Security for QA testers
Introducing basic security testing methods into a regular testing workflow is a cost-effective way of ensuring code quality and mitigating the risks facing the users of your application and environment. Using these simple tools and methods you could greatly increase the overall quality of your code and find potentially devastating security issues before they reach production.
So how can we introduce basic security testing into our existing QA flow? This course gives attendees hands on experience in working with basic security testing methodology, tools and implementation. It will also give attendees a working understanding of the types of attacks and vulnerabilities we commonly face in
The goal with this course is to introduce basic security testing into the Quality Assurance testing flow. This course will give attendees a basic understanding of security testing methodology, reporting and tools
The course comprises of four modules with workshops and hands on
Module 1: Introduction
• What is OWASP?
• Attacks and problems in modern web applications
Module 2: Code standards and methodology
• OWASP top 10.
• OWASP Testing Guide v4
• Reporting methodology
Module 3: Tools of the trade
• Burp Suite and other Proxies
• SoapUI and integration with other tools
Module 4: Putting it all together
• Planning & Scope
• Simulated Testing Engagement
• Reporting and follow-up
Johan Rydberg Möller, GPEN.
Johan is an experienced web application penetration tester and security advisor. He has several years of experience working with application security and secure development for many multinational clients.
7800:- exkl. VAT
Kursansvarig: Thomas Stjern
+46(0)708 100 559