A functionally working code is just not anymore enough.
I have been 18 years in the hacking arena & my views about the software are still absurd in terms of security since I started. I unconventionally look at security.
Edward Snowden is admired and disliked at the same time for whatever he did. We hear criticisms such as, there is a right way of doing it, and he could have done it differently. Or, that is a sickening act by Snowden. Well, the revolution has never been straightforward.
All of us need secure applications for our clients. Sadly, we have fallen into the trap of shallow security testing and lack of secure coding principles due to whatsoever reasons. By this, I mean most of the companies are super conventional in the way they manage security testing. And also, most of the security specialists and leaders in security space lack a sense of security from a pragmatic perspective or an evil attitude to fight black-hat hackers. What we need is both offensive & defensive methods with a white-hat and black-hat hacker mindset working as a team.
Even today, out of 10 applications that I choose, I can hack at least 7 of them. It is just a matter of time and motivation for hackers to identify and exploit creatively. That’s garbage. Right?
In this talk, we will look into the bad traditions leading to the garbage code and what change we can bring in to eliminate the garbage for a secure tomorrow. I am confident about the audience enjoying this demonstration based talk.
Shhhhhh… What happens at Agile Testing Days stays at Agile Testing Days!