Vulnerability testing

[Lord Saru]

As more and more people become conscious about the vulnerability of applications and privacy of their data, it has become important for coders to learn to secure their application as well as perform vulnerability testing on it.

I was wondering how do coders and programmers do vulnerability testing before preparing the release candidate version? Do you vet each line in the code or perform testing in neutral sandbox environment or do you do both? Are there any other strategy that you use?

 

[Hungry Ego]

The company I work for has QA testers who go in and push all of the buttons and view all of the pages/gadgets that a product has.

That is more-so for functionality, but it would also be good to see what data is collected, and then an "ethical hacker" can try to grab said encrypted info and see how difficult it was/what can be done to prevent said "breach".

 

[reptile6]

I really don't do anything special of that. I never had such big project or my scripts don't need registered users, just provide content. When I get bigger project I will give more attention to it. So far I only replace default passwords from hosting provider and make special user in Wordpress for publishing content without admin privilages.