出版社:International Association for Computer Information Systems
摘要:This paper exposes the growing importance of Web Application Security Testing (WAST) in industry and why adequate training on such systems must be included in Information Technology (IT) and Information Systems (IS) curricula at higher education institutions. Hardly any academic research studies have approached whether or not the competence of industry professionals in the field of Web software security testing is affected by the type of education they received while at college or university. Therefore, this paper will provide meaningful data that may be used by higher education institutions in the United States to further develop their IT programs. Since many higher education institutions do not offer training on Web application security as a part of their IT programs, it is important to understand the expectations of the industry from those who are most familiar with it. The study will give insight to the Web application security- related knowledge of 18 Senior Software Quality Analysts. Nine of the subjects work at a Fortune 500 Financial Institution and another nine participate in an open collaborative software quality testing Web site called “UTest.com.” Research will reveal the method of training through which they obtained their knowledge and if they believe that colleges and universities are well-equipped to provide Web application and security training. This study posits that software security testing is a discipline that should be included in all college and university IT curricula. It will hopefully serve as a blueprint for future software testing, software security testing and Web application security testing courses at institutions of higher learning across the country.
关键词:Software Test Automation (STA);Application Security Testing (AST); Software;Security Testing (SST); Web Application;Security Testing (WAST); Software Security;Testing Tools (SSTT).
