Home
Topics
Software Security Testing and Quality Assurance

New skills for the QA tester: Scripting, security

Software quality assurance is gaining respect as a profession -- but do QA testers have the scripting and security skills the role now requires?
Tips for database testing from the cloud

What is database testing and how is it important to your application and the company? Get tips to effectively test when data is hosted in the cloud.
Software development cycle best practice: Threat mod...

Early in the software development cycle ask, Who might attack the application? How would they do it? What are they after? This is threat modeling.
Mobile apps development: New threats or same securit...

Two security experts get up on their soap box about the steps software teams should take to secure applications throughout the apps' lifecycle.

Security Testing and QA

Security Testing
Software Security Testing Tools
Internet Security
Penetration Testing

Email Alerts

Register now to receive SearchSoftwareQuality.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Code signing: Why it matters for mobile developers

Code signing creates a system of trust among mobile users, but it doesn't bolster the security of the app itself, says expert Dan Cornell.Answer
Hybrid security: Beyond pen testing and static analysis

Securing an application's attack surface takes more than pen testing and code analysis. Kevin Beaver explains the hybrid security analysis approach.Tip
An application security guide for software testers

This guide explains what's involved in addressing application security form a software tester's perspective by presenting common threats and strategies to deal with them.Tutorial
Software lifecycle: App security still struggling to find a fit
A software tester's application security guide

This application security testing guide is custom tailored to fit the needs of software quality professionals and application testers.App Security Tutorial
Software testing lifecycle: Dealing with security

Security is an essential part of the software testing lifecycle, yet many test pros shy away from it. Yvette Francino offers help on getting started.Tip
Do in-house testers beat an outsourced security testing service?

Security testing is very specialized. Is it better to outsource this effort or should in-house testers be responsible for security testing?Answer
Software lifecycle: App security still struggling to find a fit

For 10 years, application security has struggled find its place in the software lifecycle. We're still not there. Why has it taken so long?Quality Time | 20 Mar 2013
Does completing a PCI compliance checklist ensure security?

PCI DSS guidelines are a good place to start, but checking off boxes on the PCI compliance checklist will not ensure your organization is secure.Answer
What's ailing enterprise software security management?

Enterprise application security testing means not only finding security vulnerabilities, but tracking them down and putting an end to them.Video
VIEW MORE ON : Security Testing

Software test plan 2013: Keynote speakers cite top trends

At STP 2013, keynote speakers weighed in on software test plans to work towards in the coming year.News | 26 Apr 2013
Hybrid security: Beyond pen testing and static analysis

Securing an application's attack surface takes more than pen testing and code analysis. Kevin Beaver explains the hybrid security analysis approach.Tip
An application security guide for software testers

This guide explains what's involved in addressing application security form a software tester's perspective by presenting common threats and strategies to deal with them.Tutorial
A software tester's application security guide

This application security testing guide is custom tailored to fit the needs of software quality professionals and application testers.App Security Tutorial
Fing and Metasploit: Open source security testing

Fing and Metasploit helps QA pros find security flaws. Testing expert Matt Heusser explains how to use these open source tools.Tip
Medical apps: Focus on security-testing the user interface

To boost the security of medical apps, conduct 'attack' testing from the user interface. QA expert Amy Reichert explains how.Tip
Top ten mobile application threats to enterprise security

Check out the top ten threats presented by enterprise mobile applications, according to the OWASP Mobile Security Project.Photo Story | 19 Feb 2013
Top ten threats to mobile enterprise security

OWASP's list of the top ten mobile security risks sheds light on mobile enterprise security concerns that all mobile app testers should be aware of.Photo Story
Ten steps to better application security testing strategies

Address app testing strategy concerns at each stage of the application lifecycle and learn about tools and techniques to boost security.Tip
Application security: Frameworks enforce secure coding

Application security experts say frameworks that enforce secure coding provide a better way for developers to write apps that can withstand attacks.News | 26 Nov 2012
VIEW MORE ON : Software Security Testing Tools

Threat modeling: Crucial early step in software development cycle

Security expert Dan Cornell explains why the practice of threat modeling early in the software development cycle is crucial for mobile developers.Answer
An application security guide for software testers

This guide explains what's involved in addressing application security form a software tester's perspective by presenting common threats and strategies to deal with them.Tutorial
A software tester's application security guide

This application security testing guide is custom tailored to fit the needs of software quality professionals and application testers.App Security Tutorial
Does completing a PCI compliance checklist ensure security?

