurity/opinion/Data-security-and-identity-security-themes-at-RSAC-2025"><b>data security</b></a> is a critical technical requirement. Sensitive customer data must be encrypted (in-transit and at-rest) and access controls should be in place to restrict data access only to authorized users.</p> <p>Performance and reliability are also key in a CRM platform. It should function as expected consistently and not be prone to downtime. It should be able to handle increasing data volumes without deterioration in its speed or responsiveness. To reflect this goal, developers should document scalability as a technical requirement.</p> <p>Additionally, the product should be easy to use and access -- ideally from any location and using any device. This means an intuitive interface and mobile accessibility become essential technical requirements.</p> <p>The best CRMs easily integrate with other business tools and support custom integrations and extensions through Application Program Interfaces (APIs). The technical requirement that reflects these capabilities is <a href="https://www.techtarget.com/searchsecurity/tip/How-to-improve-third-party-API-integration-security">integration</a>.</p> <p>Finally, CRM tools are built for customer data management, analysis, and business decision-making. Technical requirements here encompass reporting, analytics, contact management, and marketing automation.</p> </section> <section class="section main-article-chapter" data-menu-title="Technical requirements document"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Technical requirements document</h2> <p>The TRD clearly outlines all technical aspects of a project, including system requirements, expected performance, risks, and limitations. It shouldcover user needs and expectations, product usability, product real-world applicability, and regulatory/environmental considerations.</p> <p>The TRD may also describe the product prototypes and include details about the development process, such as scope planning and project management changes. Some TRDs include a description of the team structure and any background research performed before development work commences.</p> <p>A detailed, well-structured TRD provides a robust, actionable roadmap for building a functional, high-quality product. It ensures clear communication among technical teams. The TRD can prevent scope creep and guide product design, development, testing, and deployment. Many teams also use TRDs to inform and optimize <a href="https://www.techtarget.com/searcherp/definition/service-lifecycle-management-SLM">product maintenance</a>.</p> </section> <section class="section main-article-chapter" data-menu-title="Technical requirements vs. functional requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Technical requirements vs. functional requirements</h2> <p>Technical requirements are a part of <a href="https://searchsoftwarequality.techtarget.com/definition/requirements-analysis">requirements analysis</a> (also known as requirements engineering), an interdisciplinary field in engineering that involves the design and maintenance of complex systems, including software. These requirements reflect what technical attributes should be implemented for the product to work as expected.</p> <p>The other side of requirements analysis is <a href="https://www.techtarget.com/searchsoftwarequality/answer/Functional-and-nonfunctional-requirements">functional requirements</a>, which define the desired features, output, or behavior of a system, i.e., what a system does. Where technical requirements are defined from the <i>technical team's</i> perspective, functional requirements are defined from a <i>user's</i> perspective.</p> <p>Business analysts or product owners often compile functional requirements for development teams, project managers, QA teams, and business stakeholders to use. Software architects or tech leads usually compile technical requirements for development and QA teams to use.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f.png"> <img data-src="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f_mobile.png 960w,https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f.png 1280w" alt="A chart listing and detailing three types of project requirements: business, user and functional." height="288" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>Determining business and user requirements represents a prerequisite for setting technical requirements. Functional requirements, a separate discipline, define the desired features, output, or behavior of a system. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <p>For most development projects, it's essential to define both the technical and functional requirements.</p> <p>Though a system may achieve the desired output or behavior even if it doesn't meet technical requirements, it will likely be unusable. For example, a <a href="https://searchsoftwarequality.techtarget.com/definition/program">program</a> might include all the features required to meet user needs (functional requirements) but still not meet reasonable performance goals (technical requirements).</p> <p>On the other hand, if a system does not meet functional requirements, even excellent performance may not offset missed expectations <a name="_Hlk204263101"></a>on the desired output. One example might be a calculator that makes swift calculations but does so incorrectly.</p> <p><i>Further explore the </i><a href="https://www.techtarget.com/searchsoftwarequality/answer/Functional-and-nonfunctional-requirements"><i>difference between functional versus non-functional requirements</i></a><i> in software engineering, with clear examples.