Security

Articles

Building Trust in Blockchain: The Role of Smart Contract Testing Building Trust in Blockchain: The Role of Smart Contract Testing

Smart contracts, the backbone of decentralized applications, hold immense potential for revolutionizing industries. However, their complex nature and irreversible nature necessitate rigorous testing to ensure their reliability and security. This article delves into the essential aspects of smart contract testing, providing insights into best practices, tools, and challenges.
Ekaterina Egorova's picture Ekaterina Egorova
November 18, 2024
Code with Care: Security Testing in Confidentiality-Driven Industries Code with Care: Security Testing in Confidentiality-Driven Industries

For developers in privacy-centric fields, innovation goes hand-in-hand with responsibility. One security breach can shatter trust, expose sensitive data, and result in large mandatory fines. By integrating security testing throughout development, vulnerabilities are caught and addressed early, saving time.
Adam Sandman's picture Adam Sandman
May 3, 2024
SecOps: Streamlining Security with Script Standardization and Automation Sponsored Content—SecOps: Streamlining Security with Script Standardization and Automation

Writing scripts for security tasks can sometimes cause SecOps teams some difficulty. StackSpot AI, an AI assistant for software development, helps by creating scripts faster and more securely. It simplifies script creation for non-developers, automates updates, and helps maintain consistent security configurations across teams. This improves efficiency and reduces errors in security operations.
Gustavo Pinto's picture Gustavo Pinto
March 25, 2024
Benefits of Using Static Code Analysis Tools for Software Testing Benefits of Using Static Code Analysis Tools for Software Testing

Static code analysis tools offer a range of benefits for software testing. By identifying potential issues early on in the development process, these tools can help improve the quality and reliability of software, the codebase’s maintainability, and software security by identifying potential vulnerabilities and security issues.
David Fagbuyiro's picture David Fagbuyiro
March 31, 2023

More

Interviews

Matt Grasberger Prioritizing Security Testing: An Interview with Matt Grasberger
Video

Matt Grasberger, a software consultant with Coveros, talks about how security testing is often put off in the development lifecycle until risks are so embedded that it’s a massive undertaking to fix them. Matt highlights two tools that can be used to automate security testing early in the development lifecycle and gives some resources for requirements that you should have as a baseline for your security testing.
Jennifer Bonine's picture Jennifer Bonine
June 26, 2019
Automated Security Scanning in Your Delivery Pipeline: An Interview with Matt Grasberger
Video

Matt Grasberger, a software consultant at Coveros Inc., discusses shifting left security scans that you can do quickly and easily and the open source tools that are available to utilize early in the application development process to ensure you are not introducing new vulnerabilities.
Jennifer Bonine's picture Jennifer Bonine
August 10, 2018
Jeff Payne Security Testing for Test Professionals: An Interview with Jeff Payne
Video

Jeff Payne, CEO and founder of Coveros Inc., discusses the need for testers to incorporate security testing into development from the beginning. He also details some of the open source and commercial tools available for finding and resolving security problems.
Jennifer Bonine's picture Jennifer Bonine
July 19, 2018
Gene Gotimer Understanding the Role of QA in DevOps: An Interview with Gene Gotimer
Video

Gene Gotimer, senior architect at Coveros Inc., discusses understanding the role of QA in DevOps, DevOps educational tools, trusting your team, and paid and open source security tools.
Jennifer Bonine's picture Jennifer Bonine
July 6, 2018

More

Better Software Magazine Articles

cyber thief What if Someone Steals Your Code?

Bob Zeidman, an expert in software forensics, provides a great overview of how to protect your software from predators. You'll learn the difference between copyrights, trade secrets, and patents.
Bob Zeidman's picture Bob Zeidman
November 11, 2016
Pitfalls of Developing for the IoT

The Internet of Things (IoT) enables amazing software-powered devices designed to make our business and personal lives easier. Lev Lesokhin discusses four fundamental practices you'll need when developing sophisticated software for the IoT.
Lev Lesokhin's picture Lev Lesokhin
July 14, 2016
Your Professional Responsibility for Security and Performance

It is Johanna Rothman's belief that security and performance are no longer nonfunctional requirements in modern-day software development. Instead, we must prepare to accommodate security and performance needs in all projects.
Johanna Rothman's picture Johanna Rothman
April 28, 2016
A Radical View of Software Licensing and Piracy

Software vendors are making extraordinary efforts to protect the installation and use of apps, but have they gone too far? Preventing software piracy can have an adverse effect on genuine users. Software licensing  technology, according to Steve, needs to strike the best balance of protecting the asset while trusting the customer.
Steven Cholerton's picture Steven Cholerton
September 12, 2014

More

Conference Presentations

Agile + DevOps East Rome Wasn't Built in a Day...and Neither is Your DevSecOps
Slideshow

DevSecOps is about more than just the tools—it is an organizational, operational, and strategic transformation. So, as a “thorough or dramatic change in form or appearance” across the three main pillars of an organization, how can we expect a DevSecOps transformation to take place overnight?
Brittany Greenfield
Large-Scale DevSecOps: Bringing Security Confidence to Chaotic Development
Slideshow

Implementing application security (AppSec) programs on a large scale can often seem chaotic and unwieldy. Without the proper knowledge to implement robust AppSec tools, DevSecOps on a large scale can be overwhelming.
Dennis Hurst
Continuous Application Security Testing
Slideshow

Because of its specialized nature, many aspects of application security testing are often assigned to testers from another team or another company, and they may be brought in to perform a point-in-time assessment prior to a release.
Josh Gibbs
QADevSecOps: Leading a Quality-Driven DevOps Transformation
Slideshow

Have you wondered where QA professionals fit into a DevSecOps transformation? Stacy Kirk thinks they should champion the transformation. Regardless of where your company is on its journey to DevSecOps, quality must be at the forefront for optimal effectiveness and customer value. This means promoting feedback loops that use monitoring and reporting tools effectively, and most importantly, it means creating a culture of collaborative communication and continuous improvement. The role of the QADevSecOps practitioner must evolve from ensuring the quality of software to assessing the effectiveness of the company’s security and development processes using retrospectives as the new defect tracking system. Discover how Stacy’s experiences with innovative techniques have infused quality into every aspect of an agile transformation, from development to security to operations.
Stacy Kirk

More

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.