About STP
/
877.257.9531
Community
/
Events
/
Training
/
Resources
/
ST&QA Magazine
/
Community Forum
Get Involved
STP Community Forum
We are a community. We share different points of view but a common interest in software testing. Visit the STP Community Forum to discuss the different points of view that make this community vibrant. Network and learn from other software testing and quality professionals.
STP Community Forum
Events
Software Test Professionals Conference & Expo
Join us for the leading event that brings together software test and quality assurance professionals. Software testers, QA managers and senior test professionals come together to learn and discover the latest solutions for their most pressing challenges. Conference participation is a great way to network, gain knowledge and enhance your career potential.
STP Spring 2013
STP Fall 2013
STP Fall 2012
STP Spring 2012
STP Fall 2011
STP Spring 2011
STP 2010
STP 2009
STP Online Summit
Session Proposal Form
Training
Why Should You Consider Training?
Specialized subject matter
Affordable pricing
Flexible training options for the working professional
Highly knowledgeable and experienced course facilitators
Network and learn from other software testing professionals
Carefully crafted training for software testers at all skill levels
Learn advanced skills and take your career on the path to higher-levels of success
Course Calendar
STP Online Summits
E-Learning Courses
Certification Courses
Software Test & Quality Assurance Magazine
Cover Story
A Bird’s-Eye View of Load Testing
Featured Articles
Hip? or Hype? Load & Performance Testing from the Cloud
Archived Issues
Contribute an Article
Contact the Editor
Advertise with Us
Subscribe to Digital Alert
Newsletter Archives
Resources
Acceptance
Agile
Ask the tester
Automation
Awards
Best Practices
Black Box
Career
Cartoon
Case Study
Certification
Cloud
Conference Presentations
Crews
Development
Editorial
End to End
Error Handling
Essentials
Exploratory
Forums
Functional
Future Test
How To
Integration
Interviews
Job Posting
Jobs
Leadership
Life Cycle
Load
Management
Membership
Metrics
Mobile
Newsletters
offshore
Open Source
Performance
podcast
Process
Products
Project Management
Quality Assurance
Regression
Requirements
Research
Security
selenium
Services
Six Sigma
Software
Software Test Professionals Conference
ST and Pedia
ST&QA Magazine
STP Community News
Strategy
Teams
Technology
Test and QA
Testing
Tools
Training
Trends
Unit
User
Video
Web
White Box
Browse Articles
Write an Article
STP Forum
STP Blog
Podcasts
Upcoming Webcasts
Archived Webcasts
Industry PR
RSS Feed
Newsletter Archives
Community
Join an Association…
By joining an association, with a finger on the pulse of the software testing industry, your membership will offer you an industry focused interactive community, leadership opportunities and an array of resources to advance your career. Association membership truly is a valuable differentiator in today’s competitive job market.
Join STP
Benefits
Awards
Browse Crews
Create a Crew
Contribute
Achievements
Badges
Get Involved
Services
SubNavServicesSplash
Publications
SubNavPublicationsSplash
Achievement
139 Points
Crews
Strategic Advisory Board
Software Test & Quality Assurance Magazine
Software Security Testing 101 - How to break into security testing
STP Local Interest Chapters
Automation
Interests
David Kosorok
CORP OF THE PRESIDING BISHOP
QA MANAGER
David is a QA Team Manager for the LDS Church in the Information and Communications Systems Department. David wrote monthly how-to articles in WordPerfect Magazine for five years and has tested software and managed test teams for over 15 years ranging from WordPerfect Magazine to international teams at Microsoft. David brings his technical expertise and snappy dress style (jeans, t-shirt and boots) back home to Utah. He enjoys spending his free time with family, reading a good sci-fi/fantasy book, camping, or watching a good movie, in that order
Badges
My Articles
Security Tools Must Support An Existing Process Not Define a New One
Thursday June 3rd 2010 10am
4
2 Comments
Security
Software
Test and QA
Testing
Best Practices
Process
Regression
Tools
Trying to introduce Security Testing into your software process can be tricky, just like teaching an old dog new tricks. A good first step would be to introduce a great security tool into an existing process. For example, introduce static source code analysis by adding it to the end of your automated build process. The initial ramp up cost is low, the change in process churn is low, but the value can be very high.
Anonymous
Article
1 Items | View Page
1
Advertisement
Tweets You Care About
monkeypunky (nik billings)
RT @
jerrywelch
: Hey @
SoftwareTestPro
... Remember that one time ... at
#STPCon
last week in San Diego? That was pretty cool.
lvcodesmith (Scott Scoble)
@
BrianKCopeland
Thanks for your recommendation to attend
#stpcon
, three of my team went and it was a great conference!
cowboytesting (Curtis Stuehrenberg)
@
jitterted
I'll be conducting two sessions at
#STPCon
. Even if they don't overlap I don't think I can swing two weeks off in the same month
rvansteenbergen (Rob van Steenbergen)
RT @
mheusser
: Missed
#STPCon
? My lightning talk 'the death star was an inside job' is available online -
http://t.co/AJxDyjJvy7
MentoraGroup (Mentora)
RT @
softwaretestpro
: Thanks! @
MentoraGroup
Mentora
#STPCon
Spring 2013: Recap from the Show!
http://t.co/Z6TEY1Vugw
@
SoftwareTestPro
JA_Harrison ( JeanAnn Harrison)
@
lanettecream
@
joolery
@
lisacrispin
@
zuzuzka
@
IrisClasson
Haha I went from NH to SD for my hair appt - of course I was there for
#STPCon
too
cowboytesting (Curtis Stuehrenberg)
#STPCon
this fall has a water park, a steak house, AND cowboys. Take note
#BSCWest
. You'd better start bringing it.
Seapine (Seapine Software)
Our own @
pvarhol
delivers his wrap-up of
#STPcon
:
http://t.co/XFt8M7Jv9U
fredberinger (Fred Beringer)
RT @
SoftwareTestPro
:
#STPCon
Speaker @
PerfDan
is doing a webinar on "Load Testing Tips" should be excellent. @
CloudTest
#Cloud
http://t.co/
…
CloudTest (SOASTA, Inc. )
RT @
SoftwareTestPro
:
#STPCon
Speaker @
PerfDan
is doing a webinar on "Load Testing Tips" should be excellent. @
CloudTest
#Cloud
http://t.co/
…
SoftwareTestPro (SoftwareTestPro)
#STPCon
Speaker @
PerfDan
is doing a webinar on "Load Testing Tips" should be excellent. @
CloudTest
#Cloud
http://t.co/MpgHonZaQX
JamesAlanMiller (James Alan Miller)
A software testing conference? That's a /thing/?
http://t.co/8ylGBInjJK
@
mheusser
tells his story at
#STPCon