London software testing news UK

QA testing and security

Posted in Automated testing,security testing,Software testing,testing tool by testing in London on December 17, 2008

From InformIT

Involving QA in software security is non-trivial… Even the “simple” black box Web testing tools are too hard to use.

In order to scale to address the sheer magnitude of the software security problem we’ve created for ourselves, the QA department has to be part of the solution. The challenge is to get QA to understand security and the all-important attackers’ perspective. One sneaky trick to solving this problem is to encapsulate the attackers’ perspective in automated tools that can be used by QA. What we learned is that even today’s Web application testing tools (badness-ometers of the first order) remain too difficult to use for testers who spend most of their time verifying functional requirements. QA is involved in software security in many real software security programs, but in all successful cases, QA is staffed by software engineers.

Web testing services

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: