Security testing News
April 26, 2017
DevOps can help develop software faster, but that's not making it any safer. DevSecOps is an effort to bring security into the mix. Here are some ways to get started.
December 02, 2016
Android app security is under attack this week with vulnerabilities in the popular app, AirDroid, and malware that steals Google account authentication tokens.
July 01, 2016
We have already examined the ‘phenomena’ that is DevOps and asked what it really means, how it really works and how to tame this new beast here on Computer Weekly. Matthew Pendlebury, a senior ...
June 20, 2016
Computer Weekly has a topic-classification field labelled 'application security and coding requirements' and it's there for a reason. All too often we talk about security in terms of what chief ...
Security testing Get Started
Bring yourself up to speed with our introductory content
Implementing end-to-end trust points and countermeasures is critical to mitigating connected city threats and staying safe. Continue Reading
Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public. Continue Reading
Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process. Continue Reading
Evaluate Security testing Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
It's easy to ignore the challenge of IoT and testing if that's not your job, but that's soon going to change. Expert Jennifer Lent explains what you need to know. Continue Reading
Expert George Lawton discusses the best ways to plan out a mobile test strategy that works for your business goals. Continue Reading
Enterprises continue to put cloud security strategies at the top of their to-do lists. Learn the latest cloud security risks and trends, as well as tips to secure your deployment. Continue Reading
Manage Security testing
Learn to apply best practices and optimize your operations.
Concerned about DevOps security? Learn three key steps to embedding security into the software development process, including how to improve automation. Continue Reading
Get a better understanding of software testing automation. Learn about adoption practices, testing tool trends and how moving away from manual testing can impact software testers. Continue Reading
The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group. Continue Reading
Problem Solve Security testing Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading
Google's Project Wycheproof tests crypto libraries for known vulnerabilities, but there are potential drawbacks to this tool. Expert Matthew Pascucci explains them. Continue Reading
Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second issue head on.
In three feature stories, our experts examine the key aspects closely related to IoT security: device discovery, IoT identity and IoT security testing. It's basic to security that, to devise a proper security strategy, a security team must possess an accurate record of what exactly needs to be secured. The challenge when it comes to security for IoT is in cataloging, assessing and classifying devices that can number into the thousands and are often located outside an enterprise's physical boundaries. Certain industries, such as healthcare, are well into tackling this challenge. But increasingly more companies of all sizes will have to give the issue careful attention. Discovery involves identity issues, another focus of this edition, and once a security team has refined their IoT security policy, the next logical step is to implement a process of IoT security testing.
Readers of this Insider Edition will come away with a deeper understanding of how to approach security for IoT, from how to create a compilation of what needs to be secured to how to set up a successful security testing process. When it comes to internet of things security, the threat of breaches may never be fully eliminated, but the odds that enterprises will thwart attacks can be improved through proper policy and security systems.Continue Reading