Software Security Test Best Practices
- November 01, 2019
Atlassian's CISO believes that eventually, application security mechanisms will be absorbed completely into Agile and DevOps tools -- including his own company's products.
- September 14, 2018
Some advanced organizations tackle DevSecOps with automated security for CI/CD pipelines and infrastructure, and will complete the picture with developer security skills training.
- April 18, 2018
A survey of over 2,000 IT pros shows that fear of data breaches is increasing investments in DevSecOps tools, particularly automated security tools and oversight of open source software.
- September 26, 2017
Citizen data scientists are now equipped with tools like low-code platforms, AI and automation and are revolutionizing the world of IT. Learn what this means for you.
- April 26, 2017
DevOps can help develop software faster, but that's not making it any safer. DevSecOps is an effort to bring security into the mix. Here are some ways to get started.
- February 22, 2016
Developers are in short supply all around but those with security experience are particularly in need. Here's how you can move your career in a new direction.
- August 06, 2015
At Agile2015, discussion turned to how a user story can offer a different approach to Agile security.
- April 03, 2014
Mobile ALM expert Manish Mathuria provides insight into mobile security and offers strategies for enterprises to better protect their software.
- May 17, 2013
Software quality assurance is gaining respect as a profession -- but do QA testers have the scripting and security skills the role now requires?
- March 20, 2013
For 10 years, application security has struggled find its place in the software lifecycle. We're still not there. Why has it taken so long?
- January 16, 2013
Code signing aims to keep malicious code out of mobile apps by verifying where the code came from.
- April 27, 2011
What exactly is a Test Center of Excellence (TCoE) and how do quality organizations go about putting one together? In this interview with STAREAST presenter and quality advocate Tom Delmonte, we find out more about TCoEs and how they can be ...
- April 26, 2011
What does it take to add a test practice on top of a high-functioning Agile team? The task at Menlo Innovations was to incorporate QA into their practices. How did they do it? Matt Heusser interviews two quality advocates from Menlo Innovations to ...
- April 20, 2011
The real world isn't always like a test environment. How do we test for the unexpected problems such as system faults or malicious attacks? SSQ contributor Matt Heusser talks to Shmuel Gershon, presenter at STAREAST with a talk titled, "Fuzzing and ...
- November 03, 2010
In Part 2 of this SSQ interview with Glitch author Jeff Papows, we learn more about Papows' proposal for an IT Governance Manifesto which would mandate higher standards of quality for life-threatening software. Papows warns of the dangers of not ...