UST Global Pvt Ltd

UST QE360 (Automated Testing)

UST’s QE360 AI driven continuous testing platform offers comprehensive capabilities tailored for digital enterprises and technologies, covering end-to-end testing needs. It seamlessly integrates a diverse range of tools, including both open source and commercial solutions. This integration enables multi-layered and multi-type testing throughout the test life cycle, expediting testing activities

Features

• User story validation , Identification of anomalies using AI
• Scriptless and scripted automation with self-healing capability
• Accessibility testing and Digital experience Reports
• Continuous quality monitoring, Analysis of Incidents, user pattern and sentiments
• Autonomous automation,Gen AI crafts test strategies,scenraios , scrpts and data
• Testcase optimizer,Optimize test cases, detect duplicates, visualize functional traceability
• Continuous performance engineering solution to identify client and server performance
• Vulnerability policing,SAST, DAST and User story-based security tests
• Infrastructure as code (IaC) Scanning,find vulnerabilities in infrastructure as code
• Analytics and insights,Centralized dashboard encompassing quality footprint

Benefits

• Reduction in feedback cycle time
• Improve test design productivity
• Faster Automation
• Reduction in test maintenance effort
• Test execution cycle time reduction
• Improve customer experience
• Reduce production issues
• Improve the visibility of quality status
• Reduce testing effort and Cost

£9,033.34 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

391283092313630

Contact

Patrick Marren
07544102103
ukpublicsectorsales@ust.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: None
• System requirements:
  • App Service
  • MSSQL DB Server
  • VM - for storage and deployment
  • VM - for Kubernetes [Master]
  • VM - for Kubernetes [Node]
  • Storage Account

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical (P1) - 1 hour, High (P2) - 4hours, Medium (P3) - 8 hours,Low(P4) - 16 hours. Support for critical issues available post business hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 3 Levels of Support L1, L2 and L3
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will follow structured training approach to make the team self-sufficient Results based training curriculum to upskill the team in 20 hours Detailed usage guide comprising of execution, maintenance & troubleshooting steps Web based trainings to reduce learning time by allowing users to progress at their own pace Special orientation sessions will be conducted when new features are rolled out
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Ms Word
• End-of-contract data extraction: Platform allows the users to export their assets into supported formats
• End-of-contract process: End of contract will be as per the conditions described in the statement of work with each customer. User can export/ download their data at the end of contract

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: No

Scaling

• Independence of resources: By using cloud computing services which allow automatic scaling of resources such as servers and storage etc. Load balancing, Distribute incoming traffic across multiple servers or instances using load balancers. This helps prevent any single server from becoming overwhelmed by the demand and ensures that users are evenly distributed across available resources

Analytics

• Service usage metrics: Yes
• Metrics types: Active Users,Frequency of use,Resource usage,Feature adoption
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Platform allows the users to export their assets into supported formats
• Data export formats: Other
• Other data export formats:
  • Maven Project
  • Ms Excel
• Data import formats: Other
• Other data import formats: Ms Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: We adhere to widely recognized standards for safeguarding personally identifiable information (PII) that is provided to us. Data is securely transmitted via SSL protocols, and when stored, it is safeguarded with appropriate security measures. Passwords are encrypted using industry-standard hashing algorithms
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: We adhere to widely recognized standards for safeguarding personally identifiable information (PII) that is provided to us. Data is securely transmitted via SSL protocols, and when stored, it is safeguarded with appropriate security measures. Passwords are encrypted using industry-standard hashing algorithms

Availability and resilience

• Guaranteed availability: Application is hosted in third party cloud service providers such Google, AWS and Azure. Adhere with the availability aspects of Google cloud
• Approach to resilience: All our services are engineered to utilize the redundant data center infrastructure that powers Google services
• Outage reporting: Through ticketing system and email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: User name and Password
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intertek
• ISO/IEC 27001 accreditation date: 25/09/2023
• What the ISO/IEC 27001 doesn’t cover: The certification includes application development, application management, infrastructure management services, engineering services, business process, outsourcing services, support functions such as human resources, finance, workplace management, sales & marketing, information services, information security management system, covering on-premises and cloud environments within UST.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 22301
  • SOC1 SOC2 type II

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Security Governance standards ISO/IEC 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All the enahancement ,changes , Fixes and and new feature release go thorugh the change control process requiring approval and testing prior to production roll out
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability assessment and penetration testing (VAPT)carried out at regular intervals. VAPT team manages and tracks the vulnerability issues for remediation and closure
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The cloud infrastructure,Network, Server and storage is monitored using in-house monitoring tools and Dashboards. Alerts are monitored by the product support team. For every alert , an incident is logged to the ticketing system and assigns to the respective point of contacts for resolution and closure
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents are autologged via email to the ticketing system /portal. Incident management process involves the below; 1. Auto logging of tickets ; 2. Ticket classification; 3.investigation and diagnosis; 4. Resolution & Testing; 5.Release and closure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Tackling economic inequality

  UST engages in numerous initiatives for tackling economic inequality, these include: ; • Working with local Combined Authorities and training providers to build training courses (focussed on digital skills) for economically disadvantaged citizens. ; • People who engage in these courses can then be hired by UST into full-time roles and begin their career in technology. ; • UST support closing skills gaps in key technology areas e.g. UST have developed a mobile application to support the development of skills in Artificial Intelligence for 3 key user profiles – those looking to start a career in AI, those looking to move into an AI role, and citizens who are interested in AI.; • UST are keen to support local SME’s and can agree with a buyer as to how many local SME’s will be utilised in an engagement. ; • UST invest significant sums into innovation aimed at delivering more productivity at lower cost e.g. we have developed our own Generative AI Testing platform.

  Equal opportunity

  UST engages in numerous initiatives for promoting equal opportunities, these include: ; • Working TechSheCan to enable great access to women within the world of tech careers. UST also invested in building the training platform for TechSheCan.; • UST work with numerous partners to support veterans who want to start a carer in Tech once they have left the military.; • UST are an equal opportunities employer and do not discriminate on the basis of age, sex, gender, disability, or religion. We can share our policies and process for this to support discussions. ; • UST have published a detailed Modern Slavery statement and have processes in place to support this. More details can be found at: https://www.ust.com/content/dam/ust/documents/modern-slavery-statement-2022.pdf; • UST works with local skills development partners to support the development of tech skills amongst numerous societal groups.

  Wellbeing

  • UST have developed a Digital Inclusion Community App to support the development of essential digital skills amongst digital excluded people. This enables citizens to be able to use digital services, from both Public and Private organisations, driving a more integrated digital community.

Pricing

• Price: £9,033.34 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 30 day trial

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.