Hosting Provided By

RE: Security Testing

From: scott wood <swood(at)cambian.com>
Date: Mon Mar 03 2003 - 20:45:32 EST

I think Phil's description is pretty good, but there is one thing I would add. You should have some sort of feedback from QA to the developers. Not of the "finger-pointing" type, but constructive feedback that allows the developers to learn from their mistakes. You want to cultivate an environment of security awareness amongst the developers so that they do things correctly the first time. Also, if QA thinks the developers did a good job with security, they should let them know that as well!

scott

---
Scott Wood   swood@cambian.com
CTO, Cambian
P.O. Box 12113, 1075-555 West Hastings St, Vancouver BC, Canada, V6B 4N6
Tel: (604)647.1167 x258; Fax: (604)647.1187
http://www.cambian.com/

Received on Mon Mar 3 22:22:06 2003

This message: [ Message body ]
Next message: planz: "Re: Security Testing"
Previous message: Brass, Phil (ISS Atlanta): "RE: Security Testing"
In reply to: Brass, Phil (ISS Atlanta): "RE: Security Testing"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:49 EDT