Curiosity Software Ireland

Enterprise Test Data

Deliver quality software at speed and avoid compliance risks, with an all-in-one test data platform. Enterprise Test Data helps solve your test data challenges, from compliance risks and skyrocketing storage costs, to provisioning bottlenecks and software bugs. Solutions include data generation, masking, subsetting, and virtualisation – all available on demand.

Features

• Comprehensive activities for producing quality and compliant test data.
• Profiling and Discovery – Identify sensitive data and data structures.
• Synthetic Data Generation – Create realistic, fictitious data for development.
• Data masking – Remove potentially sensitive information from non-production data.
• Data subsetting – Create smaller, referentially intact data sets.
• Data virtualisation - create parallel, affordable environments in seconds.
• Self-service data provisioning for testers, developers, and CI/CD tools.
• Data cloning – Create multiple isolated data sets in parallel.
• Model-based data generation designs consistent data “journeys” through systems.
• Data comparisons, visualisation, versioning, master data management and more.

Benefits

• Save test and development time, with accurate data on demand.
• Minimise bug creation and remediation, testing with richer test data.
• Reduce compliance risks, removing sensitive data from non-production environments.
• Reduce infrastructure costs, testing with smaller and virtualised data sets.
• Shorten software release cycles, with parallel data available on demand.
• Parallel teams no longer hunt, wait or compete for data.
• Test with every positive and negative scenario, assuring software quality.
• Avoid test failures caused by data clashes and invalid combinations.
• Save infrastructure and operations time, making data activities reusable.
• Find bugs earlier and at less cost to fix.

£100,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Michelle.Cox@Curiosity.Software. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

