Live Testing Browsers
Would I need to install a software or extension to use LambdaTest virtual machines?
No. You don't need to install any software or extension or plugin or setting configurations of any type. Just need to logon to LambdaTest.com, open the virtual machine through launcher, and start testing. That's the beauty of cloud. It gets you started super quick.
Which operating systems, browsers, and browser versions are you providing for cross browser testing?
There are 1400+ browsers, browser versions, operating systems, devices, and resolutions to choose from. To find out about the complete list of available browsers, checkout this page here.
Are the sessions really running on real browsers or are they just emulators?
All desktop session right now are running on real browsers real operating system and are powered by real machines. Mobile browsers right now are running on emulators. We are working right now to bring real mobile devices as well.
Why are you running windows server edition? It is the same as windows desktop edition?
Microsoft Windows Desktop Editions licences does not support remote access to users. So we use Windows Server editions and implement Desktop experience in it. It has exactly the same experience as Windows desktop editions and they are running Internet Explorers made for desktop editions.
How much time it takes LamdaTest to add new browser version when it's released?
Whenever a new stable browser version is released we usually implement it in our platform within a week. We also test them ourselves first before providing it to customers to make sure that testing experience is optimum for all users.
Are operating systems 32 bit or 64 bit?
Here are the operating systems and browsers running on 32 Bit Operating systems.
- Windows XP: Internet Explorer 8 , Firefox, Chrome, Safari, Opera
- Windows 7: Internet Explorer 8, Firefox, Chrome, Safari, Opera
Here are the operating system and browsers running on 64 Bit operating systems.
- Windows 7: Internet Explorer 10, Firefox, Chrome, Safari, Opera
- Windows 8: Internet Explorer 10, Firefox, Chrome, Safari, Opera
- Windows 10: Internet Explorer 11, Firefox, Chrome, Safari, Opera
Which Rich Internet Applications (RIA) would be pre-installed in the browsers?
All our virtual machines comes with pre-installed latest versions of Adobe Flash, Adobe Shockwave, Adobe Reader, JAVA Runtime Environment, Microsoft Silverlight, and Quicktime.
Would I be able to use keyboard shortcuts like copy paste in remote desktops?
You would have full access to all keyboard shortcuts. For people using same operating systems on both their local computer and virtual machine won't have any problems. However people who are using Mac machines to access Windows VM or Windows machine to access Mac VM, would have to careful about OS specific shortcuts. For example in when working on Mac OS, use Control Key instead of command key for copy pasting.
Would I be able to download and upload files in the remote browser?
Yes you can. You would have full access to download and upload functionalities. You can access Downloads folder through File-> Open file, or Control+O shortcut. Be advised however, each downloaded file will be automatically erased on shutting down the sessions.
Would I be able to change browser settings?
You would have full access to all browsers settings. Be advised however, if you need very specific browser settings, you would have to re-configure browser settings on starting each new session.
What does Scale to Fit feature do?
Your viewport's resolution and the virtual machine resolution may differ. Therefore to avoid unnecessary scrolling, LambdaTest Live automatically scales the viewport to fit your screen's view area. This does not mean that the virtual session is not running on the selected resolution. You can always change this and revert to actual resolution by de-selecting the scale to fit feature.
I am not able to properly hear the sound in the virtual machine. What is happening?
For Chrome and Firefox browsers, you should be able to access audio streaming and therefore should be able to hear sounds properly. For mobile emulators, Internet Explorer, and Safari, we currently dont have support to provide you access to Audio. It's because of the inherent technology involved in these browsers. We are working on a workaround though so let's see.
I want to use non-english keyboards. Is it possible ?
Yes, you have access to many popular non-english and non-US keyboards. You can change the keyboard settings through LambdaTest Live settings. Here are the keyboards that we provide right now.
- US (Default)
- Slovak (QWERTY)
- Swiss French
- Turkish (QWERTY)
How many simultaneous sessions can I start using one account?
In the free plan you can run only one session at a time. Paid plan users can run multiple sessions depending upon their plan. Click here to checkout multiple session plans and their pricings.
