SDLC with Testing hightlighted and the word DAST

Building better security (6): DAST

I’ve been sharing ideas on how to build security into your development process. An important step in the development process is testing.

There are many techniques used in security testing. It’s useful to understand the different approaches, and their advantages and disadvantages. Last week we looked at Static Application Security Testing (SAST). This week we look at DAST. (If you missed any of the previous articles, I’ve included all the links at the bottom.)

Continue reading
SDLC with Testing hightlighted and the word SAST

Building better security (5): SAST

I’ve been sharing ideas on how to build security into your development process.

An important step in the development process is testing. There are many techniques used in security testing. It’s useful to understand the different approaches, and their advantages and disadvantages. So for the next few weeks we’ll look at the ways to test the security of your application.

Continue reading
A road with START and FINISH painted on it.

Building Better Security: Part 1

According to the UK IT Governance blog, 148 million records were breached in December 2020!

As stories of data breaches hit the news each day, many companies are trying to patch the security of their systems as quickly as possible.

That’s a start, but it’s not enough. Security is not a one-time task. It has to be built into your development process, not added on as an after-thought.

Continue reading