315548915496266

Contact

Michelle Cox
+44 7786 324244
Michelle.Cox@Curiosity.Software

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: Service availability and maintenance requires the retention of software licensing, a Service Level Agreement, and End User License Agreement (EULA). Only authorised users may access and use the software.; ; During the recommended "Private Cloud" installation, maintenance is completed by the client, or by Curiosity as a service. There are typically minimal or no maintenance windows/downtime, as an image auto-upgrades the software when applied. The client is solely responsible for ensuring that their systems meet the hardware, software, and any other specified requirements for installing and using the software. ; ; Additional constraints will be agreed in a Service Level Agreement and EULA.
• System requirements:
  • A 64-bit Linux machine, fulfilling Docker or Podman requirements.
  • A 64-bit Windows machine (Windows 2013 Enterprise/10 Pro minimum).
  • Minimum i5 (Windows), i3 (Linux) and 4 vCPUs (Linux).
  • Both machines: 80GB hard-drive space and 16GB RAM minimum.
  • Linux: Port 80 open, 9092 (inbound), 80/443 for HTTPs/HTTPs.
  • Windows: 8080 (outbound), ports for extra servers, SSL, databases.
  • Windows: Excel, .Net Framework 4.8 Runtime and Java 8.
  • Windows Server 2013 Enterprise / 10 Pro (64-bit Edition).
  • Linux: Docker, Docker compose, and an unzipping utility.
  • Google Chrome is the recommended browser for users.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email and ticket support is provided for as long as a valid Service License Agreement is in place. Typically agreed support hours are Monday-Friday 9:00 A.M. to 5:00 P.M. (GMT). Under most agreements, emails received outside of this are collected and actioned on the next working today.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support level is agreed upfront in a Service Level Agreement (SLA). Each contract will assign a named account manager who can provide first point of contact, as well as details for telephone, email and web meeting support where agreed.; ; Support depends on the retention of a valid SLA. An SLA will typically include all forms of support listed under “User Support”, with the addition of web meetings available upon request. These web meetings provide remote assistance and are arranged following the receipt of an initial support email.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Curiosity offer an Adoption Assurance Program, during which strategic and technical support is provided by a dedicated Customer Success Manager and Technical Support Manager. The adoption program provides support and proactive problem-solving, working to deliver consistent momentum during implementation and adoption. A typical training plan combines instructor-led training and support sessions with on demand and self-paced training. The goal is to build on your teams’ core competencies, working towards self-sufficiency in Enterprise Test Data. On demand and remote training are also typically used to maximise the value of time spent with Curiosity's experts during instructor-led training. To enable self-paced and on demand learning, Curiosity additionally maintains a written Knowledge Base and video training courses, alongside a library of out-of-the-box examples to help new users get started.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Demo videos and playlists
  • Online tutorials and self-paced courses.
• End-of-contract data extraction: Upon the termination of the Service, all data created by Enterprise Test Data into target databases, files or applications remains accessible in these databases, files and applications. That data can be worked with as normal, including using any third-party tooling that supports it. Organisations can also continue using certain processes set up to consume that data, for example accessing data from test automation frameworks.
• End-of-contract process: Upon the end-of-contract, the product licenses and Service Level Agreement cease at the end of the ongoing billing cycle. Ongoing product maintenance and user support (as set out in “User Support”) also cease at the end of the billing cycle. ; ; There is no prorating of unused time in the last billing cycle.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Enterprise Test Data features a service layer which can be integrated with by third party tools and custom components. All functionality is accessible via a Swagger-documented REST API for authenticated and authorized users within the system. Users set up the service and make changes through the API using standard REST API Calls, facilitated by API Access Tokens. There are no limitations in set up or changes made through the API. All shipped APIs are further expressed in VIP.
• Accessibility standards: None or don’t know
• Description of accessibility: All functionality is accessible via a Swagger-documented REST API for authenticated, authorized and licensed users within the system. Users set up the service and make changes through the API using standard REST API Calls, facilitated by API Access Tokens, and can additionally call the API using the tool's User Interface (UI). There are no limitations in set up or changes made through the API. All shipped APIs are further expressed in VIP, Curiosity's own workflow automation software.
• Accessibility testing: The service has not yet been tested with users of assistive technology.
• API: Yes
• What users can and can't do using the API: All functionality is accessible via the API for authenticated, authorized and licensed users within the system. Users set up the service and make changes through the API using standard REST API Calls, facilitated by API Access Tokens. There are no limitations in set up or changes made through the API.; ; Shipped APIs are further expressed in VIP, Curiosity’s automation workflow engine. Using VIP rapidly assembles new integrations and connectors, dragging-and-dropping visual “widgets”. VIP can further be used to create bespoke automation and customised test data processes.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users can build custom connectors using APIs or Curiosity’s workflow automation engine, VIP. VIP provides a standardised methodology for building integrations, using a visual designer to create connectors. VIP can additionally be used to customise Enterprise Test Data’s comprehensive test data ”activities”, editing the visual workflows that run them.; ; A Swagger-documented API further enables customisation. All functionality is accessible via the API for authenticated and authorized users. Users set up the service and make changes through the API using standard REST API Calls, facilitated by API Access Tokens. The API is also expressed in VIP and accessible within the platform’s User Interface (UI).; ; Every test data activity is likewise configurable using this wizard-based UI. You can combine, customise and add functions when configuring test data jobs. Jobs are additionally combinable in visual models that pass parameters from one job to another.; ; Lastly, users can incorporate homegrown code and procedures. This includes adding code into workflows and models that provision data, as well as in Enterprise Test Data's self-service test data portal. The majority of code can moreover be added as test data activities in VIP. Users can thereby include code in Enterprise Test Data’s activities, using VIP as the SDK.

Scaling

• Independence of resources: The recommended, ”private cloud” installation deploys the software on machines in your network, or on machines hosted by cloud providers of your choice. The service is therefore easily scalable, provisioning more resources/infrastructure to meet demand. Enterprise Test Data is furthermore optimised for performance and scalability. It leverages load balancing, multi-threading, a jobs ”hopper” and parallel processing. It can can additionally be deployed in containers, using Docker or a scalable platform like Kubernetes, allowing sharding and horizontal scalability to maintain performance.

