Submission + - Putting Security Into Your QA Test Plan
nobody writes: QASec.com has written an interesting article about how a QA team can incorporate security testing into their existing cycle. "In addition to documenting customer use cases it's important to begin the process of documenting what an attacker may attempt against your application as well and incorporating these attacker 'use cases' into a security section of your standard test plan."