</i></p> </section> In software development and systems engineering, technical requirements define what is needed to ensure a desired system function or behavior will work as expected. https://cdn.ttgtmedia.com/visuals/digdeeper/5.jpg https://www.techtarget.com/whatis/definition/technical-requirements Tue, 02 Sep 2025 00:00:00 GMT What is technical requirements? <p>A comprehensive set of requirements is crucial for any software project.</p> <p>Requirements identify the product's business needs and purposes at a high level. They also clarify the features, functionality, behaviors and performance that stakeholders expect.</p> <p>Software requirements are a way to identify and clarify the why, what and how of a business's application. When researched and documented properly, software requirements form a roadmap that leads a development team to build the right product quickly with <a href="https://www.techtarget.com/searchcio/feature/The-negative-impact-of-technical-debt">minimal costly rework</a>.</p> <p>The actual types of software requirements and documents an IT organization produces for a given project depend on the audience and the maturity of the project. In fact, organizations often draft several requirements documents, each to suit the specific needs of business leaders, project managers and application developers.</p> <p>Let's start with a look at the main types of requirements in software engineering: business requirements, user requirements, and software requirements. Then, explore common <a href="https://www.techtarget.com/searchsoftwarequality/tip/A-guide-to-software-design-documentation-and-specifications">types of software requirements documentation</a>, as well as tried-and-true characteristics for defining requirements.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f.png"> <img data-src="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f_mobile.png 960w,https://www.techtarget.com/rms/onlineImages/software_quality-types_software_requirements-f.png 1280w" alt="An image depicting the different types of software requirements." height="288" width="559"> <figcaption> <i class="icon pictures" data-icon="z"></i>A software project includes business, user and software requirements. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> <section class="section main-article-chapter" data-menu-title="What are the different types of requirements in software engineering?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>What are the different types of requirements in software engineering?</h2> <p>Teams must outline requirements to meet the needs of business stakeholders and users as well as the more technical features of the software. The three main types of requirements in software engineering are business, user and software.</p> <h3>Business requirements</h3> <p>Business needs drive many software projects. A business requirements document (BRD) outlines measurable project goals for the business, users and other stakeholders. Business analysts, leaders and other project sponsors create the BRD at the start of the project. This document defines the why behind the build. For software development contractors, the BRD also serves as the basis for more detailed document preparation with clients.</p> <p>A BRD is composed of one or more statements. No universally established format exists for BRD statements, but one common approach is to align goals. Write statements that match a project goal to a measurable stakeholder or business goal.</p> <p>The basic format of a BRD statement is<i>, </i>"The [project name] software will [meet a business goal] in order to [realize a business benefit]." An example of a completed BRD statement is,<i> </i>"The laser marking software will allow the manufacturing floor to mark text and images on stainless steel components using a suitable laser beam in order to save money in chemical etching and disposal costs."</p> <p>For this example, the purpose of the proposed software project is to operate an industrial laser marking system to mark stainless steel product parts, which is an alternative to costly and environmentally dangerous chemicals.</p> <p>Business goals and benefits can be varied and sometimes interchangeable. Common business goals and benefits can include the following:</p> <ul class="default-list"> <li>Achieve a specific technical outcome, such as implementing a new technology.</li> <li>Achieve a specific logistical outcome, such as faster time-to-market.</li> <li>Increase market share or revenue, which facilitates business growth.</li> <li><a href="https://www.techtarget.com/searchcustomerexperience/tip/Customer-experience-strategy-tips-to-build-a-valuable-CX">Improve customer experience</a>, satisfaction or relationships.</li> <li>Strengthen business continuance, security or compliance postures.</li> <li>Increase business productivity or efficiency, such as automating manual processes.</li> <li>Build the business's brand.</li> <li>Manage or reduce costs.</li> <li>Increase website traffic.</li> <li>Increase social media presence.</li> </ul> <p>Organizations <a href="https://www.techtarget.com/searchsoftwarequality/answer/Does-Agile-use-business-requirements-documents">prepare a BRD</a> as a foundation for subsequent, more detailed requirements documents. Ensure that the BRD reflects a complete set of practical and measurable goals as well as meets customer expectations.</p> <p>Finally, the BRD should be a living document. Evaluate any future requirements, updates or <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-to-tame-ever-changing-requirements-in-software-development">changes to the project</a> against the BRD to ensure that the organization's goals are still met.