Effective security testing of new IT products is constrained by staff shortages, inadequate equipment and crunched time--in short, by a scarcity of resources. But even with all these hurdles, security testing can--and should--be done and done well. . . .
Effective security testing of new IT products is constrained by staff shortages, inadequate equipment and crunched time--in short, by a scarcity of resources. But even with all these hurdles, security testing can--and should--be done and done well.

eWEEK Labs has access to some of the most advanced test gear, expertise and vendor support available, but many of our test practices can be modified and implemented in resource-constrained IT organizations.

In a manner of speaking, we've taken some of our security testing "recipes" and adapted them for use in a production IT department. The result is a soup-to-nuts collection of testing practices, as well as recommendations for useful security testing tools.

The good news is that nearly every security test practice is in step with the process of tuning systems and applications for optimum performance. The reason for this is simple: IT staffers must become at least advanced administrators of any system if they are to run meaningful tests on it, and, along the way, they will learn about more advanced performance-tuning techniques.

The link for this article located at eweek.com is no longer available.