Useful data points for shaping your SDLC program By Robert Auger 1/11/11 If you work in infosec for a large organization it can be difficult to easily track the state of every software level vulnerability throughout your various code bases....
A short blurb on Identifying Application Risks By Robert Auger 2/1/2007 The security industry has been using Fuzzers to identify security vulnerabilities in popular products for years. This immediately tells us two things 1) The vendors of the vulnerable products...
Putting security test cases into your test plan By Robert Auger 1/5/2007 Part of software testing involves replicating customer use cases against a given application. These use cases are documented in a test plan during the quality assurance phase in...
By Robert Auger 10/18/2006 Introduction Identifying security defects before a product ships reduces the risk of embarrassing public exposure, the cost of repairing the defect, and the risk to your customers. Your customers will not forget being compromised via a...