In addition to the new testing suites and solutions companies introduced this past year, we saw the testing industry as a whole recognize that in order to keep up with the pace of agile, their own testing processes need to be in check, especially if they want to stay on track with this new way of working.

The testing in production movement shifted its focus beyond just development; now it’s more about bringing performance and load testing into the picture. Companies should realize testing in production is easy to add and hard to mess up, according to Antony Edwards, CTO of TestPlant. In 2017, software teams should consider the load they put on their servers, the variants that need to be tested, and the right tests that are needed in general.

Testing in production takes effort, and so does software automation, which the industry has seen take over in terms of testing strategies. Businesses are moving to faster releases, and time to market has changed. Last year, testing was all about automation, and while manual testing is still relevant in an agile environment, developers are incorporating more automating tests with “test early, test often,” the oft-spoken mantra.

Testing shouldn’t stop your agility, so companies are going to have to get used to digitized businesses, where software is the business. Get your teams “test-infected,” as Eric Taylor, director of agile software delivery for AgileTrailblazers, said, and devise a plan where the process goes from business to development to quality assurance. Teams need to change their mindset and realize that testing should be first, as opposed to something that’s just added at the end of the process, he said. That strong feedback loop and strong communication between the business, development and QA is the key to testing success.

This new mindset should be coupled with testing automation. Companies should consider getting started with automation by first figuring out their needs. Automation is not a one-size-fits-all solution.

For instance, one company might be better off with an open-source solution, whereas an off-the-shelf suite could be better for another. Rogue Wave product manager Walter Capitani said that new tools have contributed to the evolution of software testing, but “The reality is any modern software that is being developed should have some form of automated testing.” If a company is not doing any sort of automation, they are really behind the times.

Companies are seeing the value of testing early and often, but there were still too many vulnerabilities in software security efforts. We saw cybersecurity remained a huge problem in 2016’s world of software testing. Too many companies are relying on bug bounty programs, which only provide a quick fix (and can be expensive), according to a September report released by Veracode.

The same report said 83% of IT decision-makers admitted to releasing code before testing or resolving issues. Chris Wyspoal, CTO and cofounder of Veracode, said that security needs to be a part of the entire software life cycle. The best way to get IT teams to perform adequate security testing is to listen to customers, train developers, and incorporate threat modeling into the design process, he said.