Last week I`ve visit 4 different customers, a telecom operator, a insurance company, a government department and a IT-company. With all these customers we had a discussion about security testing. At this moment these organizations don’t test application security enough. In each of these conversations I explained how a functional tester can test the login [...]

The Application Security Verification Standard (ASVS) is a standard that every tester and developer must read! A tester/developer has to use parts of it in their daily routine. Let me explain what the ASVS is  and why to use it? The ASVS is developed in the OWASP community http://owasp.org/. OWASP is a worldwide and open [...]

The 10th of september I gave a presentation about security testing. This was at a seminar organised by Sogeti Nederland B.V. (the company we both work for). This event had the theme “Testing in the new world” and gave the audience a view of testing in the world of the future. The tracks in the [...]