Test Analyst

From OWASP
Revision as of 11:16, 22 May 2009 by Deleted user (Talk | contribs)

Jump to: navigation, search

http://www.textbodelgeta.com


Role Description

In a structured development organization, security should not have a great impact on the overall processes used. The test organization should still be testing to requirements, implementing regression suites, and so on.

In practice,this will generally require new testing tools that are specifically geared toward security because traditional tools are not good at ferreting out security risks.

Ultimately, beyond tool training and learning about risks well enough to be able to check for them, testing groups do not need to be security experts.