Security
Articles
The Case for Ethics in Software Testing Analyzing a software project's ethical ramifications is as much a part of testing as analyzing a program for likely failures. As a tester and a philosopher, Rick Scott asks you to consider what ethical responsibilities testers have and to reflect on what a tester's code of ethics might look like. |
||
Software Security: Managing the Attack Surface We are a gadget-loving society and we love our gadgets to do fun things that keep us entertained or go above and beyond basic functionality. When it comes to our technological wonders, we are attracted by the "cool factor." As Bryan Sullivan notes in this article, unfortuntately those bells and whistles come with a price that must be paid for the sake of security. |
||
More Free Security Tools Times are tough, but people who want to break your software aren't relaxing and neither should you. In this column, Bryan Sullivan takes a look at some free security tools that can help you to protect your software without breaking the bank. |
||
Security Testing: What Fresh Hell Is This? Testing an application or code for security vulnerabilities is downright difficult—sometimes almost impossible. That is why Linda Hayes, a QA expert, is always searching for new tools that can help her test like a security expert. Linda discusses some of the challenges developers, QA analysts, and testers face when trying to ensure that software is secure. She also offers some solutions that simplify security testing. |
||
Changing the QA Mindset for Rich Internet Applications Today's Rich Internet Applications (RIAs) bear about as much resemblance to the early Web sites of the 1990s as today's cars bear to a Model T. While the principle may be the same, the underlying technology is radically different. While safety testing for automobiles has improved significantly in the past hundred years, though, Web-application testing remains stuck in a 1990s mindset. In this week's column, Bryan Sullivan explains that QA must change its testing approach in order to maintain the security of the code. |
||
Security Starts with Requirements Secure software development begins with explicitly addressing security in software requirements. In this week's column, Jason Schmitt explains how security requirements should set expectations of development, which enables quality assurance to plan for and conduct more effective security testing. |
Jason Schmitt
February 13, 2007 |
|
Locking Down Wireless Organizations are feeling the heat regarding application security. Gone are the days when security breaches could be pushed aside or dealt with behind closed doors. Since the beginning of 2005, several security breaches have made front-page news. While it is unclear how many can be blamed on insecure technology, it is obvious that security is quickly becoming an area of great concern. |
Brad Arkin
July 19, 2006 |
|
Reducing Your Cost of Quality How high is your cost of quality? The answer might surprise you. Yes, it includes reviews, the QA infrastructure, and preparing tests. Those are your appraisal costs. But how high are your failure Cost (the cost of defects)?
|
Alan S. Koch
November 30, 2005 |
|
Object Reuse Within the Enterprise: A Report From the Field Code reuse and especially object reuse is not a new topic. Software professionals have been talking about reuse for decades, but somehow true reuse still eludes virtually every organization engaged in software development. Scanning through the literature on reuse one can find plenty of articles on the benefits of reuse and even quite a few sources on object oriented design principles that best lead to reuse. What is missing, are success stories and practical advice on how to make reuse a reality within your organization. That’s where this article differs. |
Maciej Zawadzki
November 30, 2005 |
|
Security Exercise Challenges Many, Stumps Some Security Innovations is hosting a security tester challenge at several conferences this year. Conference delegates at the recent STAREAST 2004 and RSA events lined up to take a shot at finding the security flaws in a sample Web site built expressly for the challenge. Who won, what was the prize, and where will this challenge be next? Read Pamela Young's review of Security Innovations Security Challenge to find out. |
Pam Young
July 23, 2004 |
Pages
Recommended Web Seminars
On Demand | Building Confidence in Your Automation |
On Demand | Leveraging Open Source Tools for DevSecOps |
On Demand | Five Reasons Why Agile Isn't Working |
On Demand | Building a Stellar Team |
On Demand | Agile Transformation Best Practices |