Security for Software Testers
Testing is a key part of development life-cycle, from checking your functional requirements actually work to constraining development to keep code focused and concise (TDD). Security testing however is often not conducted inside our life-cycle. We often wait until development is completed and ask third party penetration testing firms to find our issues for us.
This is a particularly bad idea in fast paced development teams.
Bugs are often missed or are found too late to remediate. Cost of remediation escalates and our systems become tightly coupled and increasingly fragile as a result.
Why would we want to finish engineering before finding fundamental security issues? Shouldn't we try to find these as early and often as possible? Shouldn't we take every opportunity to identify security flaws in our applications?
SafeStack helps teams weave security testing into their own testing lifecycle and tool chains without compromising agility or innovation.
This course is aligned with the Open Web Application Security Project (OWASP) top 10 application security vulnerabilities. These include:
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
In addition to these vulnerabilities, students will gain a solid grounding in how to bring security into their testing tool-sets and working practices. This includes:
Security test cases, stories and what to test
Manual security testing key skills (parameter tampering, proxying and other basics)
Introduction to security testing frameworks
Automated security testing
Introduction to vulnerability scanning
Automated vulnerability scanning as part of development tool chains
This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs and exercises to test students and let them experiment with the security in action.
2 days (08:30 - 16:30)
SUITABLE FOR ROLES
Price per person
$1200 (excluding GST)