Software is just sets of instructions given to computers to be followed as instructions, and these instructions are designed by human, hence software is as strong or as weak as the developer’s skills. So, the question is … Is there any way to ensure that software is enough strong to sustain in this small but insecure world? The answer may be any of the following:
But, again who is going to tell that, software is secure…? Exactly, the answer is what you are thinking right now…The Security Testing Experts. But, if we know the answer then what is the challenge…? The challenge starts from the very beginning i.e. from Planning Phase. The process followed from requirements to release of the product plays main role. Generally the realization of security testing in most of the product comes after some glitch or security breach faced at any moment. But as per the well-known saying that “Precaution is better than cure” fits very well here. Because the Insecure software cost always leads to big failure of the product and starts a game known as BLAME GAME. Whom to blame? Product Manager? Developer? Tester? Or the company as a whole responsible? Does this blaming game properly address the problem? The answer is clear NO.
The best practice is proactive planning for security testing. So it’s very important to make Security Testing as part of SDLC. Pareto principle states that 80% of the effects come from 20% of the causes. There is no surprise in software 80% of the defects arise from 20% of the design flaws. So addressing the 20% of flaws during design time can mitigate the rest factor considerably.
Facebook Community : https://www.facebook.com/crazzzygig
- Build secure software
- Build secure software
- Build secure software …
But, again who is going to tell that, software is secure…? Exactly, the answer is what you are thinking right now…The Security Testing Experts. But, if we know the answer then what is the challenge…? The challenge starts from the very beginning i.e. from Planning Phase. The process followed from requirements to release of the product plays main role. Generally the realization of security testing in most of the product comes after some glitch or security breach faced at any moment. But as per the well-known saying that “Precaution is better than cure” fits very well here. Because the Insecure software cost always leads to big failure of the product and starts a game known as BLAME GAME. Whom to blame? Product Manager? Developer? Tester? Or the company as a whole responsible? Does this blaming game properly address the problem? The answer is clear NO.
The best practice is proactive planning for security testing. So it’s very important to make Security Testing as part of SDLC. Pareto principle states that 80% of the effects come from 20% of the causes. There is no surprise in software 80% of the defects arise from 20% of the design flaws. So addressing the 20% of flaws during design time can mitigate the rest factor considerably.
Facebook Community : https://www.facebook.com/crazzzygig
No comments:
Post a Comment