</p> <h3>User requirements</h3> <p>User requirements reflect the specific needs or expectations of the software's customers. Organizations sometimes incorporate these requirements into a BRD, but an application that poses extensive user functionality or complex UI issues might justify a separate document specific to the needs of the intended user. User requirements, much like user stories, highlight the ways in which customers interact with software.</p> <p>There is no universally accepted standard for user requirements statements, but this is one common format:<i> </i>"The [user type] shall [interact with the software] in order to [meet a business goal or achieve a result]."</p> <p>A user requirement in that mold for the industrial laser marking software example looks like:<i> </i>"The production floor manager shall be able to upload new marking files as needed in order to maintain a current and complete library of laser marking images for production use."</p> <p>There might be many user requirements for any software project, each reflecting an expectation, goal or user story. In most cases, user requirements are high-level goals that <a href="https://www.techtarget.com/searchsoftwarequality/answer/What-is-the-difference-between-a-user-story-and-use-case-in-software-testing">reflect what the software should be able to do</a>. They typically avoid any technical details related to how they accomplish the goals. User requirements frequently form the foundation for specific software requirements.</p> <h3>Software requirements</h3> <p>After the BRD outlines the business goals and benefits of a project, the team should devise a software requirements specification (<a href="https://www.techtarget.com/searchsoftwarequality/definition/software-requirements-specification">SRS</a>) that identifies the specific features, functions, nonfunctional requirements and requisite use cases for the software. Essentially, the SRS details what the software will do. It expands upon or translates the BRD and user requirements into features and functions that developers can understand and implement.</p> <p>Software requirements typically break down into functional requirements, nonfunctional requirements (NFRs) and domain requirements.</p> <p><b>Functional requirements.</b> Functional requirements are statements or goals that teams use to define system behavior. Functional requirements define what a software system must or must not do. They are typically expressed as responses -- interactions or outputs -- generated in response to inputs or conditions. Common functional requirements include data input, data access, user authentication, alerting and reporting, online payments and integrations with other software.</p> <p>A functional requirement can express an if/then relationship, as in the following example:<i> </i>"If an alarm is received from a sensor, the system will report the alarm and halt until the alarm is acknowledged and cleared."</p> <p>Functional requirements might detail specific types of data inputs or operational constraints such as names, addresses, dimensions and distances. These requirements often include an array of calculations vital to the software working correctly.</p> <p>Functional requirements are <a href="https://www.techtarget.com/searchsoftwarequality/tip/Common-functional-testing-types-explained-with-examples">relatively straightforward to test</a> because they define how the system behaves. A test fails when the system does not function as expected.</p> <p><b>NFRs.</b> Nonfunctional requirements relate to software usability. Nonfunctional software requirements define how the system must operate or perform. A system can meet its functional requirements and fail to meet its nonfunctional requirements.</p> <p>NFRs define the software's characteristics and expected user experience (UX). They cover the following:</p> <ul class="default-list"> <li><b>Performance.</b> This measures how quickly the software should respond or render an output.</li> <li><b>Usability.</b> The level of difficulty that users experience in understanding or using a UI or software system.</li> <li><b>Scalability.</b> The software's ability to handle more simultaneous users or transactions.</li> <li><b>Security.</b> The ways in which the software safeguards processing and data against loss or theft.</li> <li><b>Maintainability.</b> The ability of the software to be patched or upgraded over time.</li> <li><b>Compatibility.</b> Compatibility involves the hardware, OS and other platform requirements for the software.</li> <li><b>Portability.</b> The ability of the software to operate on different systems or platforms.</li> </ul> <p>An example nonfunctional requirement related to performance and UX could be, "The pages of this web portal must load within 0.5 seconds."</p> <p><b>Domain requirements.</b> Domain requirements are expectations related to a particular type of software, purpose or industry vertical. Domain requirements <a href="https://www.techtarget.com/searchsoftwarequality/answer/Functional-and-nonfunctional-requirements">can be functional or nonfunctional</a>. The common factor for domain requirements is that they meet established standards or widely accepted feature sets for that category of software project.</p> <p>Domain requirements can vary wildly but typically arise in military, medical and financial industry sectors. An example of a domain requirement for software in medical equipment is,<i> "</i>The software must be developed in accordance with IEC 60601 regarding the basic safety and performance for medical electrical equipment."</p> <p>Another example of a domain requirement for the financial industry is, "The software should adhere to current <a href="https://www.techtarget.com/whatis/definition/GAAP-generally-accepted-accounting-principlestemp">Generally Accepted Accounting Principles</a> standards for financial accounting and reporting."