This article has been indexed from DZone Security Zone
I am Viktoriya Hranenko, Security Automation Engineer at NIX United. I started at the company as General QA, simultaneously performing manual and automated testing tasks. My responsibilities did not include security tasks. However, while testing the application on the previous project, I brought attention to some cases that we never fixed. This was not our area of responsibility, and there were no specialists among us who could assess the criticality of these finds. Some of the security incidents were awaiting the appearance of a penetration tester.
But if we want to create a great quality product, shouldn’t we start by making it reliable? In addition, today almost all applications for registration forms fall under the law “On personal data protection” following the legislation of the country where the product is distributed. In my opinion, the security check should not be carried out in the final testing stage before the release.
Read the original article: Say No to Hotfixes: How To Implement Security in the Development Process