Give your testers a break! Discover how our test automation solution can help your business.

We believe automation should deliver not only better applications, but also be cost-effective and get your new products and features to market quicker. Why not pick our brains about how we do this for our customers?

We Help You Maximise Profits By Shipping Bug-Free & Secure Software

If your goal is to transform digital software delivery from a cost-centre to a profit maximiser,
we have the solutions to help you.

  • IT Strategy Consulting

    Get your journey optimised with digital transformation plans, testing strategy development and application architecture reviews.
    Learn More

  • Software Testing

    Proven software testing services & test automation tools to help you ship bug-free apps while slashing your testing time & saving up to 55% in the process.
    Learn More

  • Penetration Testing Services

    Web app & mobile app penetration testing services & vulnerability assessments to help you sell more, protect your business & sleep easier.
    Learn More

Let's Talk

Application Delivery Solutions For Digital Programs

  • Today's businesses & consumers interact with your app across multiple devices, so why should your testing be restricted to only a few?

    A robust testing program caters for functional, performance & security testing across all relevant devices. Does your testing program do this?

    Learn More

  • The entire premise of continuous delivery is speed and accuracy in execution. Both of these elements cannot be achieved using traditional testing tools and techniques.

    The Qsome Technology Platform is built to improve quality at speed. The combination of technology and bespoke services allows you to achieve your continuous delivery goals.

    Learn More

  • Today's users take mere seconds to judge an app's user experience. You should give them every reason to rate your app highly.

    Additionally, the speed at which app updates need to be released requires a serious quality program that inlcudes automated testing.

    Learn More

  • Performance optimisation is a dynamic exercise that requires multiple iterations. Its importance is magnified in a digital context where users expect, rather than desire, responsiveness.

    The Qsome Technology Platform allows users to execute load tests using functional test scripts. No extra investment is needed.

    Learn More

  • We have developed proprietary algorithms that enable more relevant test management & enhanced coverage & oversight of the most at-risk processes.

    Our custom-developed dashboard gives your team a conscise and updated view of the riskiest processes & the outcome of their recent test results.

    Learn More

  • Making sense of data is one of today's greatest challenges and potentially a very lucrative opportunities.

    Our ability to conduct intensive data-driven testing at speed will help verify that your Hive SQL queries are behaving as intended.

    Learn More

Some Of Our Software Testing Customers

Enter Break Wrapper Title Here

Enter Text Here

Tell Us How We Can Help You



+61 3 7001 1430


1300 28 44 92

Waterman Business Centre, Suite 86, Level 2, U/L 40, 1341 Dandenong Road, Chadstone, VIC 3148, Australia


+91 9845 00 86 96

201, Green Glen Layout, Bellandur, Bangalore - 560103

United Kingdom

+44 20 3769 2460

Suite 2, Block 2, Portman Mansions, Chiltern Street, London W1U6NR

Latest From The Audacix Blog

Monday, 25 May 2020

Are you looking for ways to optimise your eCommerce site for organic search?

Let’s be honest - ranking your online shopping store on the first page of Google's organic search results is key to long term success. 

Getting organic traffic to your site is not that easy. But once you get it, it will give you plenty of benefits. At times, the success and failure of a business are even determined by the site’s SEO performance.

Shoppers these days do not buy a product without conducting an online search. Forrester Consulting estimates that 71% of shoppers’ shopping journey begins by using a search engine to find out new products and services. And 74% of shoppers utilise a search engine to research, compare, purchase, and transaction purposes.

By ranking high in search engines, you can gain instant visibility and additional traffic. Research has found that 39.34% of traffic and clicks go to the first three positions in Google. 

And that is not all! Organic traffic from search engines fetches the highest revenue at 38%, beating all other digital marketing channels.

So, to help you optimise your eCommerce site for organic search, here are some essential steps you can follow.

Optimise your keywords

One of the obvious ways to allow your customers to find your eCommerce store through
organic search is to create the right keywords on your pages and blog posts. It will ensure that
your site ranks high in SERPs.

Make sure that your keywords are relevant. Also, consider, search volume, and ranking difficulty.

Understanding your buyer’s persona, interests, and pain points in relation to your products can help you come up with relevant keywords.

