Testing or Hacking? Real Advice on Effective Security Testing Strategies – Dan Billing
Most of us never know who does the security testing for our development teams. Sometimes it’s an internal team, maybe external. Sometimes it doesn’t even happen at all. Some of us are building security testing into our current practices, from the ground up. Some managers may feel that there isn’t the time, skills or resources to do security testing. Many testers may feel they don’t have the skills. A few of you might not feel empowered to take the lead. Inevitably, they might feel that they don’t need to worry about it, as it is someone else’s problem. And this is a serious dysfunction. Let’s look at the essential steps to build and execute your own security testing strategies. Let’s examine how learning and mentoring can aid in the development of strategies. You can and should build up your own skills with integrated security testing. This will ensure ongoing relevance of your role in a security context, and the success of your organisations.
Dan has been a tester for 15 years, working within a diverse range of development organisations, mostly in the south west of England. He currently works as a test engineer at New Voice Media, where most of his time is spent working on the security testing needs of the business. This includes mentoring, supporting and training members of the team to use these skills also.
Dan’s love of testing drives me to become an active member of the testing community, helping to organise local tester meetups in the Bristol and Bath area. He is also a cofacilitator with Weekend Testing Europe, and also organises the South West Exploratory Workshop in Testing.
Dan lives in Frome, Somerset with his wife Rae, and cat, Misty