It is showing 'Session Limit reached' error even though I am not running a session.
The number of sessions is limited by number of sessions running by a organisation, not by user. Therefore it is entirely possible that you reach out of session limit even if only one or two users are using LambdaTest tool. Co-ordinate with your teammates in this case. If you are sure there is session issue from our end, you can raise a ticket at our support portal here. Don't worry, we have a very fast turnaround time.
What happens when I leave the session idle?
By default, if you leave the Lamdatest Live session idle for 5 minutes, the app will prompt a reminder. If no action is taken then LambdaTest would close the live session. You can change this setting from Live settings options. Checkout this link to understand more about it.
What happens when I switch to another tab in my browser?
Switching tab won't stop or pause the Live session. If left idle for 5 minutes or more, Lambdates will prompt a reminder and if unanswered will close the session.
When you give the machine to somebody else would they be able to access my history and saved passwords?
The moment you close the session, LambdaTest automatically sanitize the whole virtual machine. What that means is that we delete all historical data, downloads, installed extensions, saved passwords, etc. We reset the browsers to factory settings. This automatically logs you out of all pages and auto deletes all data that you may have saved. You would still have access to screenshots and issues you may have generated during the session.
Would i have to reset and re-configure browser settings everytime i create a new session?
Right now yes. Every time you close a session we would reset all settings. We are working on a way to help you change and save a set of customized default browser settings. If your need is critical and changing browser settings in each new session takes a lot of your time, send us a message from here. We will try to find a solution for you.
It is showing that my IP is blocked. Why did this happen? How do i unblock it?
There maybe a number of reasons why this happened which inlcude
- LambdaTest test flagged the IP for excessive spam registrations.
- To prevent our system from spam or security threats
It is showing parallel user limit reached. What does that mean?
LambdaTest test system allows only a limited number of concurrent running sessions per organisation. This limit is defined by the plan that you have subscribed. If you need more concurrent sessions, you can change your plan here, or contact one of our sales executive by leaving a message here.
I found a bug and now I want to take a screenshot of the webpage running on LambdaTest real time browser. How can I do that? Where are they saved?
It's simple. In real time browser, on left side you will find multiple action buttons in the controller. One of them will be a screenshot button with camera icon. Just click that and in no time your screenshot will be recorded. Once recorded, an image editor will pop up where you can edit the screenshot, mark it as a bug and comment about the details. Lastly, you can find them anytime in test logs section of the menu.
How do I report the issue to my team? How can I check the issues created by my organization and team? And can I still report a bug if I am the only one in team?
By going to the issue tracker, you can add your teammates as watchers for the particular issue and you can also assign them the issue by marking them as 'assignee'. Incase the team-mate is not added yet, you will also find an option in the tracker to invite them.
What developer tools come pre-installed in each LambdaTest Live remote session browser?
LambdaTest Live has all major developer debugging tools like Firebug, Web Developer, YSlow etc. For complete list of Developer tools that comes pre-installed with the browsers, checkout this page here.
Can I install any additional tool that I like?
Yes. You have full access to browser extensions and therefore can install any additional tool you like. However that tool be deleted once you close the Live session and you would have to reinstall it again in next session to use. If you are facing any problem around installing a tool on browser, raise an issue in LambdaTest Support portal and we would be glad to help you out.
What resolutions, browsers, operating systems and devices are supported by the LambdaTest Automated Screenshot product?
To know more about browsers os devices and resolutions supported by LambdaTest checkout this page here.
Can I share these screenshots with my team?
Yes. You can share these screenshots with your team. To know more about how you can do it, check out this tutorial guide here.
Is there anyway I can take screenshot of pages behind firewall or authenticated pages?
LambdaTest comes with enterprise level local tunneling features. You can connect your local or production servers with LambdaTest Servers via secure SSH protocols and test your secure pages easily.
What happens when I switch tabs during when screenshots are being generated?
LambdaTest won't stop or pause the screenshot generation process. LambdaTest automatic screenshot tool will generate screenshots and then will wait for your further actions.
