• QA - Run automated security tools that search code for common bugs (This first pass saves the coders time and the results provide accountability.FIx your org)
• 20 Common Bugs list (QA checks for low hanging fruit tailored from sources like OWASP, SANS, and the personal expertise of Errata Security research in the field) (This is the list for things you DONT need to worry about and ones you do. Always be afraid of SQLi, even if you don't have a website proper))
REAL PEOPLE dealing with the huge false positive results.
• QA- Pass the results to the Coder.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment