Home > Ask the Software Quality Experts > Application Security Questions & Answers > Application security careers have bright future
Ask The Software Quality Expert: Questions & Answers
EMAIL THIS

Application security careers have bright future

Dan Cornell EXPERT RESPONSE FROM: Dan Cornell

Pose a Question
Other Software Quality Categories
Meet all Software Quality Experts
Become an Expert for this site


Software quality news and advice
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 09 June 2008
I have recently joined a company and become a trainee in application security, which includes vulnerability assessment, pen testing, reporting and secure coding. Can you please tell me about the future of this career?

>
EXPERT RESPONSE

I think the future of this career field is very solid. Up until this point, security has not been a priority of development teams. With compliance requirements such as PCI DSS and new regulatory requirements from groups such as the OCC, this has changed. Developers who understand secure design and development will become the norm rather than the exception, and getting an early start is always good.

Software security resources:
PCI DSS compliance: Web application firewall or code review?

The most effective time to do security testing

How to address application security from a holistic perspective

In addition, skills such as penetration testing, application assessment and code review will increasingly be in demand. Again -- regulatory and compliance pressures mandate that application level testing be performed, so there will be a need for more capable individuals. Over time, though, these areas will be commoditized and the really valuable skills will be more process-focused. The ability to lead development teams in secure development efforts as well as the ability to help integrate security into the software development lifecycle (SDLC) will become more important than the testing of individual applications.


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Application Security
Top tools for testing Web application security
How to prevent HTTP response splitting
PCI DSS compliance: WAF, code review or both?
How to prevent anti-DNS pinning attacks
Open source application security testing tools
Java application security features and measures
Web application security testing basics
Password recovery with .NET 2.O using C#
Free load and performance testing tools
The most effective time to do security testing

Building security into the SDLC (Software development life cycle)
How to prevent HTTP response splitting
Browser security a concern for website development
Web application security and the PCI DSS
PCI DSS compliance: Web application firewalls (WAFs)
PCI DSS compliance: The basics
PCI DSS compliance: Code review
PCI DSS compliance: WAF, code review or both?
Writing software requirements that address security issues
Software Security Engineering: A Guide for Project Managers -- Chapter 3, Requirements Engineering for Secure Software
PCI DSS compliance: Web application firewall or code review?

Hiring, mentoring and training for software projects
Testing training: Disturbing behaviors of students
Does certification really matter?
Quality standards don't always mean fewer defects
How to present a project to the management
Grab your career by the horns
Trust on a global scale
Project managers cannot rely on generalizations
Readers speak out about U.S. IT labor shortage
Is there really an IT labor shortage in the U.S.?
How to deal with a difficult team member

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Project Management Professional (PMP)  (SearchSoftwareQuality.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Software Quality - Software Maintenance, Software Requirements, Software Standards
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts