Security Testing

From CitconWiki
Jump to navigationJump to search

Scanning tools: Nessus: http://www.tenable.com/products/nessus

External penetration testing

QA team also responsible for security, testing every field for injection attacks

Test team using tools to test the infrastructure

Game security: need to protect against lots of different kinds of attacks. Malformed packets that crash the servers, aim bots, changing asset attributes, and more. Training, code reviews, hack days where developers target each other's code

"We try not to write any security code ourselves. We assume there are pros and we are clueless."