SecurityRatty: tag: testers

How testers can practice bug advocacy with developers

2008-06-30 23:59:00 by Mike Kelly, software testing expert in WhatIs: Enterprise IT tips and expert advice

Testers can encourage developers to fix bugs they've found using some well-established techniques. Expert Mike Kelly explains how testers should practice bug advocacy, which is ultimately to the benefit of testers and programmers alike

Tags: testers, practice bug advocacy, programmers alike, fix bugs, encourage developers, ultimately, techniques, benefit

How testers can practice bug advocacy with developers

2008-06-30 23:59:00 by Mike Kelly, software testing expert in WhatIs: Enterprise IT tips and expert advice

Testers can encourage developers to fix bugs they've found using some well-established techniques. Expert Mike Kelly explains how testers should practice bug advocacy, which is ultimately to the benefit of testers and programmers alike

Tags: testers, practice bug advocacy, programmers alike, fix bugs, encourage developers, ultimately, techniques, benefit

Software testers: Identity crisis or delusions of grandeur?

2008-05-09 08:32:14 by Scott Barber in WhatIs: Enterprise IT tips and expert advice

Without a clear understanding of what software testers do, it's only natural that people try to interpret what they do from their job title. The problem is the number of different titles people have creates confusion, says Scott Barber

Tags: software testers, people, titles people, scott barber, job title, interpret, natural, confusion

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security

...Testers figure out how to purposefully break software and discover code vulnerabilities. These are different skill sets, and using different people results in higher quality software We can apply the same logic to the information security department. How about these four roles security standards security alignment security operations security...

Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security

"Crawling" Toward SDL

2008-03-06 22:13:00 by sdl in The Security Development Lifecycle

...testers, and operation Developers You should start by strengthening your compiler defenses. Depending on whether you are writing native or managed code, these will differ For C and C++ code Strengthen your compiler defenses Use the latest compiler and linker because important defenses are added by the tools If using Visual C++, use Visual...

Tags: sdl, security, perform security analysis, application security, application, applications security, security issues, issues, non-microsoft sdl engagements

Information flow tracing and software testing

2007-09-17 09:32:00 by Niels Provos in Google Online Security Blog

...testers require a considerable initial investment in the form of complete input format specifications or the selection of a large corpus of initial input samples At WOOT'07 ,I presented a paper on Flayer , a tool we developed internally to augment our security testing efforts. In particular, it allows for a fuzz testing technique that...

Tags: input, flayer marks, initial input samples, flayer, fuzz, fuzz testers require, checks, dynamic analysis framework, sanity checks

Fierce 1.0

2007-12-20 16:39:32 by RSnake in ha.ckers.org web application security lab

...testers out there who rely on Backtrack for their toolset you will go without Fierce in your arsenal no longer. Jabra is the one who ported into backtrack as well. Anyway, big thanks to Jabra for the help

Tags: fierce, fool fierce, production kinks, zone transfer, backtrack, production, dictionary, corp, kinks

The New Media Malware Gang - Part Two

2007-12-28 18:17:45 by HASH0x89ec53c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...testers.x5x.ru/subpage/index.php traffurl.ru/sliv/?91956802f6fabf 88.255.94.250/ddd/index.php 91.192.105.6/images r52.juhost.ru/ip/index.php orentraff.cn/tdsslam/index.php?out=1193100109 xll-g.com/beaty/13389babe/cumoninn.com.html xmaturelife.com/0419/kim5.html e-learningcenter.ru/eng/index files/input000.htm...

Tags: malware, php, malware gang directly, media malware gang, malware attack, holidays, happy holidays, xmas holidays, spl

Yet another benefit of executive support for SDL...

2007-11-15 23:04:00 by sdl in The Security Development Lifecycle

...Testers who are passionate about security and want to make Microsoft products and the ecosystem as a whole as secure as possible If you're a motivated type with strong security chops and looking to make a difference, you can find the list of open positions on the Microsoft Career Website . Here's your chance to contribute your own smarts,...

Tags: community, security researcher community, security, security tools, security efforts, security tool development, windows security assurance, security science team, team

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo