Ken,
I enjoyed reading your this article. My book "The Art of Software
Security Testing" is based on the concept of using penetration techniques
as part of the development lifecycle and is specifically targetted at QA
professionals. One of my co-authors Elfriede Dustin has written 5 QA
books a
Greetings SC-L folk,
FYI, there's been a wave of new content added to the DHS-funded
software security portal, Build Security In (home URL is http://
BuildSecurityIn.us-cert.gov). Most recently, a couple of articles
about penetration testing and tools were added (see
https://buildsecurityin