This strikes me as largely meaningless, bordering on good news. More
bugs found = more bugs fixed = more secure software.
I dont really think you can compare the numbers from 2001 and 2006
though. There's way more people looking for bugs now than there were
in 2001. Maybe there were more bugs arou
Ken,
I enjoyed reading your this article. My book "The Art of Software
Security Testing" is based on the concept of using penetration techniques
as part of the development lifecycle and is specifically targetted at QA
professionals. One of my co-authors Elfriede Dustin has written 5 QA
books a
Benjamin Tomhave wrote...
> This is completely unsurprising. Apparently nobody told the agile
> dev community that they still need to follow all the secure coding
> practices preached at the traditional dev folks for eons. XSS,
> redirects, and SQL injection attacks are not revolutionary, are not
