In the OWASP Testing Guide they discuss several testing stra

In the OWASP Testing Guide, they discuss several testing strategies. One of them is; \"test early, test often\". Why do you think this testing strategy improves software security?

Solution

Test Early and Test often strategy improves the software security to great extent. When a bug is detected early

within the SDLC it can be addressed faster and at a lower cost. A security bug is no different from a functional or

performance-based bug in this regard. A key step in making this possible is to educate the development and QA

teams about common security issues and the ways to detect and prevent them. Although new libraries, tools, or

languages can help design better programs (with fewer security bugs), new threats arise constantly and developers

must be aware of the threats that affect the software they are developing. Education in security testing also helps

developers acquire the appropriate mindset to test an application from an attacker\'s perspective. This allows each

organization to consider security issues as part of their existing responsibilities. Hence by this approach one can

expect an improvement in the software security.