Slashdot Mirror

← Back to Stories (view on slashdot.org)

Creating a Security Test Environment?

Posted by kdawson on from the as-sure-as-possible dept.

Enderandrew writes "Our IT department has been tasked with creating a list of authorized software, and only allowing software to be added to such a list after it has been thoroughly tested. In theory that sounds like a great idea — but how should we test apps to make sure they are secure? We have tools to scan internal websites, and we use MBSA for our Windows servers. However, I'm turning to Slashdot to ask what are the best methods for creating a test environment where I can analyze apps for security vulnerabilities. We're a multi-platform shop, but my main concern is with Windows apps."

3 of 167 comments (clear)

  1. no rootkits by eille-la · · Score: 5, Funny

    You should deny the installation of rootkits, they cause maintenance and security problems

  2. Put 20 hackers in a room... by Anonymous Coward · · Score: 5, Funny

    and refuse to give them hot pockets until they crack the program.

  3. Give it to sales by grandbastard · · Score: 5, Funny

    If a group from sales can't break an app, it's secure.

    You might also use a bunch of chimps. The only difference there is all of the poo flinging, screaming and downright annoyance factor, but it's hard to find good chimps, so it's easier to just put up with it and use folks from sales.