I’ve been following the Microsoft hacking blog %41%43%45%20%54%65%61%6d (can you decipher that?) for a while now, but its content isn’t necessarily what you may be thinking… posts on how to hack Microsoft products? Nope, instead the content of the blog is written by hackers that now work at Microsoft. You know, the white hat kind. If you can’t beat ’em, hire ’em? There aren’t a lot of posts, but when there do post they tend to be interesting.
The latest post First Line of Defense for Web Applications – Part 1 had a lot in common with a recent project I’d been working on, and the image they created to illustrate their point is a beautiful summary for their post and also for what I was working on. What the image portrays is a very common problem, a problem that a lot of testers don’t know how to test for, or help enforce with good requirements:
This series should be good and I look forward to the next post. So should you.
While I’m at it, make sure and check out a little less of a white hat perspective at http://ha.ckers.org/. There is a ton of valuable stuff here, stuff that has worked its way into my test cases.