Category: Security

How do you Manage Security Risks in Open Source?

Open source is at the heart of almost every application. If you have ever developed a new application from scratch, the chance is very high that you’ve also built this on open source. In this post, I will outline risks related to open source and give you a mitigation approach.

Advertisements

Quick Start Guide for Security Tests

Software testers are sometimes unable to cope with the verification of security requirements because of their very technical nature. In this post, I will give you some guidance and orientation which you can use right away for your application security testing activities.

Quick Start Guide for Secure Software Development

Software development does not always follow a well-structured process. Some companies tend to give developers more flexibility than others, which often results in critical vulnerabilities and high rework activities. Therefore, independent whether your projects follow agile or waterfall development principles, you shall apply some basic secure software development principles to avoid security loopholes.

Why we need a Next Generation Technical Testing Platform

Our testing toolchain is quite impressive. Some are very specific, and others support a broad range of technologies and testing activities. However, when it comes to technical testing, more specifically, automated and performance testing there are still gaps. In this post, I will outline this cleft.

Increase your Secure Software Development Maturity

Software development is often an unguided missile. Coding standards are seldom in place and developers decide what framework and libraries they will use for implementation of their applications.

However, there are …

Things you don’t want to hear about Development of Secure Software

Two of three security breaches account to vulnerable applications. Cyber criminals use your weak business applications to get access to confidential data without beeing detected.

Application Security Antipatterns

Cybercrime is on the rise and in 3 of 4 security breaches, hackers target vulnerable applications instead of the backend infrastructures. However, this trend is surprising because the risk reduction is quite simple.

NFR Testing should not be an afterthought

Our world is moving quickly and therefore, short time to market is more important than ever before. Everyone who is working in the software testing business is constantly challenged with reduction of testing time and shorter release sprints

Why you should start with Application Security Testing

There are different ways to ensure confidentiality, integrity and availability of your business-critical information. Some of them result in high costs but don’t protect your sensitive information;

Why you should combine Performance and Security Testing

Short turnaround cycles are more important than ever before.

New business requirements must be implemented within weeks to address upcoming trends and maximize return on investment quickly. While development time for such fast-line projects can hardly be shortened, test duration is typically reduced to the absolute minimum.