Enterprise Security: Now, More Than Ever

Enterprise Security: Now, More Than Ever

Enterprise security primarily comprising of data protection and privacy continues to be an area of focus for enterprises, be it on the production or the non-production side of the entity. Little wonder enterprise security spending remained surprisingly resistant to...
Role-Based Testing? Take a Holistic Viewpoint

Role-Based Testing? Take a Holistic Viewpoint

Building tests for role-based security, which limit user access by login, could be among the most challenging test scenarios. Testers will be most successful if they dialogue with compliance and thoroughly vet business processes. That’s particularly true when...
Stuck With Two Impossible Choices

Stuck With Two Impossible Choices

When It Comes To Security Auditing, One Size Does Not Fit All One key problem with security code audits is that they tend to cause more problems than they solve. “One size fits all” audit scans tend to overwhelm developers, ultimately leaving the team with a long list...
Ask The Tester: Paul Melson

Ask The Tester: Paul Melson

Paul Melson is information security officer at Priority Health, an insurance company in Grand Rapids, MI. he has been in IT for 13 years, focusing exclusively on security for the last seven. During his career Paul has also consulted on matters of incident response and...
If You Build It, They Will Come

If You Build It, They Will Come

As I write this, I’m thinking of last night’s midsummer classic—the 2007 All-Star Game—in which the National League was an extra base-hit away from a dramatic ninth-inning, come-from-behind win. But alas, the American League will again have home-field...