Scanning tools: Nessus: http://www.tenable.com/products/nessus
External penetration testing
QA team also responsible for security, testing every field for injection attacks
Test team using tools to test the infrastructure
Game security: need to protect against lots of different kinds of attacks. Malformed packets that crash the servers, aim bots, changing asset attributes, and more. Training, code reviews, hack days where developers target each other's code
"We try not to write any security code ourselves. We assume there are pros and we are clueless."