And why not visit niche forums and observe what topics are discussed among your possible buyers and how they talk about it?

eCommerce stores also use long-tail keywords for category, subcategory, and product pages. Though they might not earn much traffic as unique searches, the aggregate of these small unique searches across your whole eCommerce store will add up.

Remember, studies have shown that long-tail keywords convert at 36% on average.

Create unique product descriptions

Ever since Google released its Panda algorithm to promote relevant, high-quality, and unique
content, it has become the primary concern of many website owners. Google penalises duplicate content scraped from other pages.

To boost organic search traffic, find out content on your product pages that have duplicated copy and rewrite them.

And if your descriptions are well-written, Google might show your product for relevant searches.

Knowing your audiences’ persona, focusing on the benefits of the products, telling a story, using natural language & tone, using power words that sell are some of the tips to follow while creating your content.

For instance, in the example below, an apparent description of the Himalayan Salt Lamp product is given.

Image Source: Referral Candy

Serve your pages using HTTPS & configure your HTTP security headers

In one survey, it was found that 91% of browsers have come across a security alert. And when they see these security alerts, 43.5% of browsers abandon the site.

Installing an SSL certificate can help solve this issue. Not only does an SSL certificate provide encryption, but it gains customer’s trust by displaying a secured padlock, an HTTPS-enabled browser, and a trust seal.

For eCommerce sites, an EV SSL certificate is recommended. An EV SSL certificate can provide a superior level of assurance for your clients as it displays your verified company name and details in all major browsers once you click on a padlock in a browser. It indicates the customers that it is secure to carry out transactions on your site.

But that's not enough, because hackers can still attack your eCommerce site even if it serves all pages over HTTPS. You should ensure that HTTP security headers are properly configured - you can check them on this free HTTP header and ecommerce vulnerability scanning tool.

If your store does over $100k in annual revenue then you should seriously consider investing in eCommerce penetration testing services too. This will help you be certain that you don't suffer the cyber security fate of this eCommerce giant

Boost your site speed

In July 2018, Google announced that page speed will be a ranking factor in Google’s mobile search results. Moreover, your site’s speed can impact the user experience.

In one survey, 70% of shoppers said that site speed impacts their buying decisions. And the one-second delay in loading a page can lead to a 7% drop in conversions. 

On average, a page should not take more than four seconds to load. The faster, the better.

Moreover, it’s essential that you monitor the bounce rate, loading time, and time on the website to determine the health of your site speed.  

Following SEO best practices like enabling compression, minifying CSS, JavaScript, and HTML, reducing redirects, improving server response time, and optimising images are some ways to increase your site speed.

Optimise your eCommerce site for viewing on mobile devices

Statista reports that 52.2% of the traffic was from the mobile phone in 2019. 

Image Source: Broadband Search

A mobile-friendly site will show up higher in search results and visitors are five times more likely to abandon your site if it is not mobile-friendly.

Here are some of the essential things you can do to optimise your ecommerce store for mobile:
  • Test your site for responsiveness using Google’s mobile-friendly tool
  • Use responsive themes
  • Choose a reliable host
  • Improve your site’s loading speed
  • Redesign your pop-ups for mobile devices
  • Enable Accelerated Mobile Pages (AMP)

Present user reviews for every product

More than 90% of buyers read online reviews before making a purchase decision. Asking your customers to leave product reviews on your site is thus a great idea.

Source: G2 Crowd

Customers are looking to engage with reviews. Moreover, it is a great way to gather free, unique content without doing extra work. 

Just ensure to get as many reviews as possible from verified buyers. It is said that buyers are more likely to buy a product after reading verified buyer reviews over unidentified reviews. 

And don’t worry too much about some negative reviews as it also shows that your site is genuine in displaying real reviews. This helps build credibility for your eCommerce store in users' minds.

Before you begin optimising your eCommerce store to rank higher on Google search results...

...Note that implementing only one or two strategies is not going to yield positive results. You will have to experiment and see what works best for your site, but be consistent in your efforts.

Focus on providing a good user experience because this, when allied with optimising your keywords, will give you the fastest and most sustained long term results.

