Testing and devsecops


Establishing testing practices is key to enabling iterative software development. You will be working with your team to ensure that a testing strategy is in place covering the following:

Functional testing

Whether it’s the first release or last release, our products need to be tested end to end. Unit test coverage cannot replace functional testing.

There are many ways to perform end to end functional testing. It falls on the product manager to ensure these are done.

Nonfunctional testing

Validating non-functional aspects such as performance and accessibility compliance should also be accounted for by the product manager in the delivery process.

Usability testing

In the vein of feedback cycles and iterative development, usability testing provides key insight as to a product’s effectiveness.

QA testing

Product teams here seldom have a separate Quality Assurance (QA) team taking the lead on establishing these testing practices and test suites. For smaller products or prototyping engagements the product team should set aside time to perform QA testing before and after each release. For larger products with lots of users, it is important to ensure that a more formal QA process is in place.


Many times our client partners are used to manual deployments that can take up to 6 months or more, and involve creating a great deal of security documentation up front. If we are working on a software build with client partners, it’s important to help them figure out how to enable continuous delivery in their specific context by automating the deployment pipeline all the way through to security compliance and operations (DevSecOps).

TTS’s cloud.gov Platform as a Service (PaaS) automates a great many technical and compliance tasks that most government agencies still perform manually to get software deployed continuously and securely. On top of this platform, TTS also situates products like Federalist, which allow customers to deploy static websites quickly and securely, and U.S. Web Design System (WDS), which enables us to quickly prototype and deploy digital products using a baseline of design patterns. These tools can help partners quickly get up to speed on DevSecOps and more easily manage their deployment pipeline.

Using these tools will also make it easier for our partners to obtain an Authority to Operate (ATO) for the software in a production environment (a requirement for all software in the federal government).

As a product manager, you may be working on these TTS products and platforms, further enhancing and scaling these services, or you may be working with agency partners on products that use them.