Making Security Testing Part of Everyday Development
Play Making Security Testing Part of Everyday Development
Too often, security testing is regarded as something only people with secret powers can do. Testers performing functional testing know the feature better than anyone else. Testers understand how the product actually works including where the product behaves strangely. With this knowledge, functionality testers are in a great position to best find security bugs. While some security bugs are difficult to find, many are not. This presentation shows how functionality testers can make security testing part of their everyday job and how the Microsoft Office team put this in action. We also demonstrate tools for uncovering many security issues without a single line of code. Deeper issues require more analysis and often require writing code. Anyone writing or testing code should see this presentation to better secure their application.