You can also start a blog or do guest blogging to increase organic traffic. But if you are doing that, ensure that you are coming up with superior quality content that will inform and engage your readers. Otherwise, it will be just a waste of your time and resources.

If you need help with cyber security aspects of your ecommerce store, reach out to our friendly team who also speak your language.

By: Anonymous

Thursday, 26 March 2020

If you are running Oracle ERP applications without any test automation to help your teams, your headaches get bigger with every passing quarter. Oracle releases a few hundred critical patches for its suite of ERP products including JD Edwards, EBS, Sebel and others.

Applying, and even not applying, a patch to your Oracle EBS system has associated costs.

What is the cost of not applying patches to Oracle EBS systems?

Most Oracle EBS patches include bug fixes that have been commonly reported across all of Oracle's EBS customers. On the odd occasion Oracle will release a feature in its patches with which it tries to nudge its customers towards adopting something new that it is trying to roll out.

In this day and age, the most important reason to apply Oracle patches in a timely manner is to close newly discovered and exploitable security vulnerabilities that were shipped with a previous patch or within the core EBS system.

By not applying EBS patches, you are playing chicken with hackers who are eager to exploit your EBS system's security vulnerabilities. Especially when you consider that 64% of IT decision makers have reported that their ERP systems have been breached between 2017 and 2019.

The cost of this is difficult to quantify, because it depends of the size of your organisation and the importance of the records that your EBS system houses. But if your organisation is running Oracle EBS then it's fair to assume that it's at least a mid-sized company and so minimum loss projections of $50,000 per working hour appear be a fair estimate.

Remember, the above figure isn't just because of downtime due to security breaches. That figure relates to ANY downtime, including those caused by functional bugs that render your EBS system unusable.

So are you prepared to lose $50,000 per hour just because you didn't apply the EBS patches that Oracle released for your system?

Why are Oracle EBS patches not applied immediately by organisations?

The most commonly cited reason for not apply EBS patches comes down to the maintenance cost of ensuring that everything in your EBS system is working as expected after it has been patched. This is a very real concern, especially for EBS systems that have been heavily customised over the years.

If you are not up-to-date with your EBS patch schedule then you might identify with these common reasons for why organisations don't apply their EBS patches in a timely manner.
  • EBS customisations have not followed the Oracle standards and so will need to modified after a patch is applied.
  • Migrating customisations across environments can be time consuming and error prone, especially if the point above is true.
  • EBS 12.2.x runs on WebLogic and you may not have the sufficient WebLogic expertise on your team.
  • Production-outage time associated with an upgrade cannot be mitigated because of a lack of sufficient test and pre-prod environments.
Oracle EBS maintenance costs usually blow out in organisations that have not invested in enough automation. If you read the reasons above and found yourself nodding your head, then then the following 3 tricks to minimising the cost of EBS maintenance and patching could revolutionise the standard of functionality and user experience that you provide to your end-users.

Trick 1: Invest in end-to-end Oracle EBS test automation

Most IT decisions are heavily influenced by the price tag. Many organisations that run EBS but don't have test automation for it cite the exorbitant cost of EBS testing tools like OATS and UFT. Those tools are undoubtedly expensive to buy, expensive to run and it is expensive to find the right skills to operate them.

Thankfully, there are a couple of modern automated software testing tools that make test automation for Oracle EBS systems a lot easier and quicker to implement. Most importantly, our Qsome test automation tool even solves the stumbling block of automating tests for Oracle Forms and its various other Java Applet-based features.

The key to selecting the right automated software testing tool for EBS is to ensure that you don't have to host the testing infrastructure. Maintaining the infrastructure for EBS testing tools can often be as expensive over time as buying the testing tool's licenses in the first place.

Trick 2: Select on Oracle EBS test automation tool that can test cross-application workflows

You'll agree that your Oracle EBS system no longer operates in a vacuum - it collects data from and feeds data to other digital applications that are used by your company's customers, employees and vendors. That's why your EBS testing team needs the ability to automate true "end-to-end" tests.

The key to building cross-application automated tests is ensuring that a each test model where necessary, using multiple scripts (ideally 1 per user interface), can simulate a real user workflow. Most Oracle EBS testing tools can test a function within EBS. Very few can actually help you comprehensively test a real user journey that traverses EBS and other interfacing digital applications.