On starting Responsive Testing, it is showing "A job is already in progress". What does that mean?
It means that you have either reached the number of concurrent sessions limit or there is some other type of testing session running somewhere in your account. Check all your tabs in all browsers and close any live or automated screenshot session running in them.
Can I also save screenshots generated during Responsive testing?
Yes, you can. To know more about it checkout this guide here.
Briefly describe your security policies.
LambdaTest is a firm believer in secure experience and multifaceted security protocols, to ensure that every aspect including architecture, engineering, testing, and deployment, follows and complies with industry leading standards of security. As first line of defense, LambdaTest application is protected by AWS's firewalls which are tasked with countering regular DDoS attacks and malicious network intrusions. The next line of defense is LambdaTest's own application firewall protocols which are tasked with protecting the application against spam, ill-intent users, and malicious IP. We have also implemented secure user access policies for accessing LambdaTest platform and only users with valid user credentials can access the application. We have also implemented role based access to the application, each role having different access levels.
Whenever a user initiates a test at LambdaTest platform, they are allotted a thoroughly sanitized virtual machine. And as soon as a session ends, all data including cookies, registry, caches, and running processes are deleted and all browser settings are reset to default values. Each virtual machine has to pass a series of automated tests before it is used again. Any machine that fails a test gets redacted from the pool for auditing and manual cleaning. At the time of test only the user has access to machine and not even LambdaTest has access to the user's running test session. All machines have strict security protocols that prohibit any user from installing any external software in the machines.
In our application we have implemented HTTPS by default, and use VNC protocols for secure data transfer. This data is also encrypted to ensure that data is not compromised in-transit.
All our hosting centers are chosen based on their record of established security policies and excellent history. Our selection process is rigorous and we partner with only the best providers across globe that have been certified by major compliance regulators.
All data saved in our application like login credentials, secure access keys, usage logs, test history, and billing details, are stored in an encrypted format.
We have implemented strict 24x7 security protections at our on-premise development centers. Only authorized individuals have access to building and LambdaTest office premises. Our application data is hosted on industry leading hosts like Amazon Web Services, who have been thoroughly tested by multiple third party auditors for security. You can also read more about Amazon Web Service's Security here.
Do you have a disaster recovery (DR) or Business Continuity Plan (BCP) plan? How often is it tested?
All our data is hosted and stored in Amazon Web Services infrastructure, which has multi-level disaster recovery features. We implement all AWS guidelines and protocols on Disaster Management as advised in this document by Here
Do your employees sign/agree to a confidentiality statement?
Yes. All our employees sign confidentiality agreements which extends to user agreements between LambdaTest and Clients. Also, we have strict user role based access to all our customer data therefore, only most important employees have access to only relevant data.
How is your application architected, in particular is there separate between publicly accessible parts of the application from the data storage?
Our application is micros-services based product. Database is restricted from public access. It is only accessible to the application though encrypted authentication based APIs and that also over a secure private network.
Describe your coding, testing, and deployment practices.
We here at LambdaTest follow Agile development methodologies with dedicated teams for automated deployment and testing. We use Jenkins as our preferred Continuous integration platform and use Sonar Cube for automated code quality control. We ensure maximum possible code coverage in our automated tests and each release is passed only before it pass all test scenarios.
Do you perform web application vulnerability testing or intrusion detection?
We periodically tests our applications for vulnerability both through automated and manual means. We perform regular audits of databases to check for irregularities, and our ELK stack implementation gives real-time insights on any possible attacks.
How do you manage access to production systems? Do you have a staff termination/offboarding policy and process? What is it? Do you log and audit performance of this process?
Access to production system is strictly controlled though role based authentication access. No LambdaTest employee has complete access to all data, each having their relevant role based access to data. Each employee has his/her own email based authentication passwords for accessing applications and after termination we revoke their complete access to the application. In addition we maintain automated logs of each database ingress and regularly monitor the logs to find discrepancies.
Do you have an enforced password policy for admin accounts? Do you require MFA for admin accounts?
