Test Driven Development (TDD) for Secure Applications
Test Driven Development (TDD) has emerged as a successful productivity technique for development teams. As a unit testing methodology, TDD prescribes a simple three-step process of (1) develop test, (2) write code, and (3) re-factor the code. In a question-and-answer tag-team
session, Herbert Thompson and Ed Adams discuss the value of TDD and drill down on the reasons to use TDD for writing secure applications. Among other useful security testing tips, you will find out ... What the heck is Test Driven Development anyhow? What are the benefits of using TDD? What are the drawbacks and limitations to TDD? Why is TDD so valuable for security? What are the payoffs for using TDD to write secure code? How can we find faults that show up outside unit testing? How do we correct faults that show up outside unit testing? Can you use TDD with other development and testing methodologies? What tools can be used for TDD as well as secure coding and testing practices?