Browse by Tags - Following the White Rabbit Blog -
Sign in
|
Join
|
Help
SHOP PRODUCTS & SERVICES
EXPLORE & CREATE
CONNECT WITH OTHERS
SUPPORT & DRIVERS
COMMUNITY HOME
HP BLOGS
APP SECURITY BLOGS
APP SECURITY FORUMS
Following the White Rabbit Blog
»
All Tags
»
process
(
RSS
)
Browse by Tags
Following the White Rabbit Blog
Home
About
Contact
Syndication
RSS for Posts
Atom
RSS for Comments
Recent Posts
Defining Security as a Business Requirement
Misunderstanding the Purpose of Automated Tools
Overcomplicating the developer-security relationship
Tags
application security
breach
compliance
conferences
dynamic analysis
educating developers
hacking
hacking demonstration
OWASP
PCI Compliance
PCI DSS
process
QA
quality
security
security automation
security program
securitycurity program
software quality
software security
speaking
sql injection
static code analysis
testing
web application security
View more
Archives
May 2009 (2)
April 2009 (3)
March 2009 (1)
February 2009 (4)
January 2009 (6)
December 2008 (9)
November 2008 (2)
October 2008 (5)
September 2008 (7)
July 2008 (4)
June 2008 (4)
May 2008 (4)
April 2008 (5)
March 2008 (1)
application security
automated testing
automated tools
educating developers
functional specification
holistic security
QA
quality
security relationship
software quality
software security
web application security
web application security business case
Defining Security as a Business Requirement
This post is a follow-up to the previous one on QA: Defect vs. Vulnerability. All the highly-intelligent responses I received got me thinking further, and so here I present my additional thoughts. This may not be revolutionary - but given the response...
Published
02-05-2009 4:53 AM
by
RafalLos
Filed under:
functional specification
,
quality
,
process
,
application security
,
web application security business case
,
software quality
,
software security
,
QA
Misunderstanding the Purpose of Automated Tools
Let's get this out in the open - there is a misunderstood purpose of automated tools in web application security . Based on my personal experiences in front of both management and engineering teams in the last few months, I feel this needs to be addressed...
Published
06-11-2008 2:29 AM
by
RafalLos
Filed under:
process
,
holistic security
,
web application security
,
automated tools
,
automated testing
Overcomplicating the developer-security relationship
Greetings readers. As I travel and meet with large enterprise customers of HP's I've learned something new that I wanted to share. Maybe it's only obvious to me, and maybe I'm behind the times - but it appears to me that we (and by "we"...
Published
06-05-2008 8:39 PM
by
RafalLos
Filed under:
security relationship
,
educating developers
,
process
Privacy Statement