Tag

software security testing

Browsing

In one of the episodes of Sherlock Holmes, Jim Moriarty orchestrated a simultaneous heist on the Tower of London, Bank of England, and Pentonville Prison with a single tap on his phone. Sherlock, in turn, tried to find the ‘master code’ that could open any locker anywhere in the whole wide world – a unique combination of ones and zeroes that bears the power to penetrate into layers and layers of security. This was a fictional scenario, it did raise a question and a very important one at that – Is our security system this…

Security testing is becoming essential for every business. Undetected bugs and security vulnerabilities can lead to expensive consequences or even losses that businesses can’t recover from. Security issues are usually considered when developing web and SaaS solutions. However, security matters for each and every product, no matter what goals it serves and what technologies it uses. At Apriorit, we always include security testing in our quality assurance strategies. In this article, we focus on some…

Identity in a remote world has taken on added importance for cybersecurity leaders speaking in a webinar on the state of security and the evolving role of CISOs at VMworld 2020. “In the CISO community we’ve talked about the notion of ‘Your identity is your perimeter.’ This put an exclamation point on that,” said Jason Lee, CISO of Zoom, referring to the COVID-19 pandemic. “When I think of the scenario of how do I know…

One of the biggest risks with software security is the opaque nature of verification tools and processes, and the potential for false negatives not covered by a particular verification technique (e.g. automated dynamic testing). Despite many best practices around secure Software Development Lifecycle (SDLC) most organizations tend to primarily rely on testing to build secure software. One of the most significant byproducts from current methods of testing is that organizations rarely understand what is being tested – and more…

As Maverick and Goose declared in the movie Top Gun, “I feel the need…the need for speed!” Speed is a defining characteristic of IT and app development these days. It used to just be desirable—now it’s a strategic imperative. The DevOps revolution has accelerated the software development lifecycle. Rapid deployment and frequent updates are the new norm. It’s important, however, not to let security fall victim to the quest for speed. That’s where companies like…

According to the independent security researchers at NSS Labs, Microsoft Edge is the best browser available when it comes to protecting Windows 10 users from phishing attempts and social engineering attacks. Or at least it’s better than the two most popular non-Microsoft browsers, Chrome and Firefox. that went live near the end of August this year. Each was subjected to the same set of more than 5,000 malware samples and nearly 1,000 phishing URLs, and…

The software community is on the brink of accelerating changes as DevOps practices, agile development methodologies and AI gradually, but surely, phase out legacy approaches. But while this is a fantastic development on the one hand, it’s also perplexing on the other. There’s no doubt that enterprises can’t competently respond to the need for greater speed and the rise in complexity of application categories with single-tiered systems that ruled supreme for years. Yet, tighter deadlines…

Ensuring that apps are protected from threats can take serious planning and the implementation of the best support for the job. However, there are so many different solutions available that it can often be difficult for quality assurance teams to know which will be optimal for their needs. Here are a few tips of how QA can choose the right tools for security testing and facilitate better software stability: 1. Establish goalsThe system you pick should be…