The Qsome Oracle EBS test automation tool is one of those few testing tools that provides this functionality "out-of-the-box." The best part is that Qsome is a cloud-based, continuous testing tool that has a specific Computer Vision based framework for EBS testing.

The reason you want to be able to regression test cross-application workflows is simple: when one application in your environment is changed, there is a good chance not only that its own features are broken, but also that connectivity with other applications is also affected.

If your EBS testing tool is only able to test EBS, then you have to bring in another tool that can test interlinked workflows. It should be obvious that this situation adds complexity. Where complexity rises, so do costs. If for no other reason than this, you need a testing tool that allows you to automate testing for all types of applications in your environment.

Trick 3: Incorporate your EBS releases into your DevOps pipeline

The longer you separate your EBS delivery from delivery of your other applications, the more your software testing costs will spiral. Spiralling testing costs are the reason you came here in the first place and are probably also the reason that you are delaying implementing recommended EBS patches. So you are able to get two birds with one stone when you implement this trick.

The best automated software testing tools have the necessary functionality to plug into DevOps pipelines. Automating your EBS deployments will undoubtedly take some work and investment up front, especially if your organisation is starting from scratch. However, if you take this step as an IT decision-maker you will eventually make your IT budget go further and improve functionality and user experience for your end-users.

If you want to see how a purpose-built EBS testing tool could work in your environment and for a free trial, schedule your demo today.

By: Ayush Trivedi

Tuesday, 24 March 2020

Another day, another hack!

Nutribullet, the blender and easy blended smoothie company, was hacked and their ecommerce online shopping store was injected with malicious code not once, not twice, but three times in the last 30 days! The malicious code helped hackers literally swipe away the credit cards numbers of Nutribullet customers.

Application security is seldom considered during the ideation phase unless the development team has previously been hacked and survived to tell the tale. But it's also true that it's never too late to secure your ecommerce store.

In fact, smart and fast-growing ecommerce stores who outperform their peers usually share this common trait: they consistently grow sales and build their brand by turning their security standards into a key differentiator and selling point.

E-commerce sales hitting trillions of dollars alone in 2019 makes it a very lucrative market for malicious hackers group like Magecart whose sole purpose is to steal credit card information.

Why should ecommerce & online shopping stores worry about application security?

Simply put, it helps to avoid massive costs to your business when you do get hacked AND it helps your customers trust you more. We both know what increased customer trust means for our businesses, right?

To put that in perspective, here are some staggering numbers for you from IBM.
  • The average total cost of a data breach is $3.9 million global & $8.2 million in the United States.
  • Time to identify and contain a breach is 279 days!
  • Cost per lost record is $150.
If hacked, a single data breach event could potentially put your business under and can result in many ghastly outcomes for you:
  • Your business will have a hard time bouncing back up
  • Customers leave because of breach of trust
  • Loss of revenue
  • Brand reputation takes a hit
  • Spending more on AppSec and marketing 
  • PR and legal costs go up
Your probability of being severely disrupted when you're hacked goes down significantly if you follow the following tips. You will be able to conduct many of these activities within your current team. For some you will need an AppSec and penetration testing partner like Audacix.

The primary reason you should consider an external AppSec partner is that your development team needs to focus on your ecommerce product. Your developers will save a lot of time (and therefore save you money) if they're helped with targeted recommendations that help them fix your security vulnerabilities as they are found.

So how can your ecommerce or online shopping store avoid being hacked?

Tip 1: Conduct a thorough cybersecurity risk assessment

Has your business done this in the last 2 years? Cybersecurity risk assessment is a good way to know your current position and where you want to be in terms of security. It's like trying to have a fit body, it's important to measure body stats before starting out and determine what your end goal is.

A cybersecurity risk assessment is about understanding, managing, controlling and mitigating cybersecurity across your organization. It is a crucial part of any organisation's risk management strategy and data protection efforts.

Tip 2: Create a cyber incident response plan & practice it

An idiot with a plan can beat a genius without a plan.
Warren Buffet
Think of your cyber incident response team like a team of firemen. They know how to put out a fire when there is one, and they know how to help you build the safeguards that help you minimise the chances of a fire happening altogether.