Analytics

• Service usage metrics: Yes
• Metrics types: A central portal reports on activity by different users and groups. Logs are generated whenever a test data job is executed, while an audit trail displays all previously submitted jobs. Information includes the date, time, user ID, description and status of the job, as well as the volumes of data and actions performed. Administrators can filter jobs in the Admin GUI, while logs can additionally be stored as files or published to external systems. Logs and activity trails are further created for user activity like log-ins, changes to access rights, and the creation or modification of artifacts in the tool.
• Reporting types:
  • API access
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Enterprise Test Data is designed to be an open and extensible technology, capable of exporting data using a range of techniques:; 1. Via APIs, message layers and message queues;; 2. Via application front-ends, for instance using automation to create data;; 3. Going direct to databases;; 4. Via files;; 5. Via an x3270 emulator;; 6. Via CI/CD tooling like Jenkins, Bamboo, and TeamCity;; 7. Using VIP, Curiosity’s automated workflow engine;; 8. Using native cloud connectors and security layers.; ; VIP further provides a standardised, drag-and-drop methodology for creating and customising exporters for different types of technology.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF
  • JSON
  • XML
  • YAML
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • PDF
  • JSON
  • XML
  • YAML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Enterprise Test Data is typically installed within the client’s network and/or the infrastructure of the client's chosen cloud provider. Availability is controlled by the client or the cloud provider.
• Approach to resilience: Enterprise Test Data is typically installed within the client’s network and/or the infrastructure of the client's chosen cloud provider. Availability is controlled by the client or the cloud provider.
• Outage reporting: Enterprise Test Data sits within the client’s network and/or the infrastructure of the cloud provider. Availability is controlled by the client or the cloud provider. The tool provides a reporting mechanism, and a Swagger-documented REST API. This allows tracking and monitoring of user activitiy and the execution of jobs. The information can be published to external systems, allowing monitoring and reporting of any potential outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Enterprise Test Data's authentication system allows the assignment of roles with assigned custom permissions. Admin, Editor and Reader are roles which define the access roles and restrictions on viewing/editing certain assets.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Curiosity are Cyber Essentials certified.
• Information security policies and processes: This information is only available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Enterprise Test Data typically sits in the network of the client and/or the infrastructure of the client's chosen cloud provider. Configuration and change management is the responsibility of the client or the supplier. ; ; During development, the tool undergoes end-to-end regression, user acceptance and performance testing, while code is scanned using security software and penetration testing is performed. Each release is maintained and supported by the vendor for a two-year period from initial release. At the end of this period, releases are end-of-life and no longer supported. All data and integrations are automatically migrated between each release of the software.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Undisclosed
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Undisclosed
• Incident management type: Undisclosed
• Incident management approach: This information is only available on request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  In accord with the social values outlined in PPN 06/20, Enterprise Test Data can help increase supply chain resilience and capacity in several ways:; ; 1. Enterprise Test Data strives to enable the delivery of ”innovative and disruptive technologies”, at less cost to the organisation and with greater overall software quality. This is achieved via a range of time- and cost-saving benefits across the Software Delivery Lifecycle (SDLC), which are listed in the section, "Service Features and Benefits".; ; 2. Enterprise Test Data additionally supports "the development of scalable and future-proofed new methods to modernise delivery and increase productivity." The range of time, cost and quality benefits listed under "Service Features and Benefits" help to accelerate and optimise software delivery, while unlocking additional productivity gains by enabling software modernisation. Enterprise Test Data additionally strengthens future proofing, as it allows organisations to adopt the latest technologies and techniques. Organisations can migrate and merge technologies, leveraging the data needed for robust testing and development. This supports organisations as they transition between best of breed tools and techniques. ; ; 3. Enterprise Test Data's data masking and synthetic data generation capabilities further help to "identify and manage cyber security risks in the delivery of the contract including in the supply chain." Masking and generation help to minimise the spread of potentially sensitive data across testing and development environments, reducing the associated risk of a data breach.

Pricing

• Price: £100,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Trial licenses are available for an agreed period of time, at Curiosity's discretion. To discuss a trial, please book a consultation using the URL included here. Trial licenses cover a combination of test data management utilities or components, as determined by initial scoping of the trial goals and desired outcomes.
• Link to free trial: https://www.curiositysoftware.ie/meetings/talk-to-curiosity/enterprise-test-data

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Michelle.Cox@Curiosity.Software. Tell them what format you need. It will help if you say what assistive technology you use.