Tricky Business
Software development is a tricky business. When you think of all that can go wrong, the possibilities can be overwhelming. From coding errors, to borrowed libraries, to myriad other causes, the need for testing is fundamental to the development process. Testing can uncover many of the errors or oversights that can occur. Failure to effectively test prior to release can be very costly. Fortunately, the software security lifecycle includes testing methodologies to prevent many of these errors.
As a security professional, understanding testing techniques is an extremely important job responsibility. If you are on the technical side of information security, you may be conducting the tests yourself. One way that an employer can ensure that they have a qualified person is by seeking someone who understands the software security lifecycle. However, even the most seasoned professional may fall victim to a hidden problem with testing that can lead to other challenges. This is the problem of cognitive bias.
Existing Methods Towards More Secure Software
Many testing approaches for software are similar to those used in network testing. One of these includes penetration testing, whereby a person attempts to force the system, (or in this case, the software) to behave in an unexpected or unanticipated way.
Pen testing can include different methodologies. One such method is known as a “black bo ..
Support the originator by clicking the read the rest link below.
