Security for QA testers

Introducing basic security testing methods into a regular testing workflow is a cost-effective way of ensuring code quality and mitigating the risks facing the users of your application and environment. Using these simple tools and methods you could greatly increase the overall quality of your code and find potentially devastating security issues before they reach production.

So how can we introduce basic security testing into our existing QA flow? This course gives attendees hands on experience in working with basic security testing methodology, tools and implementation. It will also give attendees a working understanding of the types of attacks and vulnerabilities we commonly face in


The goal with this course is to introduce basic security testing into the Quality Assurance testing flow. This course will give attendees a basic understanding of security testing methodology, reporting and tools


    Software Developers
    QA testers
    Project Managers..


    The course comprises of four modules with workshops and hands on

    Module 1: Introduction
    • What is OWASP?
    • Attacks and problems in modern web applications

    Module 2: Code standards and methodology
    • OWASP top 10.
    • OWASP Testing Guide v4
    • Reporting methodology

    Module 3: Tools of the trade
    • Burp Suite and other Proxies
    • SoapUI and integration with other tools

    Module 4: Putting it all together
    • Planning & Scope
    • Simulated Testing Engagement
    • Reporting and follow-up


    Johan Rydberg Möller, GPEN.

    Johan is an experienced web application penetration tester and security advisor. He has several years of experience working with application security and secure development for many multinational clients.



    Company specific


    1 dagar




    7800:- exkl. VAT


    Kursansvarig: Thomas Stjern
    +46(0)708 100 559