QA is a critical security function, which is often totally missed by everyone. A vulnerability is nothing more than a specific type of defect which is QA realm.
Well, I won't say a vulnerability a defect as any other defect. Most defect are bounded and their impact are limited (even I don't like bugs as anyone). Vulnerabilities impact could be worst : no more availability, data leakage, user privacy etc..
Still you are right on the QA role. The QA team at software engineering departement has a huge role to play in securing software.
QA is a critical security function, which is often totally missed by everyone. A vulnerability is nothing more than a specific type of defect which is QA realm.
Well, I won't say a vulnerability a defect as any other defect. Most defect are bounded and their impact are limited (even I don't like bugs as anyone). Vulnerabilities impact could be worst : no more availability, data leakage, user privacy etc..
Still you are right on the QA role. The QA team at software engineering departement has a huge role to play in securing software.