Beyond the basics

Specialised Testing

You have mastered the fundamentals. Now it is time to specialise.

Seven deep-dive disciplines that every senior tester and test lead should understand. Real NZ examples, enterprise context, and the tools employers actually ask for in interviews.

This section covers

NZ Gov (AoG) Standards Performance Testing Security Testing Privacy Testing Accessibility Testing API Testing Usability Testing Compatibility Testing Mobile Testing Chaos Testing Test with AI

Who this is for

Senior testers, automation engineers, test leads, and anyone interviewing for NZ enterprise or government roles. These are the skills that separate good testers from indispensable ones.

Pick your specialisation

Eleven disciplines. Zero fluff.

01

NZ Gov (AoG) Standards

The differentiator. Web Accessibility Standard 1.2 (WCAG 2.2 AA), Web Usability 1.4, Digital Service Design, NZISM — taught in an AI-assisted context.

Cited at: every NZ government interview

 02

Performance Testing

Load, stress, scalability, and soak testing. Learn how systems behave under pressure — and how to prove it with numbers.

Tools: JMeter, Gatling, k6, LoadRunner

 03

Security Testing

Find vulnerabilities before attackers do. SQL injection, XSS, auth flaws, NZISM controls, plus hands-on labs (Juice Shop, DVWA, PortSwigger).

Tools: OWASP ZAP, Burp Suite, Kali, SQLMap

 04

Privacy Testing

Test for NZ Privacy Act 2020 compliance: the 13 IPPs, IPP 3A indirect-collection notices (May 2026), data minimisation, PIAs, breach detection.

Focus: OPC, PIA, IPP checks

 05

Accessibility Testing

WCAG compliance, screen reader testing, keyboard navigation, colour contrast. Make software work for everyone in Aotearoa.

Tools: axe, WAVE, Lighthouse, NVDA

 06

API Testing

Test REST, GraphQL, and SOAP interfaces independently of the UI. Faster, more stable, and essential for microservices.

Tools: Postman, REST Assured, Karate

 07

Usability Testing

Evaluate ease of use with real users. Sessions, surveys, heatmaps, and A/B testing. Turn intuition into evidence.

Methods: moderated sessions, SUS, heuristic eval

 08

Compatibility Testing

Browser, OS, device, and backward compatibility. Ensure your product works everywhere your users actually are.

Tools: BrowserStack, Sauce Labs, VMs

 09

Mobile Application Testing

Device fragmentation, gestures, battery, offline mode, interruptions, app store compliance, NZ carriers and EMAs. iOS and Android deep-dive.

Tools: Appium, Espresso, XCUITest, Detox

 10

Chaos Testing

Break production on purpose, in controlled conditions. Principles of Chaos, game days, blast radius, steady-state metrics.

Tools: Chaos Monkey, Gremlin, Litmus, AWS FIS, Toxiproxy

 11

Test with AI

Use generative AI to supercharge test analysis, design, regression, and triage. Prompt engineering, risk management, and live LLM exercises — mapped to ISTQB CT-GenAI.

Coming soon · ISTQB CT-GenAI
How to use this section

Each topic is designed as a self-contained deep-dive. You do not need to complete them in order — jump to the one that matches your current role, interview prep, or curiosity.

Every topic follows the same proven structure:

  1. The Hook — A real NZ story that shows why this matters
  2. The Rule — The core principle in one sentence
  3. The Analogy — A memorable comparison you can use in interviews
  4. Watch Me Do It — Worked examples with actual tools and data
  5. When to Use It — Practical decision framework
  6. Common Mistakes — What goes wrong and how to avoid it
  7. Now You Try — Interactive exercises with model answers
  8. Self-Check — Interview-style questions to test your knowledge

Tip: Many NZ employers now list one or more of these as "highly desirable" in job ads. Performance and security testing are particularly sought after in banking, government, and SaaS roles.