Skip to main content.

QASec.com - Software Security Testing in Quality Assurance and Development

Navigation: Home | Links | About |

'Development' Tagged Posts

Setting the appropriate security defect handling expectations in development and QA

By Robert Auger 6/15/09 If you've worked in information security you've likely had to report a security defect to development in an effort to remediate the issue. Depending on your organization and its culture this can be a rather difficult...

The business case for security frameworks

By Robert Auger Version 1.06 Last Modified: 4/22/2007 Article originally written for The Web Application Security Consortium's guest article project. One of the reasons why vulnerabilities are still common-place is because new generations of developers are making the same mistakes....

Identifying Risks in the Development Cycle

By Robert Auger 10/18/2006 Introduction Identifying security defects before a product ships reduces the risk of embarrassing public exposure, the cost of repairing the defect, and the risk to your customers. Your customers will not forget being compromised via a...