The new Qualitest cyber security division will provide cyber security services as an integral part of the software testing process.

Qualitest, the world’s leading pure-play quality assurance company, is strengthening its commitment to enterprise security by bringing in 100 additional application security specialists as part of its new cyber security operations division. The new services arm is headed by Uri Barel, who joined Qualitest at the beginning of 2019. Validating application and code security is an essential part of the release process, and Qualitest realizes the importance of this step in our approach to quality engineering.

The cyber security division is headquartered in Israel, and will serve customers around the world.

Traditionally, cyber security is performed by dedicated security service providers after applications have been released into production, costing organizations more in rework and exposing them to potential security breaches if vulnerabilities are not identified early enough. By incorporating security testing into the pre-production quality process, Qualitest can perform security validations faster and more efficiency, saving our customers money and helping them adopt consistent code security practices.

Qualitest entered the cyber security field in 2018. In the past quarter, the company has made a decision to expand its cyber security offering to provide its customers a comprehensive framework that integrates application security into every phase of the application delivery lifecycle. 

Identifying security vulnerabilities is not that different from finding bugs in the code

Most of today’s cyber security vendors fall roughly into two categories: companies that develop solutions to protect organizations from malware and service providers that offer assessments for gauging the level of vulnerability in organizations’ systems and applications. Very few companies offer cyber security services as part of the application QA and testing process which is actually quite surprising, considering that the additional effort required to implement cyber security testing within DevOps is not overwhelming, and should be treated as another step in the overall quality process.

Modern enterprises are aware of security threats and are willing to invest in the right solutions to protect their applications and users from harm. At Qualitest, we believe that the industry is ready to change their approach to cyber security testing, and start viewing it as part of the application development and testing process not an afterthought that needs to be considered after the go-live.

We have seen the entire discipline of quality assurance go through this transition over the years, quality has gone from a “checkpoint” at the end of development to an integral part of the entire application cycle, resulting in faster release cycle, fewer production incidents, and better customer experience.

We believe that a similar transformation is taking place right now in the field of cyber security. By making it part of the testing process, performed by testing experts (with additional security knowledge), we can help organizations deliver more secure applications faster, cheaper, and with fewer production complications. Finding a security issue is not that different from catching a bug in the application functionality if you fix it early, you save yourself a lot of trouble down the road.

The blog was translated from an interview published in TECHTIME Magazine – To read the full interview please click here