The Application Security Verification Standard (ASVS) is a standard that every tester and developer must read! A tester/developer has to use parts of it in their daily routine. Let me explain what the ASVS is  and why to use it? The ASVS is developed in the OWASP community http://owasp.org/. OWASP is a worldwide and open [...]

Last month I wrote an article in the Computable about the added value of evaluations over testing. I translated the article and posted it on this blog. A colleague of mine mailed me about it and about the use of the V-Model, Agile development and other things related to evaluations. He came up with the [...]

The 10th of september I gave a presentation about security testing. This was at a seminar organised by Sogeti Nederland B.V. (the company we both work for). This event had the theme “Testing in the new world” and gave the audience a view of testing in the world of the future. The tracks in the [...]