In this session, we will be revisiting @saskia’s talk from TestBash Manchester 2019. Saskia will join us on the main stage for a chat whilst we watch the talk and discuss what was said back in 2019 and what could have changed since then.
We’ll use this Club thread to share resources mentioned during the session and answer any questions we don’t get to during the live session.
I don’t think that is realistic, unless you’re developing something really simple. A little bit like saying software will definitely be released bug. On top of that, there may be no known vulnerabilities in a package that you are using now but down the road something may be discovered.
Depending on the nature of your product/company, there are certifications that you can get that don’t say “my software is bulletproof” but does say “we are doing the right things to make our software secure.”
Just my thoughts (hope im okay chipping in on discussion) but it is something to be concerned with. Unless these people are involved in your day to day (not something i’ve seen), it is important to think about these things in much the same way that we shift testing left. You don’t want to find a big security flaw in your system towards the end of the project!