Blog Posts Tagged with "QA"


Kicked Out of the PCI DSS Club

August 31, 2011 Added by:PCI Guru

A Qualified Security Assessor Company (QSAC) has finally had their status revoked by the PCI SSC. Based on the FAQ, it seems that CSO was not able to provide documentation that supported their conclusions regarding assessment opinions in their ROC's and ROV's they had issued...

Comments  (0)


Exploiting Software Defects for Profit is Still Illegal

January 15, 2011 Added by:Rafal Los

Apparently through a combination of social engineering of casino floor workers, and "a software glitch" (affectionately referred to as a bug) this group of people was able to steal some very real money. The short of is that they were caught because they got greedy, as they always do...

Comments  (0)


Why QA Doesn't Do Security Testing

January 06, 2011 Added by:Rafal Los

Just because you're checking for the existence of the password requirement, or making sure pages aren't accessible without authentication doesn't actually mean you're doing security testing. In reality, this is just a small part of the overall security testing that applications require...

Comments  (1)