What is your plan if you get hit by a virus or malware? What will you do if it's a DDoS attack disrupting your operations by overloading your web server?

You should be armed with the right tools and processes to deal with these scenarios quickly. You should practice it periodically within your organisation like a fire drill to stay updated and not panic when under a cyber attack.

Tip 3: Educate your software team about how and where you're likely to be attacked

Developers build beautiful, fast, functional apps but they're generally not aware about shortcomings of an app from security's point of view. Educating your team of developers to fortify the areas where you're most likely to get attacked is a logical solution.

We offer your developers a training portal as part of all our AppSec and penetration testing subscriptions. This training will help your devs build at least foundational knowledge of how how to build secure applications and make them more security-self-sufficient developers in the process.

Tip 4: Lock down your HTTP security headers to make it hard for hackers

The easiest and quickest way to check how many of these seven HTTP headers your web application uses adequately is by using the HTTP header analysis service. Simply enter your web app’s login page and in less than 2 seconds you will be will have a complete analysis of the HTTP headers that are already configured properly, and those that need more work.

The best part is that Cyber Chief’s recommendations spell out in detail where your developers can configure these HTTP headers in your application. It will also explain what directives and keywords should be used maximise the security that each HTTP header can offer.

There are usually zero compelling reasons to pay hundreds or even thousands of dollars fancy SSL certificates from brand-name SSL certificate vendors. A free SSL certificate from services like LetsEncrypt or Cloudflare will be more than adequate for most cloud applications.

Tip 5: Strengthen your password policy & implement two-factor-authentication (2FA)

Are you using a password named after your favourite quote, philosopher, celebrity, kid's birthdate?
You can go check online the strength of your password. These services calculate how long will it take for a hacker to steal it.

Remember, DO NOT enter your real password in these services. Also, there are a number of password lists publicly available like this, if the admin passwords to your ecommerce store are on that list, change them now.

Your business is as safe as your password, you need to implement robust password policies which contains a combination of numbers, special characters, alphabets and must be longer than 8 characters.

2FA allows you a second line of the defence in the event that your team and/or customers click phishing emails and are tricked into giving up their login credentials. In short, 2FA makes your business more robust and secure by minimising the extent of a breach when a hacker does get past your defences.

There are 2FA apps like Google Authenticator, which can be installed on your mobile phone. It has a unique code which changes every minute making life difficult for a hacker.

Audacix is also a RSA partner and our AppSec team can recommend the most appropriate 2FA systems depending on whether you want an open-source solution or something that's more enterprise-grade.

Tip 6: Encrypt stored data and data in transit, especially customer data

If you want to protect your digital assets and customers' data, it must be encrypted. This is a non-negotiable for all ecommerce businesses.

Data like login credentials of a user, credit card details, other sensitive information must be encrypted using TLS when in transit i.e exchange of data between two locations. The drives where you store your data should also be encrypted using strong protocols.

Don't make the same mistake Facebook did, it stored millions of Instagram users' passwords in plain text format. Your development process needs to pick up when something like this happens and alert the right people to fix it.

Tip 7: Conduct thorough grey-box penetration testing

Are you working super hard to grow your ecommerce store every single day? Well so are the hackers trying to break into your online store! Penetration testing means getting into the shoes of malicious hackers and trying to figure out how to bypass all the security defences without alerting anyone.

Conducting grey-box penetration tests provides an outsider perspective on your security and exposes your weaknesses before real hackers do.

An external AppSec partner like Audacix does exactly that plus has an on-demand vulnerability scanner for you and your team with monthly AppSec subscription plans.

Tip 8: Build security into your ecommerce app development cycle

Integrating the best security practices in your app development cycle helps you ensure that your developers are not leaving open big, wide windows for hackers to exploit your vulnerabilities.

Some of our ecommerce AppSec and penetration testing clients have noticed hacking attempts within minutes of pushing new code to production.

No app is perfect, not even relatively simple ecommerce applications built on Magento, Drupal, Joomla or Shopify Plus. So you'll agree that it is common sense and makes utter financial sense to build processes into your development cycle that help to pick up at least the most obvious vulnerabilities.

Mammoth ecommerce stores like Amazon might be able to survive these attacks but can your ecommerce store do the same? If your instant answer is NOT Yes, let's have a quick chat to discuss your needs.
By: Yash Srivastava

Saturday, 21 March 2020

While the world is in panic mode and as we all get used to working from home regularly its important to remember that things will get better.

When we're busy helping our teams, our customers, our neighbours, our families, it's easy to lose sight of the fact we also need to position our SaaS businesses to come out of this period stronger and ready to pounce on the opportunities that will present themselves.

Harvard Business Review (HBR) studied business performance after the 2007 recession in the US. They found that only 9% of businesses outperformed their pre-recession financial performance 3 years after the recession ended.

Post-recession winners aren’t the usual suspects. Firms that cut costs faster and deeper than rivals don’t necessarily flourish. They have the lowest probability — 21% — of pulling ahead of the competition when times get better.
Roaring Out Of Recession, Harvard Business Review, 2010
I think you'll agree that the key here is not necessarily to make the right decisions, ostensibly because making the right decisions implies that we know exactly what we are dealing with here and for how long, which we do not. But as Dr Harriet Lerner says, “we should not let fear lead us into isolation or stop us from acting with clarity, compassion and courage. Terrible things happen, but it is still possible to move forward with love and hope.”

So if you are with me so far, you now have two options in front of you:
  1. You can look at those numbers and worry about whether that will happen to you; or
  2. You can galvanise your team and plan for how you're going to be best placed to grab new opportunities in a rebounding market.
If you chose number 2, welcome to the club. This is what we're doing to not only be empathetic and compassionate during this pandemic, but also to position our SaaS business for growth.

1. Washing our hands with soap

You have probably heard this a lot recently, but it is literally a life saver. I realised that most of us have probably never been taught how to wash our hands properly and systematically.

Medical professionals go through many hours of training on this aspect of hygiene alone. So we can all do worse than to learn from them and learn the process they use.

2. Getting exercise into your bodies

Personal trainers aren't an option. Gyms are probably closed or at least not the most desirable places in this climate. So why not try fresh air exercise by walking or running on the road or in a park (as long as social distance is maintained, of course)?

For those of us who need professional help to exercise, there are number of options that are free for us to try during this pandemic.

Depending on where you live and the public spaces that are available to you, it might be a great time to take advantage of the drop in the number of cars on the road and enjoy the cleaner, fresh air outside.

3. Focus on sleeping better

The current level of media and politician-driven panic is not healthy. As our collective anxiety levels rise, our sleep quality deteriorates. Not only is poor sleep bad for our general health but good sleep has been proven to enhance our memory and cognitive function.

Clearly, we're going to need both if we're going to position our businesses for post-recession growth.

Regular exercise has been proven to improve sleep, but it might also help to encourage your teams to watch a little less of the TV news and read turn off the instant Coronavirus alerts that pop up on their phones. Doing this will help to reduce anxiety and hopefully also divert their minds to more productive topics, while benefiting their sleep patterns too.

As an aside, studies show that good sleep also helps our bodies effectively utilise the full benefits of vaccines. This will be important when the vaccine for COVID-19 is finally released. Until then, no harm in practising good sleep, right?

4. Eat healthy and regularly

Just like sportspeople feed off the energy of crowds in the stadiums, us office-going types feed off the energy of our colleagues. This energy is hard to find when we're all working from home.

Because energy can be both positive and negative, it's super important to maximise our intake of the right variety. If we're exercising and sleeping better then that's almost half the battle won.

Adding healthy food at regular intervals every day to this mix is a sureshot recipe for greater work-from-home productivity and better mental health.

In this age of empty supermarkets and panic buying I make it a point to ask my team at every morning huddle about whether they have enough food. Because if a supermarket is empty in their area, it might not be in mine and what better way to help someone than to deliver a care package.

5. Develop a daily virtual huddles schedule that everyone attends

Messenger systems like Slack and MS Teams may have revolutionised the way we communicate with our teams, but they are not enough in such strange and disconcerting times. We all need and cherish a human connection. So if we can't achieve this physically, then we should the phone or video conferencing substitutes.