All user access is password protected. In addition user sign-ups are verified through a two-step verification workflow.
What logging do systems perform? How are logs protected? What encryption is used? Do you have BI systems? Do they hold PII?
At LambdaTest, we maintain a variety of logs such as syslog (system logs), auth (authentication) logs, firewall logs, web server logs, application server logs, database server logs, netflows etc. We have an in-house implementation of ELK stack for logging and business intelligence. Our implementation gathers and consolidates data from all micro-applications into a secure private network. The data is used for product analysis by product team through our custom log processing and BI system. The BI system in turn is secured thorugh a IP based access policy. In addition only authorized LambdaTest employees has access to relevant pieces of data based on their role. All log data is saved in encrypted format private storage volumes that is encrypted usign DM-Crypt disk encryption system.
What is your system patching regime?
We follow SemVer versioning standards and publish hot-fixes and patches as it is required.
Do you have separate production, QA, test, dev environments?
Yes. We have separate Production, Dev, and Test Environments. Each Environment is hosted in separate instances and is secured behind a private network.
Are these systems separated from your corporate network and each other?
All environments are hosted on independent AWS instances. Only Live environment has critical user data. Rest of the environments have dummy or simulated data that covers all use cases.
Do you perform system vulnerability scans and penetration testing?
We perform periodic system vulnerability scans, both automated and manual, using a OpenVAS based solution. We check for all major vulnerabilities and security risks as enlisted in open source databases like https://nvd.nist.gov/.
What type of firewalls/DDoS defense do you use?
Our application is hosted on Amazon Web Services and we follow all DDoS mitigation guidelines detailed by AWS in this documentation paper. We use services such as Amazon Route 53, Amazon CloudFront, Elastic Load Balancing, and AWS WAF to control and absorb traffic, and deflect unwanted requests. We also have a Cisco ASA firewall in place as added security measure. In additon to all this we have put into place custom firewall and security measures based on Fail2Ban intrusion protection framework to prevent brute-force attacks.
How do you monitor your systems and networks?
Yes. We have implemented advanced analytics using Kibana, Kubernetics, and AWS data tools. We monitor all our networks constantly for suspicious activity. We also use Elastic.co's Beats product for shipping data. Beats comes with in-built monitoring and data visualization tools that help in real-time monitoring of application.
Are user passwords stored in manner compliant with NIST Special publication 800-63B Digital Identity Guidelines?
Yes. All user credentials are stored in a manner compliant with all NIST guidelines as defined here
How is user data stored? What encryption is used for data at rest and for data in transit?
All user data is stored as encrypted data in secure AWS storage hosted databases. We use AWS S3 for data storage and have enabled advanced AES256 encryption standards for data-at-rest. For data-in-transit we use VNC and WSS security and encryption protocols.
Can unprotected user data be accessed by your staff? Is this access audited?
All data such as user credentials are secured in encrypted format and no LambdaTest employee can access it, including administrators. User data such as company details, user contact details, test logs, etc. can be accessed by only relevant developers. We have strict user role based data access and only relevant developers have access to parts of user data. This security access is audited every month based on development and testing sprint plans.
How are backups managed? What encryption is used? How are they destroyed when no longer needed?
We use AWS services like AWS S3 to store and take backups of our data. All data stored on AWS instances are stored using advanced AES256 encryption standards. We have implemented versioning and rollback steps to prevent accidental deletion of data. Therefore, any data that is not critically required gets deleted through standard DELETE requests on S3 buckets. We have provisions to delete all historical data on client requests.
Do you operate physical infrastructure? If so what certifications do they hold related to physical security? Can we see the audit/certification reports?
Our application is hosted entirely on third party hosting providers like AWS, Hetzner, etc. All our hosting partners have very high security protocols. For example checkout AWS security protocols here, or Hetzner Security protocols here
What is your incident response process?
We here, at LambdaTest follow a 6 step incident reponse process. The various stages of the response proces are prepration, identification, containment, eradication, recovery, and learning. We use industry leading practices for each step and test our response workflow once a month.
- What are your policies and processes around notification of a security breach?