How To Cyber Security: Software Testing Is Cool
HWM Singapore|July 2020
How To Cyber Security: Software Testing Is Cool
That is a title I never expected to write. My father was a developer, and I was sure I would follow in his footsteps. For 34 years, he wrote C and C++ code for Bell Labs. At home we had first a TRS-80, then a Commodore 64 upon which I learned the fundamentals of programming.
Jonathan Knudsen

I love the open-ended creativity of programming, the idea that you start with an empty editor window and breathe life into an application, line by line, feature by feature. That said, I had the dimmest possible view of software testing. I knew it was important, in the same way that dental hygiene is important, or eating your vegetables, or getting the oil changed in your car.

Testing seemed boring. Testing seemed like something that other people should have to do. Many developers also believe this, that they are Batman and the rest of the product team is Robin and Alfred. In truth, it is much more of a Justice League situation.

ENTER SECURITY TESTING

In 2011 I joined a small Finnish company, Codenomicon, and had my mind thoroughly blown. I learned about fuzz testing, delivering intentionally malformed inputs to software to see if something bad happens. Fuzzing is a great way to locate unknown vulnerabilities in an application. If you find them and fix them before bad people find them and exploit them, you substantially reduce your risk.

Once I understood the value of fuzz testing, I was sure that I was onto something big. “Everyone’s going to do fuzzing!” I thought to myself. “We’re going to be rich!”

While it’s true that all application teams should be doing fuzzing, I was naïve about how fast fuzzing, and security testing in general, would permeate application development. It takes time to change people’s attitudes and evolve the processes of software development. The current movement toward DevSecOps reflects the dawning realisation that security must be an integral part of the application development process.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

July 2020