Blog Posts Tagged with "QA"

Fc152e73692bc3c934d248f639d9e963

Kicked Out of the PCI DSS Club

August 31, 2011 Added by:PCI Guru

A Qualified Security Assessor Company (QSAC) has finally had their status revoked by the PCI SSC. Based on the FAQ, it seems that CSO was not able to provide documentation that supported their conclusions regarding assessment opinions in their ROC's and ROV's they had issued...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Exploiting Software Defects for Profit is Still Illegal

January 15, 2011 Added by:Rafal Los

Apparently through a combination of social engineering of casino floor workers, and "a software glitch" (affectionately referred to as a bug) this group of people was able to steal some very real money. The short of is that they were caught because they got greedy, as they always do...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Why QA Doesn't Do Security Testing

January 06, 2011 Added by:Rafal Los

Just because you're checking for the existence of the password requirement, or making sure pages aren't accessible without authentication doesn't actually mean you're doing security testing. In reality, this is just a small part of the overall security testing that applications require...

Comments  (1)