Wednesday, April 29, 2009

Companies focusing more on the skillset (and mindset) needed for Security Testing

I am just back home after completing a training program at Novell Bangalore for about 3 days, on a series of diversified topics under Security Testing.

As usual, it was a challenging situation to address the varied needs of individual groups of attendees who joined from several different projects, however, I liked and enjoyed the three days for two reasons - I had an opportunity to package most of my experience and research in the field of Security Testing, and the attendees were very smart. I have been covering only Web Application Security Testing so far and the program at Novell had more focus on security testing even on desktop products and clients (It is under Non-disclosure so I can publish the course agenda here).

Having done about 15 programs on Security Testing in the last few months, I am happy to say that there is now a clear focus in companies on the skillset (and mindset) needed for Security Testing.
Posted by at
Labels: , , , , ,

5 comments:

  1. Inder P SinghMay 13, 2009 at 4:40 AM

    The security testing service providers and tool vendors have also realized the improved focus of companies on security testing. We should see more developments in this space in the coming future.

    Information security is a vast area of knowledge. Many companies (especially the bigger ones) have a security policy in place. Processes are created and systems are built/ enhanced to implement security. It is important to perform security testing on all systems (whether external-facing or internal) being used by the company. There can be threats to information security both outside the company (competitors, hackers etc.) as well as inside the company (e.g. dissatisfied employees). This is why I am not surprised that the company named in your post considered desktop products and clients for security testing. In fact, security testing (or at least, a security assessment) should also be done on other items in use e.g. operating systems, utility programs as well.

    Thanks,
    Inder P Singh
    Blog: Software Testing Space @ http://inderpsingh.blogspot.com/
    LI profile @ http://www.linkedin.com/pub/9/593/816

    ReplyDelete
  2. Ashwin PalaparthiMay 14, 2009 at 3:42 AM

    Sure. But given that many companies started more explicit activities like investing in training programs etc, just highlighting the call for "increased" awareness in the ecosystem. Nothing specific about one company, and nothig to surprise either; externalizing the trend that I am experiencing.

    ReplyDelete
  3. Ashish Kumar JhaMay 28, 2009 at 9:51 PM

    I was one of the lucky person who were "Student" at this training @ Novell. You really rock. The way you explained us the whole picture of Security, It was fabulous. We came to know about several tools which, We have started using to test our products.

    Thanks again.
    Ashish Kumar Jha
    www.ashishkumarjha.com

    ReplyDelete
  4. Ashwin PalaparthiJune 1, 2009 at 3:48 AM

    thanks ashish, glad to read your note and to especially hear about the value you gained!

    ReplyDelete
  5. AnonymousJune 28, 2010 at 5:58 AM

    This comment has been removed by a blog administrator.

    ReplyDelete

Subscribe to: Post Comments (Atom)