</p> <p>Software can be functional and usable but not acceptable for production because it fails to meet domain requirements.</p> </section> <section class="section main-article-chapter" data-menu-title="Examples of requirements in software documentation"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Examples of requirements in software documentation</h2> <p>An SRS often describes the software as a series of individual functional modules. In the laser marking software example, an SRS could define the following modules:</p> <ul class="default-list"> <li>The interface that translates marking image files into control signals for the laser beam.</li> <li>A UI that enables an operator to log in, select products from a library and start or stop marking cycles.</li> <li>A test mode to calibrate the system.</li> </ul> <p>There are some industry standards for an SRS, such as <a target="_blank" href="https://standards.ieee.org/standard/29148-2018.html" rel="noopener">ISO/IEC/IEEE 29148:2018</a>, but organizations can still use a different preferred format for SRS statements. One common approach is,<i> </i>"The [feature or function] shall [do something based on user inputs and provide corresponding outputs]."</p> <p>A few software requirements related to the laser marking system example might include the following:</p> <ul class="default-list"> <li>"The laser marking operation shall translate AutoCAD-type vector graphics files into laser on/off control signals as well as X and Y mirror control signals used to operate the laser system."</li> <li>"The software provides visual feedback to the operator, who shall be able to track the current state of the marking cycle overlaid on a graphic product image displayed on a nearby monitor in real time."</li> </ul> <p>In addition to functional requirements, an SRS often includes nonfunctional requirements that identify attributes of the system or the operational environment. These influence key system design decisions regarding usability, security, availability, capacity, reliability and compliance. They dictate development decisions and design requirements for the software, like password change frequency, data protection settings and login details.</p> <p>A systems analyst or product manager typically <a href="https://www.techtarget.com/searchsoftwarequality/tip/Document-software-requirements-now-avoid-a-mess-later">puts together an SRS</a> in collaboration with relevant stakeholders, such as the developer staff and business leaders. Ideally, every requirement delineated in an SRS should correspond with the business objectives that a BRD outlines. For third-party software contractors, the completed SRS provides the basis for cost estimation and contract compliance.</p> <p>While the SRS typically includes functional and nonfunctional requirements, some organizations might differentiate between an SRS and a functional requirements specification. In these cases, the FRS serves as a separate document and delves into the how of a software product. An FRS often stipulates all of the fields and user interactions throughout the entire software product.</p> <figure class="main-article-image full-col" data-img-fullsize="https://www.techtarget.com/rms/onlineimages/whatis-functional_specification-f.png"> <img data-src="https://www.techtarget.com/rms/onlineimages/whatis-functional_specification-f_mobile.png" class="lazy" data-srcset="https://www.techtarget.com/rms/onlineimages/whatis-functional_specification-f_mobile.png 960w,https://www.techtarget.com/rms/onlineimages/whatis-functional_specification-f.png 1280w" alt="Image outlining instructions for writing a functional specifications document." height="374" width="560"> <figcaption> <i class="icon pictures" data-icon="z"></i>How to outline functional specifications. </figcaption> <div class="main-article-image-enlarge"> <i class="icon" data-icon="w"></i> </div> </figure> </section> <section class="section main-article-chapter" data-menu-title="Characteristics of good software requirements"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Characteristics of good software requirements</h2> <p>All types of software requirements require significant prep work and elicitation from stakeholders as part of the product development process. Additionally, such efforts force organizations to think about why they undertake a project, what the software product should provide and how it will accomplish the desired goals. Requirements documents are a foundation upon which teams conceive, propose, budget and implement a software development project.</p> <blockquote class="main-article-pullquote"> <div class="main-article-pullquote-inner"> <figure> When researched and documented properly, software requirements form a roadmap that leads a development team to build the right product quickly and with minimal costly rework. </figure> <i class="icon" data-icon="z"></i> </div> </blockquote> <p>Consequently, requirements can have a profound impact on software development and business outcomes for months or even years. Prudent consideration and intellectual investment up front can improve software quality and business outcomes dramatically.</p> <p>Teams should ensure software requirements embody the following eight characteristics.</p> <p><b>Clear and understandable</b>. Software requirements must provide the utmost clarity. <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-to-write-and-structure-worthwhile-SRS-documentation">Write requirements</a> in plain language, free of domain-specific terms and jargon. Clear and concise statements make requirements documents easy to evaluate for subsequent characteristics during analysis and review.