Down the Rabbithole Podcast

October 12, 2011

I had the privilege of sitting down with Rafal Los & Glenn Leifheit at OWASP AppSecUSA 2011 in Minneapolis to talk about how we can embed security in QA. Raf was nice enough to record our conversation on his popular Podcast series, Down the Rabbithole.

We are big fans of finding practical, repeatable ways to build a subset of security testing into QA. We like to delineate between the easily repeatable stuff (“does your cookie have the secure flag set?”) from the kinds of domain-specific or obscure attacks that require years of penetration testing experience. The former can belong to QA, while the latter belongs to pen testers. We believe in this so strongly that we’ve incorporated test instructions and videos on how QA can manually look for basic security issues as part of SD Elements.

Download MP3

Previous Article
New Mobile Security Course and ExploitMe Mobile
New Mobile Security Course and ExploitMe Mobile

At Security Compass, we have been working hard to expand our training offerings. We’re most excited about o...

Next Article
Mobile Security Presentations from ToorCon and MISTI
Mobile Security Presentations from ToorCon and MISTI

Max Veytsman and Subu Ramanathan have just returned from presenting mobile security talks at ToorCon in San...

×

Schedule a live demo

First Name
Last Name
Company Name
!
Thank you!
Error - something went wrong!