Security By Testing IT
If the systems aren’t properly tested for application security, don’t be surprised if the Designers and Developers haven’t taken security as seriously as they should!
Testing IT helps Testers and Test Managers understand how to test early and often for application security. Leaving security to external penetration testers at the end of development will not find all the vulnerabilities, any more than leaving systems testing to external testers at the end of the lifecycle would. Penetration Testers are experts in pen-testing; you are experts in your systems!
Testing IT helps testers develop the right mind-set to think like attackers trying to break the application security. Treating application security as part of the normal systems development and maintenance testing activity is far more cost-effective than the alternatives!