I love the open-ended creativity of programming, the idea that you start with an empty editor window and breathe life into an application, line by line, feature by feature. That said, I had the dimmest possible view of software testing. I knew it was important, in the same way that dental hygiene is important, or eating your vegetables, or getting the oil changed in your car.
Testing seemed boring. Testing seemed like something that other people should have to do. Many developers also believe this, that they are Batman and the rest of the product team is Robin and Alfred. In truth, it is much more of a Justice League situation.
ENTER SECURITY TESTING
In 2011 I joined a small Finnish company, Codenomicon, and had my mind thoroughly blown. I learned about fuzz testing, delivering intentionally malformed inputs to software to see if something bad happens. Fuzzing is a great way to locate unknown vulnerabilities in an application. If you find them and fix them before bad people find them and exploit them, you substantially reduce your risk.
Once I understood the value of fuzz testing, I was sure that I was onto something big. “Everyone’s going to do fuzzing!” I thought to myself. “We’re going to be rich!”
While it’s true that all application teams should be doing fuzzing, I was naïve about how fast fuzzing, and security testing in general, would permeate application development. It takes time to change people’s attitudes and evolve the processes of software development. The current movement toward DevSecOps reflects the dawning realisation that security must be an integral part of the application development process.
この記事は HWM Singapore の July 2020 版に掲載されています。
7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。
すでに購読者です ? サインイン
この記事は HWM Singapore の July 2020 版に掲載されています。
7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。
すでに購読者です? サインイン
Should I Buy Cyberinsurance?
Personal cyberinsurance covers a range of cybercrimes such as cyber extortion, cyberbullying, online fraud, and data loss.
Quick Tips: Five Things To Do If You Get Hacked
It might seem like an obvious choice at first, but many people often resort to panic-clicking device options, rebooting, Googling for solutions, calling tech support (or that tech-savvy friend) for help, all while leaving the compromised device connected.
CLASH OF THE EXECUTIVE SALOONS: BMW 5201 VS MERCEDES-BENZ E200
The BMW 5 series and Mercedes-Benz E-Class are motoring institutions.
SENNHEISER TULLAMORE FACTORY TOUR: HOW THE WORLD'S BEST HEADPHONES ARE MADE IN IRELAND
It’s a relatively common practice for brands to have separate facilities for parts manufacturing and product assembly, whether it’s for cost or other reasons.
Tech Awards 2024 Readers' Choice
BEST OF PERSONAL COMPUTING
Good For Nothing
After a rocky start with the Nothing Phone (1), the company turned things around by releasing the incredible Nothing Phone (2).
A For Affordable AI
The Google Pixel 8a has arrived, offering many features from its flagship siblings at a more affordable price. It maintains a sleek, compact design, making it easy to handle with one hand.
Mercedes Benz EQS SUV
Mercedes-Benz's adoption of electricity has been impressively rapid.
5 Steps To Secure Your Home With A Mesh Network
Firewalls filter data in network traffic to protect the network from a wide variety of malicious attacks and malware.
The Best Hair Straightener
When I first saw the Dyson Airstrait straightener, my immediate feelings were one of cautious optimism.