Justifying Security Testing in QA
You outsourced your application development to save money, right? Or perhaps you achieved it to temporarily scale your development capacity to tackle an exclusive job. It makes sense for organizations to outsource development in these situations. However, you can gamble the streamlined, highly optimized software manufacturer which you have hired to do your development is not putting security at the top of its priority list. Security is an emergent quality of an application; it is not something that you automatically include by selecting a certain technology, process, or language. Inside one application development project is a complex system made up of many technologies, platforms, configurations, and programming styles that you expect to behave the way you designed it to. If you made missteps at any point and did not properly address the security of your design, code, and configurations, then you probably have launched security vulnerabilities into your application...