security | TechWell

security

Closeup photo of laptop computer lit up at night The Value of Security Testing in QA

For many organizations, traditional testing groups are separated from the IT security group. But having traditional testers perform some security testing efforts is a great way of achieving a balanced approach to shifting left while being mindful of staffing and budgetary challenges. It also has some great advantages.

Alan Crouch's picture
Alan Crouch
Combination padlock for security Continuous Security in Agile Development

"Continuous" gets mentioned a lot in agile and DevOps, but one area that often doesn’t get enough attention is how to continuously build, test, and deliver secure applications. Just like for quality, you can’t test security in, so you need to have a plan for how to build it in. Here are some tips on how to do that.

Jeffery Payne's picture
Jeffery Payne
Espresso being poured into a cup of water and mixing Integrating Threat Modeling into Agile Development

Threat modeling helps you determine where to focus your security testing efforts when building your app. But people often wonder how it can fit into their existing agile software development process. Here are three things you can do to integrate threat modeling into your agile workflow, either early on or mid-project.

Alan Crouch's picture
Alan Crouch
STEM Girl Scout Cookie Sales Help Fund STEM Badges, Including Cybersecurity and Programming

It's officially Girl Scout cookie season, and that means you’re doing a good thing when you buy those boxes of cookies. The Girl Scouts offer science- and technology-related badges and journeys to introduce girls to computer science, robotics, mechanical engineering, space exploration, and cybersecurity.

Pamela Rentz's picture
Pamela Rentz
Locked padlock on a computer screen Using Open Source Tools for Security Testing

Performing a series of security tests before deployment of your application has become paramount. But that doesn't have to mean a suite of costly tools. Plenty of open source security testing tools have become viable options. Here's why you should consider open source tools for your different types of security testing.

Saurabh Hooda's picture
Saurabh Hooda
owasp logo OWASP Releases Latest Top 10 IoT Vulnerabilities

The growing list of internet-connected devices bring amazing benefits, but the sharing of valuable information that brings this convenience also brings security concerns. The Open Web Application Security Project has released its Top 10 Internet of Things 2018 list of the highest-priority issues.

Pamela Rentz's picture
Pamela Rentz
Skull and crossbones shown on a computer screen Protect Your Software through Threat Modeling

Many software organizations are overwhelmed with a laundry list of vulnerabilities. They often have no idea where to start, how to determine prioritization, and whether or not those vulnerabilities accurately represent the threats to our applications, users, and data. Threat modeling is a simple yet effective solution.

Alan Crouch's picture
Alan Crouch
password list Better Check This List: Worst Passwords of 2018

We’ve embraced the IoT in our everyday lives, yet with so many connection points, there’s a risky habit too many of us still need to break—using weak passwords. SplashData evaluated more than five million passwords leaked online during the previous year and compiled the top worst passwords for 2018.

Pamela Rentz's picture
Pamela Rentz