PCI DSS guidelines are a good place to start, but checking off boxes on the PCI compliance checklist will not ensure your organization is secure.Answer
Can universities give young developers application security training?

While the greater application development community understands the importance of application security, computer science majors lack this training.Answer
What's ailing enterprise software security management?

Enterprise application security testing means not only finding security vulnerabilities, but tracking them down and putting an end to them.Video
Top ten mobile application threats to enterprise security

Check out the top ten threats presented by enterprise mobile applications, according to the OWASP Mobile Security Project.Photo Story | 19 Feb 2013
PCI SSC introduces cloud compliance guidelines

A branch of the Payment Card Industry Security Standards Council has released guidelines designed to clarify the murky rules of cloud compliance.News | 18 Feb 2013
Top ten threats to mobile enterprise security

OWASP's list of the top ten mobile security risks sheds light on mobile enterprise security concerns that all mobile app testers should be aware of.Photo Story
Ten steps to better application security testing strategies

Address app testing strategy concerns at each stage of the application lifecycle and learn about tools and techniques to boost security.Tip
VIEW MORE ON : Internet Security

An application security guide for software testers

This guide explains what's involved in addressing application security form a software tester's perspective by presenting common threats and strategies to deal with them.Tutorial
A software tester's application security guide

This application security testing guide is custom tailored to fit the needs of software quality professionals and application testers.App Security Tutorial
Do in-house testers beat an outsourced security testing service?

Security testing is very specialized. Is it better to outsource this effort or should in-house testers be responsible for security testing?Answer
Top ten mobile application threats to enterprise security

Check out the top ten threats presented by enterprise mobile applications, according to the OWASP Mobile Security Project.Photo Story | 19 Feb 2013
Penetration testing and other security testing techniques

It can be hard to keep pace with the various types of security testing required in today's complex and often dangerous Web environment. In this response, expert John Overbaugh explains some of the most common and necessary security testing techniques, including threat modeling, network penetration testing and application configuration testing, and highlights how testers can stay ahead.Answer
When and how to perform penetration testing

Hackers are increasingly sophisticated in how they exploit weaknesses in network and Web application security. In this response, expert John Overbaugh explains the importance of penetration testing and how to ensure comprehensive security of your applications.Answer
SQL injection flaw is a welcome mat for black hats on file-sharing site

Recently, a group of hackers was able to gain access to user's personal files on a file-sharing site via SQL injection flaws. The group was able to view and edit personal information further proving that SQL injection is a major problem.News | 08 Jul 2010
Functional vs non-functional requirements, what is the difference?

Robin Goldsmith takes another stab at this question of functional vs non-functional requirements in this expert response. According to Goldsmith the difference lies in the applications need and what it is intended for.Ask the Expert
How to write an SRS document for three different databases

Ask the Expert
How to write a Software Requirements Specification (SRS) document

Knowing how to write requirements documentation is crucial when developing and tracking the completion of software. Expert Robin Goldsmith goes over how to write SRS documents and how to distinguish them in this expert response.Ask the Expert
VIEW MORE ON : Penetration Testing

About This Topic

Software security testing and quality assurance is used to provide protection for data managed and controlled by software applications. Security testing needs to be done to prevent harm that could result from the loss, inaccuracy, alteration, unavailability or misuse of data. Information is categorized by severity of impact and security requirements such as those that address access control, data management and access, audit trails and usage records must be validated. Security defects are often a result of non-conformance or an error or omission in the software requirements.

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Blogs

Security Testing and QA

Email Alerts

About This Topic

More from Related TechTarget Sites