Alan Crouch addresses the question most commonly raised by those who are new to security testing: "How does security testing fit in my QA process?" Alan explains that security testing shouldn't be limited to the QA process, but instead should be applied throughout the entire software development lifecycle. Read this FAQ column for suggestions on how to improve your chances for success in catching security issues.
In August, Knight Capital Group lost $440 million in one day. But there weren’t any traders to blame—at least no human ones. The loss was the result of a software system upgrade gone awry. What can we learn from this and other software catastrophes in the financial sector, and how can we prevent them in the future?