January 20, 2020
To continue offering value to their customers, cyber security professionals must adapt to the ever-changing technological landscape. Despite that, we’re still not seeing a major...
To continue offering value to their customers, cyber security professionals must adapt to the ever-changing technological landscape. Despite that, we’re still not seeing a major transformation in the area of security testing, given the fact that test engineers still consider penetration testing as the ultimate tool for quality assurance.
Could this be the reason for the stagnation that the security testing landscape is experiencing? What is the solution to the question of accountability? Do we need to redefine the role of the CISO?
In a recent episode of “The Testing Show,” Qualitest’s Elle Gee and Uri Bar-El, our Global Head of Cyber Security, join Matthew Heusser and producer Michael Larsen to elucidate the challenges we face in the realm of security testing and the probable measures that can assist in a much-needed shift from the archetypal practices.
Topics discussed include:
- Uri Bar-El’s expertise in cyber security and his experience with Qualitest in doing security testing differently.
- The reasons for the prominence of penetration testing as the only legitimate assurance tool.
- The challenges we face due to the disconnect between the security and software development teams.
- How relevant is the CISO’s role?
- How to make security more relevant in the SDLC?
- How to train quality engineers in security tools and techniques?
- The benefits of making security a part of DevOps (and the normal development process).
- How test engineers can upgrade their cyber security testing skills.
- Closing thoughts on the imperative of a paradigm shift, making security a foundation skill and bringing the security question early in the SDLC.