</p> <p><b>Correct and complete</b>. The document should accurately detail all requirements. If it's a BRD, the document should detail all business goals and benefits. If it's an SRS, it should describe all features and functionality expected from the system. Use an easily readable format and go back to finish any to-be-determined entries. It rarely falls on one person to deliver a correct and complete software requirements document. Involve all relevant parties -- business leaders, project managers, development staff, customers, and even users -- in careful and ongoing requirements collaboration.</p> <p><b>Consistent, not redundant</b>. Software requirements documents are often long and divided into multiple parts, each with specific requirements. Consistent requirements have no conflicts, such as differences in time, distance or terminology. For example, the difference between server and system might confuse some team members, so use only one to refer to the physical machine in the data center running the software. Only state a requirement once; don't duplicate it. Redundant requirements often lead to errors if the team changes or updates an iteration and the manager forgets to change or update repeated entries elsewhere in the document.</p> <p><b>Unambiguous</b>. No software requirement can leave room for interpretation. Even clear statements can still be subject to multiple interpretations, which leads to implementation oversights. For example, it might be clear to require that a function, such as a mathematical process, should be performed on a temperature measurement. But a requirement must specify the temperature measurement as degrees in Fahrenheit, Celsius or Kelvin. Phrase each statement so that there is only one possible interpretation. Collaboration and peer reviews ensure unambiguous requirements documentation.</p> <p><b>Design agnostic</b>. Software requirements documents should illustrate a result. Like an <a href="https://www.techtarget.com/searchapparchitecture/infographic/Serverless-architecture-diagram-shows-a-new-side-of-server-side">architectural diagram</a>, the different types of requirements together detail what the development team should build and why but rarely explain how. Empower developers to select from various design options during the implementation phase of the software project. Don't stipulate specific implementation details unless they're necessary to satisfy business goals. A business might, for example, prohibit developers from using open-source components in a project, as the approach conflicts with its ability to sell or license the finished project.</p> <p><b>Measurable and testable</b>. The goal of a requirements document is to provide a roadmap for implementation. Eventually, teams must evaluate a completed project to determine whether the effort is successful -- for this, they must be able to objectively measure statements. For example, a requirement such as "must start quickly" is not measurable. Instead, use a quantifiable requirement such as "must initialize and be ready to accept network traffic within five seconds." This characteristic is particularly important for software subcontractors' work as unmeasurable statements can lead to cycles of costly rework. Prepare a software requirements document with testing in mind. Each statement should enable the team to <a href="https://www.techtarget.com/searchsoftwarequality/tip/How-to-write-test-cases-one-component-at-a-time">create test plans and test cases</a> that validate the completed build.</p> <p><b>Traceable</b>. It's hard to know when developers are done with a software project. Ideally, there is a direct connection between requirements documents and finished code. A project manager should be able to follow the provenance of a project from a requirement to a design element to a code segment and even to a test case or protocol. When a requirement does not trace to the finished code, the development team might not implement it, and the project could be incomplete. Code that is present without a corresponding requirement might be superfluous or even malicious. Conversely, when a project manager sees all requirements reflected in the finished code and it passes testing, the project is complete.</p> <p><b>Managed document.</b> Most software design documents are living and evolving entities that can change over time, sometimes frequently, through collaboration and review. Organizations often opt to manage design documents through an annotated version control system, which is similar to the system that manages the software versions in development. Version management helps ensure that every developer and project stakeholder is referring to the same document version for discussion and implementation. Version updates are generally circulated to the project team on a regular basis and made available through team sharing and collaboration tools.</p> <p><i>Stephen J. Bigelow, senior technology editor at Informa TechTarget, has more than 20 years of technical writing experience in the PC and technology industry.</i></p> </section> Requirements fall into three categories: business, user and software. See examples of each one, as well as what constitutes functional and nonfunctional software requirements. https://cdn.ttgtmedia.com/rms/onlineimages/check_g1255870711.jpg https://www.techtarget.com/searchsoftwarequality/answer/What-are-requirements-types Tue, 02 Sep 2025 00:00:00 GMT What are the types of requirements in software engineering? Search Software Quality Resources and Information from TechTarget 60 webmaster@techtarget.com