Security experts are in the old Testers position?
06 Sep 2011Original post can be found at It-Eye
We all know that testing is important and since more and more companies started doing agile we all have learned that testing needs to be done on the go and not at the end of our software development. Where couple of years ago it was very hard to find teams with testers in them now you can find a lot of them. Besides that it was very hard to convince companies why you needed a tester on the go and why that was better and cheaper than doing “some” testing at the end. Now days it’s all much easier and companies understand the benefit of testing on the go instead of doing bulk testing at the end of the software development.
By doing agile software development we have learned that working with a well balanced team is a must. So adding developers, architects, designers and testers to the team is not an “real” issue anymore. But how about adding security specialists?
Following the security news here are 3 hacks that happened in a weak.
- Nokia Developer forum hacked
- Linux Source Code Repository Kernel.Org Gets Hacked
- DigiNotar Damage Disclosure
It’s not just those 3 there are many of them. As we go online in to the cloud and start exposing more and more services to the outside world we need to know that our applications are safe. This kind of responsibility can not be given to a software engineer or an architect it needs to be given to a specialist aka the security experts.
We struggled to get the tester in to the team and now that we have achieved that goal it seems we need to struggle again to do the same for the security specialist.
That’s why I asked my self: “Aren’t security experts in the old testers position?”