Menu:

Latest news:

November 27, 2006:
The Art of Software Security Testing is now available on Amazon.com

November 11, 2006
Elfriede Dustin wrote an article, The Secure Software Development Lifecycle, for DevSource Magazine. This article summarizes the Secure Software Development Lifecyle describe in Chapter 3 of The Art of Software Security Testing.

Read more...

"Software security testing may indeed be an art, but this book provides the paint-by-
numbers to perform good, solid, and appropriately destructive security testing: proof that an ounce of creative destruction is worth a pound of patching later."
- Mary Ann Davidson, Chief Security Officer, Oracle

Identifying Software Security Flaws

Software security testing is an indispensible part of building modern software. Ideally, it is performed as part of the software development lifecycle by testers armed with both software security and software testing expertise.

This website is a companion to the book "The Art Of Software Security Testing: Identifying Software Security Flaws" by Chris Wysopal, Lucas Nelson, Dino Dai Zovi, and Elfriede Dustin. Here you can find the original tools written for the book and links to other software security testing resources.

The authors bring software security and software testing expertise together to bridge the gap in knowledge and process between vulnerability researchers and quality assurance professionals.