Alex Makumbi
14 April 2017
The “test early, test often” strategy improves software security because the testing for software vulnerabilities is carried out throughout the entire development life-cycle. The testing of software does not wait until the software is created - waiting to test until the software is created is often ineffective and cost-prohibitive. However, with “test early, test often” the testing is done early to ensure that when a bug is detected early within the Software Development Life-Cycle (SDCL) it can be handled appropriately at that exact moment resulting in cut costs and increased effectiveness.
As OWASP Testing Guide outlines, an effective testing program should have components that test – People, Process and Technology. The implementation of “test early, test often” strategy greatly improves software security because people working on a software product are able to be tested early and often to make sure they have an adequate education and awareness as it pertains to their respective roles. People would also be tested for their understanding of processes to ensure they are able to follow security policies and standards. Testing technology early and often to make sure process are effective in implementation all enhances the improvement of software security (Muller Andrew and Meucci Matteo, 2016).
Sources:
Muller Andrew and Meucci Matteo. 2016. OWASP Testing Guide 4.0. Creative Commons (CC) Attribution Share-Alike. Retrieved from https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents (On 20th 2017)