I've found that it's good to start these meetings with a general well-being "check-in." Just a couple of sentences or questions can sometimes be enough to get a sense that they're not alone. That we're all in this together.

6. Survey your team to find out how they are really doing

Some of our team members prefer anonymous or written feedback as opposed to that given in a "public" forum like a daily virtual huddle. Such opinions are important in helping us as business leaders reflect on and fine tune our strategies.

Plus, by using a service like that provided by Best Employee Surveys you can use the information gathered to benchmark your team's attitudes and performance throughout this period and beyond. Just think about how valuable this data might be when your SaaS business is growing exponentially after the bounce and your HR team is trying to measure the value of all the team engagement ideas that you implemented during the pandemic.

A simple Google Forms or Typeform survey would also suffice as free alternatives here. The key, however, is to get your questions right - is this worth paying for?

7. Talk to your customers and let them influence your product roadmap

Sounds obvious right, but how often do we actually do it? I, for one, don't do it nearly enough when things are going well.

But if you are a B2B SaaS company, when you're checking in with your customers to make sure they're well, why not use the opportunity to gather some fresh intel about what they actually need?

In fact, MckInsey found that B2B companies who "care about open and honest dialogue with customers and society" are perceived by buyers as having greater brand strength.

Isn't this reason enough to get on the phone?

8. Lock down your application security

There are unfortunate elements among us who will try and exploit any lapse in our concentration when it comes to AppSec. These hackers pray on SaaS companies who put their app security in the "too hard" or "we'll do it later" baskets. Why? Because such companies leave open doors that hackers love waltzing in through.

Already during this pandemic, we've seen increased attack attempts on our clients' environments. Health SaaS companies in particular are under severe strain because of the nature of data they hold.

Here’s a quick list of must-do AppSec tasks that every SaaS team can implement and will cost you no extra to implement:
  1. Apply all patches and updates to any open source modules or libraries used in your SaaS app.
  2. Check for and close any ports that shouldn’t be open after each release.
  3. Ensure directory permissions are not set to 777 for all folders.
  4. Ensure your app’s HTTP security headers are appropriately configured – they can use the free Cyber Chief service to give them clear, actionable instructions.
  5. Repeat the above steps for all your environments – dev, test, pre-prod, staging, prod, etc.
If you are interested in a done-for-you AppSec subscription that provides on-demand application security, full penetration testing, all while making your developers more security-self-sufficient, then talk to my team about our web app AppSec plans.

9. Think about where you need to cut costs and also where you need to invest

HBR found that the businesses who prosper after recessions are not the ones that only cut costs or over-invest in growth. It seems a more balanced or "progressive" approach is required. HBR defines a progressive company as one which:
Progressive companies stay closely connected to customer needs—a powerful filter through which to make investment decisions.
Roaring Out Of Recession, Harvard Business Review, 2010
Rather than cutting costs by firing employees, progressive companies find savings through improving efficiencies and productivity. They use these savings to "judiciously increase spending on R&D and marketing, which may produce only modest benefits during the recession, but adds substantially to sales and profits afterward."

In SaaS terms you have to figure out whether everything you're doing right now is going to contribute to your future growth. How can you best position your SaaS company to capitalise on proven purchasing decision making factors like these?

What tools are you giving your sales team to answer your prospects' questions that they may never ask you, but still judge your product based on their perceptions alone? Are you missing really obvious cost sources that are bleeding you money and driving away prospects and existing customers?

10. Concentrate on something other than the Coronavirus

My favourite sports teams have stopped playing. Our favourite out-of-home excursion options might be in lock-down. The only thing the news channels are reporting is COVID-19 doom and economic gloom. In this environment, it's easy to fall into the trap of endlessly thinking and talking about the pandemic.

As a business leader I believe it's my responsibility to give my teams a chance to focus on something else. So how about stopping all Coronavirus talk in meetings after your virtual daily huddle is done? How about sharing upbeat Spotify playlists with your entire team so they can listen to something other than negative media channels throughout their day?

Remember that for maybe for the first time in human history, we are actually all in this together. Connect with me on LinkedIn to let me know how these ideas worked for your team or even if you’ve got some more ideas to expand this list.
By: Ayush Trivedi