April 26, 2007

Testing for security

I was moderating a panel tonight at OSEF about Security Testing - we had people from Kynaxis, Cognos, and Entrust It's great to hear from top notch companies how they do things. Their insight into best practices and the mistakes they have done area great way to fast track smaller firms into doing things right from the get go. The key take aways
  • build security in - not bolted on - it's a myth that security slows things down if you build it in.
  • training - document best practices, train your QA to ask the right questions about what they will be testing, understand the risk level of the module, so that they spend their limited time on the riskier parts.
  • Awarness - security is not only for developers and qa - it's for every one in the organization, it's like an onion, their are many layers to it


Betty W. Schumaker said...

It looks nice to see all the preparations of entering in the New Year as well as to say goodbye to winters and admission essay writing service reviews provides excellent task. “Mark Wesgate” is the best sales representative in Canada and he’s very attentive blogger too. so I really enjoyed reading the article and it makes me feel relaxed.

Anonymous said...

We connect the unobvious and think outside the same to bring your thing to the reach of more minds. how do you get free robux on roblox